From c9e9debd705c39a503b8a6a84cd23efc2a69098f Mon Sep 17 00:00:00 2001
From: b1ek <me@blek.codes>
Date: Mon, 17 Apr 2023 15:23:10 +1000
Subject: [PATCH] add fake captcha fields

---
 routes/main.js | 10 +++++++++-
 views/main.pug |  9 ++++++---
 2 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/routes/main.js b/routes/main.js
index 92767a5..bce9b3f 100644
--- a/routes/main.js
+++ b/routes/main.js
@@ -11,7 +11,15 @@ async function index(req, res) {
         req.session.captcha = crypto.randomBytes(8).toString('base64').substring(0, 6);
     }
 
-    req.session.captcha_input = crypto.randomBytes(8).toString('base64').substring(0,10);
+    req.session.captcha_input = crypto.randomBytes(8).toString('base64').substring(0,crypto.randomInt(10,16));
+    let fake_fields = [];
+    const n = crypto.randomInt(10,20);
+    for (let i = 0; i != n; i++) {
+        fake_fields.push(crypto.randomBytes(8).toString('base64').substring(0,crypto.randomInt(10,16)))
+    }
+
+    req.session.fake_fields = fake_fields;
+
     if (!req.session.csrf)
         req.session.csrf = crypto.randomBytes(10).toString('base64');
 
diff --git a/views/main.pug b/views/main.pug
index 0d80d88..f327bdc 100644
--- a/views/main.pug
+++ b/views/main.pug
@@ -7,14 +7,17 @@ block content
     - var exceeded = submitted >= process.env.MAXFILES
     form(action='/upload' method='POST')
         input(type='hidden' name='_csrf' value=req.session.csrf)
-        p(align='center')
-            textarea(name='text' class='data' placeholder='Put your text in here!' + (maxlen ? ` (Max length is ${maxlen} bytes)` : ''))
+        p(align='center' style='padding-bottom:10px')
+            textarea(name='text' class='data' placeholder='Put your text in here!' + (maxlen ? ` (Max length is ${maxlen} bytes)` : ''))= req.session.last_text
             br
             if (!exceeded)
                 br
                 | Captcha:
                 br
-                input(type='text' name=req.session.captcha_input)
+                input(type='text' name=req.session.captcha_input style='font-family:monospace;text-align:center;padding:8px 0')
+                div(style='display:flex;dispaly:box;display:none')
+                    each field in req.session.fake_fields
+                        input(type='text' name=field style='font-family:monospace;text-align:center')
         if (!exceeded)
             +captcha(req.session.captcha)
             p(align='center' style='padding-bottom:10px')