[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] Grys patch for captcha via email
[Thread Prev] | [Thread Next]
- Subject: Re: [PATCH] Grys patch for captcha via email
- From: jrmu <jrmu@xxxxxxxxxx>
- Date: Wed, 28 Jun 2023 14:35:21 -0700
- To: Ian Jones <ianj@xxxxxxxxxxxxx>
- Cc: codeforce@xxxxxxxxxx
Thank you for sending this patch.
I took a look and I think it is a good idea to avoid sending
username/password until the account is approved. However, this patch
has some issues.
1) It requires approval even if approval = false. We should allow
teams to still be able to automatically approve if they want.
2) This new captcha system requires 2 emails instead of 1. This increases the
amount of delay for registration. Is there a benefit in emailing the captcha
instead of just messaigng it over IRC?
To fix 1), I would suggest this diff:
--- /home/jrmu/botnow/BNC.pm Sat Jun 17 22:29:44 2023
+++ BNC.pm Wed Jun 28 14:30:39 2023
@@ -123,7 +123,11 @@
} elsif (main::isstaff($bot, $nick) && $text =~ /^approve\s+([[:ascii:]]+)/) {
my $username = $1;
if (SQLite::selectrows("bnc", "username", $username)) {
- main::putserv($bot, "PRIVMSG *blockuser :unblock $username");
+ my $email = SQLite::get("bnc", "username", $username, "email");
+ my $password = Hash::newpass();
+ main::putserv($bot,"privmsg *controlpanel :set Password $username $password");
+ main::putserv($bot, "PRIVMSG *blockuser :unblock $username");
+ mailbncApproved($username,$email,$password);
foreach my $chan (@teamchans) {
main::putserv($bot, "PRIVMSG $chan :$username bnc approved");
}
@@ -165,14 +169,16 @@
if (DNS::nextdns($username)) {
sleep(2);
createbnc($bot, $username, $pass, $bindhost);
- main::putserv($bot, "PRIVMSG $nick :Check your email!");
- mailbnc($username, $email, $pass, "bouncer", $hashirc);
if ($approval eq "true") {
main::putserv($bot, "PRIVMSG *blockuser :block $username");
- main::putserv($bot, "PRIVMSG $nick :Your account has been created but must be manually approved by your admins ($staff) before it can be used.");
+ main::putserv($bot, "PRIVMSG $nick :Your account has been created but must be approved by your admins ($staff) before it can be used. Please reply to the email and contact staff over IRC.");
+ mailbncPending($username, $email);
foreach my $chan (@teamchans) {
- main::putservlocalnet($bot, "PRIVMSG $chan :$staff: $nick\'s account $username must be manually unblocked before it can be used.");
+ main::putservlocalnet($bot, "PRIVMSG $chan :$staff: To approve $nick, you must type !bnc approve $username");
}
+ } else {
+ main::putserv($bot, "PRIVMSG $nick :Check your email!");
+ mailbnc($username, $email, $pass, "bouncer", $hashirc);
}
foreach my $chan (@teamchans) {
main::putservlocalnet($bot, "PRIVMSG $chan :$staff: $nick\'s bnc registration of $username on $bot->{name} was successful, *but* you *must* help him connect. Most users are unable to connect. Show him https://wiki.ircnow.org/?n=Bouncer.Bouncer and give him connection instructions");
On Thu, Jun 15, 2023 at 08:26:06AM -0400, Ian Jones wrote:
> Please ignore previous patch, it included some local changes.
>
> This one has been applied to a clean clone of botnow repo.
>
> Regards,
>
> Ian
>
> ---
> BNC.pm | 58 +++++++++++++++++++++++++++++++++++++++-------------------
> 1 file changed, 39 insertions(+), 19 deletions(-)
>
> diff --git a/BNC.pm b/BNC.pm
> index 0d92083..e096b90 100644
> --- a/BNC.pm
> +++ b/BNC.pm
> @@ -123,7 +123,11 @@ sub mbnc {
> } elsif (main::isstaff($bot, $nick) && $text =~ /^approve\s+([[:ascii:]]+)/) {
> my $username = $1;
> if (SQLite::selectrows("bnc", "username", $username)) {
> + my $email = SQLite::get("bnc", "username", $username, "email");
> + my $password = Hash::newpass();
> + main::putserv($bot,"privmsg *controlpanel :set Password $username $password");
> main::putserv($bot, "PRIVMSG *blockuser :unblock $username");
> + mailbncApproved($username,$email,$password);
> foreach my $chan (@teamchans) {
> main::putserv($bot, "PRIVMSG $chan :$username bnc approved");
> }
> @@ -165,8 +169,8 @@ sub mbnc {
> if (DNS::nextdns($username)) {
> sleep(2);
> createbnc($bot, $username, $pass, $bindhost);
> - main::putserv($bot, "PRIVMSG $nick :Check your email!");
> - mailbnc($username, $email, $pass, "bouncer", $hashirc);
> + main::putserv($bot, "PRIVMSG $nick :Wait, we will approve your bouncer account soon.");
> + mailbncPending($username, $email);
> if ($approval eq "true") {
> main::putserv($bot, "PRIVMSG *blockuser :block $username");
> main::putserv($bot, "PRIVMSG $nick :Your account has been created but must be manually approved by your admins ($staff) before it can be used.");
> @@ -226,10 +230,11 @@ sub mbnc {
> SQLite::set("bnc", "ircid", $ircid, "hashid", $hashid);
> main::whois($bot->{sock}, $nick);
> main::ctcp($bot->{sock}, $nick);
> - main::putserv($bot, "PRIVMSG $nick :".`figlet $captcha`);
> + mailbnc($username, $email, $captcha);
> + # main::putserv($bot, "PRIVMSG $nick :".`figlet $captcha`);
> #main::putserv($bot, "PRIVMSG $nick :https://$hostname/$hashid/captcha.png";);
> #main::putserv($bot, "PRIVMSG $nick :https://$hostname/register.php?hashirc=$hashid";);
> - main::putserv($bot, "PRIVMSG $nick :Type !bnc captcha <text>");
> + main::putserv($bot, "PRIVMSG $nick :Check your email and Type !bnc captcha <text>");
> foreach my $chan (@teamchans) {
> main::putservlocalnet($bot, "PRIVMSG $chan :$nick\'s on $bot->{name} bnc captcha is $captcha");
> }
> @@ -408,23 +413,29 @@ EOF
> return 1;
> }
> sub mailbnc {
> - my( $username, $email, $password, $service, $hashirc )=@_;
> + my( $username, $email, $captcha )=@_;
> my $passhash = sha256_hex("$username");
> my $approvemsg;
> - if ($approval eq "true") {
> - $approvemsg = <<"EOF";
>
> -*IMPORTANT*: Your account has been created but it has not yet been
> -approved. To get your account approved, please contact your admins
> -$staff on IRC and by email.
> +my $body = <<"EOF";
> +Welcome to $bot->{name}!
> +
> +Please message this number on IRC:
> +
> +!bnc captcha $captcha
>
> +$bot->{name}
> EOF
> - }
> + main::mail($mailfrom, $email, $mailname, "Verify $bot->{name} Account $username", $body);
> +}
> +
> +sub mailbncApproved {
> + my( $username, $email, $password)=@_;
>
> my $body = <<"EOF";
> -Welcome to IRCNow!
> +Welcome to $bot->{name}!
>
> -You created a bouncer:
> +We created a bouncer:
>
> Username: $username
> Password: $password
> @@ -432,15 +443,24 @@ Server: $bnchostname
> Port: $sslport for SSL (secure connection)
> Port: $plainport for plaintext
> Webpanel: $webpanel
> -$approvemsg
> -*IMPORTANT*: Verify your email address:
>
> -Please reply to this email to indicate you have received the email. You must
> -reply in order to keep your account.
> +$bot->{name}
> +EOF
> + main::mail($mailfrom, $email, $mailname, "Welcome to $bot->{name} Bouncer, $username", $body);
> +}
> +
> +sub mailbncPending {
> + my( $username, $email)=@_;
> +
> +my $body = <<"EOF";
> +$bot->{name} bouncer $username account verified. Thank you.
> +
> +Please wait for account approval. It may take up to 48 hours.
> +Then we will send you login instructions.
>
> -IRCNow
> +$bot->{name}
> EOF
> - main::mail($mailfrom, $email, $mailname, "Verify IRCNow Account", $body);
> + main::mail($mailfrom, $email, $mailname, "$bot->{name} Bouncer $username account verified", $body);
> }
>
> sub mtaillog {
> --
> 2.37.3
>
>
--
jrmu
IRCNow (https://ircnow.org)
![https://$hostname/$hashid/captcha.png"](https://$hostname/$hashid/captcha.png"){kind=link}
Attachment:
signature.asc
Description: PGP signature
| [PATCH] Grys patch for captcha via email | Ian Jones <ianj@xxxxxxxxxxxxx> |