diff --git a/src/invidious/users.cr b/src/invidious/users.cr index 28879d232..7caefb7c9 100644 --- a/src/invidious/users.cr +++ b/src/invidious/users.cr @@ -262,6 +262,10 @@ def validate_response(challenge, token, user_id, operation, key, db) end def generate_captcha(key, db) + second = Random::Secure.rand(12) + second_angle = second * 30 + second = second * 5 + minute = Random::Secure.rand(12) minute_angle = minute * 30 minute = minute * 5 @@ -290,6 +294,7 @@ def generate_captcha(key, db) 12 + @@ -303,7 +308,7 @@ def generate_captcha(key, db) image = "data:image/png;base64,#{image}" end - answer = "#{hour}:#{minute.to_s.rjust(2, '0')}" + answer = "#{hour}:#{minute.to_s.rjust(2, '0')}:#{second.to_s.rjust(2, '0')}" answer = OpenSSL::HMAC.hexdigest(:sha256, key, answer) challenge, token = create_response(answer, "sign_in", key, db) diff --git a/src/invidious/views/login.ecr b/src/invidious/views/login.ecr index 69f04ed2b..f9c5029c0 100644 --- a/src/invidious/views/login.ecr +++ b/src/invidious/views/login.ecr @@ -28,7 +28,8 @@ - + +