From f2a60fedccabba829d814916c7c64f6b7bbbc63d Mon Sep 17 00:00:00 2001 From: Xe Iaso Date: Fri, 29 Aug 2025 19:12:38 +0000 Subject: [PATCH] fix(challenge/preact): ensure that the client waits as long as it needs to Signed-off-by: Xe Iaso --- lib/challenge/preact/js/app.jsx | 2 -- lib/challenge/preact/preact.go | 7 +++++++ 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/lib/challenge/preact/js/app.jsx b/lib/challenge/preact/js/app.jsx index 10decac2..54cfafcc 100644 --- a/lib/challenge/preact/js/app.jsx +++ b/lib/challenge/preact/js/app.jsx @@ -34,8 +34,6 @@ const App = () => { setPassed(true); }, state.difficulty * 100); - console.log(challenge); - return () => clearTimeout(timer); }, [challenge]); diff --git a/lib/challenge/preact/preact.go b/lib/challenge/preact/preact.go index 8081ef96..326992de 100644 --- a/lib/challenge/preact/preact.go +++ b/lib/challenge/preact/preact.go @@ -8,6 +8,7 @@ import ( "io" "log/slog" "net/http" + "time" "github.com/TecharoHQ/anubis" "github.com/TecharoHQ/anubis/internal" @@ -56,6 +57,12 @@ func (i *impl) Issue(r *http.Request, lg *slog.Logger, in *challenge.IssueInput) } func (i *impl) Validate(r *http.Request, lg *slog.Logger, in *challenge.ValidateInput) error { + wantTime := in.Challenge.IssuedAt.Add(time.Duration(in.Rule.Challenge.Difficulty) * 95 * time.Millisecond) + + if time.Now().Before(wantTime) { + return challenge.NewError("validate", "insufficent time", fmt.Errorf("%w: wanted user to wait until at least %s", wantTime.Format(time.RFC3339))) + } + got := r.FormValue("result") want := internal.SHA256sum(in.Challenge.RandomData)