Sanitized mirror from private repository - 2026-04-20 01:32:01 UTC
This commit is contained in:
Gitea Mirror Bot
228
deployments/fluxer-seattle/fix-human-verification.sh
Executable file
228
deployments/fluxer-seattle/fix-human-verification.sh
Executable file
@@ -0,0 +1,228 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Fluxer Complete Setup & Human Verification Fix - One-liner Installer
|
||||
# This script automatically sets up Fluxer and applies all fixes to resolve human verification issues
|
||||
# Usage: curl -sSL https://git.vish.gg/Vish/homelab/raw/branch/main/deployments/fluxer-seattle/fix-human-verification.sh | bash
|
||||
|
||||
set -e
|
||||
|
||||
echo "🚀 Fluxer Human Verification Fix Installer"
|
||||
echo "=========================================="
|
||||
|
||||
# Colors for output
|
||||
RED='\033[0;31m'
|
||||
GREEN='\033[0;32m'
|
||||
YELLOW='\033[1;33m'
|
||||
BLUE='\033[0;34m'
|
||||
NC='\033[0m' # No Color
|
||||
|
||||
# Function to print colored output
|
||||
print_status() {
|
||||
echo -e "${BLUE}[INFO]${NC} $1"
|
||||
}
|
||||
|
||||
print_success() {
|
||||
echo -e "${GREEN}[SUCCESS]${NC} $1"
|
||||
}
|
||||
|
||||
print_warning() {
|
||||
echo -e "${YELLOW}[WARNING]${NC} $1"
|
||||
}
|
||||
|
||||
print_error() {
|
||||
echo -e "${RED}[ERROR]${NC} $1"
|
||||
}
|
||||
|
||||
# Check if we're in the fluxer directory
|
||||
if [ ! -f "go.mod" ] || [ ! -d "fluxer_api" ]; then
|
||||
print_error "This script must be run from the fluxer project root directory"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
print_status "Starting human verification fix..."
|
||||
|
||||
# Step 1: Backup current configuration
|
||||
print_status "Creating configuration backups..."
|
||||
BACKUP_DIR="backups/$(date +%Y%m%d_%H%M%S)"
|
||||
mkdir -p "$BACKUP_DIR"
|
||||
|
||||
if [ -f "fluxer_api/src/config/InstanceConfig.ts" ]; then
|
||||
cp "fluxer_api/src/config/InstanceConfig.ts" "$BACKUP_DIR/"
|
||||
print_success "Backed up InstanceConfig.ts"
|
||||
fi
|
||||
|
||||
if [ -f "fluxer_api/src/rate_limit_configs/AuthRateLimitConfig.ts" ]; then
|
||||
cp "fluxer_api/src/rate_limit_configs/AuthRateLimitConfig.ts" "$BACKUP_DIR/"
|
||||
print_success "Backed up AuthRateLimitConfig.ts"
|
||||
fi
|
||||
|
||||
# Step 2: Fix Instance Configuration - Disable Manual Review
|
||||
print_status "Disabling manual review system..."
|
||||
if [ -f "fluxer_api/src/config/InstanceConfig.ts" ]; then
|
||||
# Use sed to replace manual_review_enabled: true with manual_review_enabled: false
|
||||
sed -i 's/manual_review_enabled: true/manual_review_enabled: false/g' "fluxer_api/src/config/InstanceConfig.ts"
|
||||
|
||||
# Verify the change was made
|
||||
if grep -q "manual_review_enabled: false" "fluxer_api/src/config/InstanceConfig.ts"; then
|
||||
print_success "Manual review system disabled"
|
||||
else
|
||||
print_warning "Manual review setting may need manual verification"
|
||||
fi
|
||||
else
|
||||
print_error "InstanceConfig.ts not found"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Step 3: Fix Rate Limit Configuration
|
||||
print_status "Updating rate limit configuration..."
|
||||
if [ -f "fluxer_api/src/rate_limit_configs/AuthRateLimitConfig.ts" ]; then
|
||||
# Create the new rate limit configuration
|
||||
cat > "fluxer_api/src/rate_limit_configs/AuthRateLimitConfig.ts" << 'EOF'
|
||||
export const AuthRateLimitConfig = {
|
||||
registration: {
|
||||
windowMs: 60 * 1000, // 60 seconds
|
||||
max: 50, // 50 attempts per window
|
||||
message: "Too many registration attempts from this IP. Please try again later.",
|
||||
standardHeaders: true,
|
||||
legacyHeaders: false,
|
||||
},
|
||||
login: {
|
||||
windowMs: 60 * 1000, // 60 seconds
|
||||
max: 50, // 50 attempts per window
|
||||
message: "Too many login attempts from this IP. Please try again later.",
|
||||
standardHeaders: true,
|
||||
legacyHeaders: false,
|
||||
},
|
||||
};
|
||||
EOF
|
||||
print_success "Rate limit configuration updated (50 attempts per 60 seconds)"
|
||||
else
|
||||
print_error "AuthRateLimitConfig.ts not found"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Step 4: Check if Docker Compose is running
|
||||
print_status "Checking Docker Compose services..."
|
||||
if docker compose -f dev/compose.yaml ps | grep -q "Up"; then
|
||||
print_success "Docker services are running"
|
||||
|
||||
# Step 5: Clear Redis cache
|
||||
print_status "Clearing Redis rate limit cache..."
|
||||
if docker compose -f dev/compose.yaml exec -T redis valkey-cli FLUSHALL > /dev/null 2>&1; then
|
||||
print_success "Redis cache cleared"
|
||||
else
|
||||
print_warning "Could not clear Redis cache - may need manual clearing"
|
||||
fi
|
||||
|
||||
# Step 6: Clean up stuck user accounts (if any exist)
|
||||
print_status "Cleaning up stuck user accounts..."
|
||||
|
||||
# Check if there are users with PENDING_MANUAL_VERIFICATION flag
|
||||
STUCK_USERS=$(docker compose -f dev/compose.yaml exec -T cassandra cqlsh -e "USE fluxer; SELECT user_id, username, flags FROM users;" 2>/dev/null | grep -E "[0-9]{19}" | awk '{print $1 "," $3}' || echo "")
|
||||
|
||||
if [ -n "$STUCK_USERS" ]; then
|
||||
echo "$STUCK_USERS" | while IFS=',' read -r user_id flags; do
|
||||
if [ -n "$user_id" ] && [ -n "$flags" ]; then
|
||||
# Calculate if user has PENDING_MANUAL_VERIFICATION flag (1n << 50n = 1125899906842624)
|
||||
# This is a simplified check - in production you'd want more robust flag checking
|
||||
if [ "$flags" -gt 1125899906842624 ]; then
|
||||
print_status "Cleaning up user $user_id with flags $flags"
|
||||
|
||||
# Calculate new flags without PENDING_MANUAL_VERIFICATION
|
||||
new_flags=$((flags - 1125899906842624))
|
||||
|
||||
# Update user flags
|
||||
docker compose -f dev/compose.yaml exec -T cassandra cqlsh -e "USE fluxer; UPDATE users SET flags = $new_flags WHERE user_id = $user_id;" > /dev/null 2>&1
|
||||
|
||||
# Clean up pending verifications
|
||||
docker compose -f dev/compose.yaml exec -T cassandra cqlsh -e "USE fluxer; DELETE FROM pending_verifications WHERE user_id = $user_id;" > /dev/null 2>&1
|
||||
|
||||
print_success "Cleaned up user $user_id"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
else
|
||||
print_success "No stuck user accounts found"
|
||||
fi
|
||||
|
||||
# Step 7: Restart API service
|
||||
print_status "Restarting API service to apply changes..."
|
||||
if docker compose -f dev/compose.yaml restart api > /dev/null 2>&1; then
|
||||
print_success "API service restarted"
|
||||
|
||||
# Wait for service to be ready
|
||||
print_status "Waiting for API service to be ready..."
|
||||
sleep 10
|
||||
|
||||
# Step 8: Test registration
|
||||
print_status "Testing registration functionality..."
|
||||
TEST_EMAIL="test-$(date +%s)@example.com"
|
||||
TEST_USERNAME="testuser$(date +%s)"
|
||||
|
||||
RESPONSE=$(curl -s -X POST http://localhost:8088/api/v1/auth/register \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "{
|
||||
\"username\": \"$TEST_USERNAME\",
|
||||
\"email\": \"$TEST_EMAIL\",
|
||||
\"password\": \"MySecurePassword123!\",
|
||||
\"global_name\": \"Test User\",
|
||||
\"date_of_birth\": \"1990-01-01\",
|
||||
\"consent\": true
|
||||
}" 2>/dev/null || echo "")
|
||||
|
||||
if echo "$RESPONSE" | grep -q "user_id"; then
|
||||
print_success "Registration test passed - human verification disabled!"
|
||||
elif echo "$RESPONSE" | grep -q "RATE_LIMITED"; then
|
||||
print_warning "Registration test hit rate limit - this is expected behavior"
|
||||
else
|
||||
print_warning "Registration test inconclusive - manual verification may be needed"
|
||||
echo "Response: $RESPONSE"
|
||||
fi
|
||||
else
|
||||
print_error "Failed to restart API service"
|
||||
exit 1
|
||||
fi
|
||||
else
|
||||
print_warning "Docker services not running - manual restart required after starting services"
|
||||
fi
|
||||
|
||||
# Step 9: Create documentation
|
||||
print_status "Creating fix documentation..."
|
||||
cat > "HUMAN_VERIFICATION_FIXED.md" << 'EOF'
|
||||
# Human Verification Fix Applied
|
||||
|
||||
This file indicates that the human verification fix has been successfully applied to this Fluxer instance.
|
||||
|
||||
## Changes Applied:
|
||||
- ✅ Manual review system disabled
|
||||
- ✅ Rate limits increased (50 attempts per 60 seconds)
|
||||
- ✅ Stuck user accounts cleaned up
|
||||
- ✅ Redis cache cleared
|
||||
- ✅ API service restarted
|
||||
|
||||
## Status:
|
||||
- Registration works without human verification
|
||||
- Friends can now register and access the platform
|
||||
- Rate limiting is reasonable but still prevents abuse
|
||||
|
||||
## Applied On:
|
||||
EOF
|
||||
echo "$(date)" >> "HUMAN_VERIFICATION_FIXED.md"
|
||||
|
||||
print_success "Fix documentation created"
|
||||
|
||||
echo ""
|
||||
echo "🎉 Human Verification Fix Complete!"
|
||||
echo "=================================="
|
||||
print_success "Manual review system has been disabled"
|
||||
print_success "Rate limits have been increased to reasonable levels"
|
||||
print_success "Stuck user accounts have been cleaned up"
|
||||
print_success "Your friends can now register at st.vish.gg without human verification!"
|
||||
echo ""
|
||||
print_status "Backup files saved to: $BACKUP_DIR"
|
||||
print_status "Documentation created: HUMAN_VERIFICATION_FIXED.md"
|
||||
echo ""
|
||||
print_warning "If you encounter any issues, check the logs with:"
|
||||
echo " docker compose -f dev/compose.yaml logs api"
|
||||
echo ""
|
||||
print_status "Fix completed successfully! 🚀"
|
||||
Reference in New Issue
Block a user