From a6fcf0dc1e44a8e9fb03b57c32d9438a9875e776 Mon Sep 17 00:00:00 2001
From: notmd <tinhmeo10@gmail.com>
Date: Wed, 25 Jan 2023 17:44:59 +0700
Subject: [PATCH 01/22] wip

---
 website/.env                                |  2 ++
 website/package-lock.json                   | 16 ++++++++++++++++
 website/package.json                        |  1 +
 website/src/components/CloudfareCaptcha.tsx |  8 ++++++++
 website/types/env.d.ts                      |  8 ++++++++
 5 files changed, 35 insertions(+)
 create mode 100644 website/src/components/CloudfareCaptcha.tsx
 create mode 100644 website/types/env.d.ts

diff --git a/website/.env b/website/.env
index 65d8b88e..4bbfe001 100644
--- a/website/.env
+++ b/website/.env
@@ -14,3 +14,5 @@ NEXTAUTH_SECRET=O/M2uIbGj+lDD2oyNa8ax4jEOJqCPJzO53UbWShmq98=
 EMAIL_SERVER_HOST=localhost
 EMAIL_SERVER_PORT=1025
 EMAIL_FROM=info@example.com
+
+NEXT_PUBLIC_CLOUDFARE_CAPTCHA_SITE_KEY=1x0000000000000000000000000000000AA
diff --git a/website/package-lock.json b/website/package-lock.json
index 348d9fad..12e69cba 100644
--- a/website/package-lock.json
+++ b/website/package-lock.json
@@ -17,6 +17,7 @@
         "@emotion/styled": "^11.10.5",
         "@headlessui/react": "^1.7.7",
         "@heroicons/react": "^2.0.13",
+        "@marsidev/react-turnstile": "^0.0.7",
         "@next-auth/prisma-adapter": "^1.0.5",
         "@next/font": "^13.1.0",
         "@prisma/client": "^4.7.1",
@@ -5541,6 +5542,15 @@
         "@jridgewell/sourcemap-codec": "1.4.14"
       }
     },
+    "node_modules/@marsidev/react-turnstile": {
+      "version": "0.0.7",
+      "resolved": "https://registry.npmjs.org/@marsidev/react-turnstile/-/react-turnstile-0.0.7.tgz",
+      "integrity": "sha512-BWXZ6/ddE96cP/U3jkLO8wbJi6qOpE4wH67h6EkD57TRy4RSauBBYKRZkuUEpfgm2wdWoPukPz4LfnoV5KJGrQ==",
+      "peerDependencies": {
+        "react": ">=16.8.0",
+        "react-dom": ">=16.8.0"
+      }
+    },
     "node_modules/@mdx-js/mdx": {
       "version": "1.6.22",
       "resolved": "https://registry.npmjs.org/@mdx-js/mdx/-/mdx-1.6.22.tgz",
@@ -41629,6 +41639,12 @@
         "@jridgewell/sourcemap-codec": "1.4.14"
       }
     },
+    "@marsidev/react-turnstile": {
+      "version": "0.0.7",
+      "resolved": "https://registry.npmjs.org/@marsidev/react-turnstile/-/react-turnstile-0.0.7.tgz",
+      "integrity": "sha512-BWXZ6/ddE96cP/U3jkLO8wbJi6qOpE4wH67h6EkD57TRy4RSauBBYKRZkuUEpfgm2wdWoPukPz4LfnoV5KJGrQ==",
+      "requires": {}
+    },
     "@mdx-js/mdx": {
       "version": "1.6.22",
       "resolved": "https://registry.npmjs.org/@mdx-js/mdx/-/mdx-1.6.22.tgz",
diff --git a/website/package.json b/website/package.json
index 40d279fe..a0112756 100644
--- a/website/package.json
+++ b/website/package.json
@@ -34,6 +34,7 @@
     "@emotion/styled": "^11.10.5",
     "@headlessui/react": "^1.7.7",
     "@heroicons/react": "^2.0.13",
+    "@marsidev/react-turnstile": "^0.0.7",
     "@next-auth/prisma-adapter": "^1.0.5",
     "@next/font": "^13.1.0",
     "@prisma/client": "^4.7.1",
diff --git a/website/src/components/CloudfareCaptcha.tsx b/website/src/components/CloudfareCaptcha.tsx
new file mode 100644
index 00000000..d4d827f4
--- /dev/null
+++ b/website/src/components/CloudfareCaptcha.tsx
@@ -0,0 +1,8 @@
+import { Turnstile } from "@marsidev/react-turnstile";
+import { forwardRef } from "react";
+
+export const CloudFareCatpcha = forwardRef((ref, props) => {
+  return <Turnstile siteKey={process.env.NEXT_PUBLIC_CLOUDFARE_CAPTCHA_SITE_KEY} />;
+});
+
+CloudFareCatpcha.displayName = "CloudFareCatpcha";
diff --git a/website/types/env.d.ts b/website/types/env.d.ts
new file mode 100644
index 00000000..959662db
--- /dev/null
+++ b/website/types/env.d.ts
@@ -0,0 +1,8 @@
+declare global {
+  namespace NodeJS {
+    interface ProcessEnv {
+      NODE_ENV: "development" | "production";
+      NEXT_PUBLIC_CLOUDFARE_CAPTCHA_SITE_KEY: string;
+    }
+  }
+}

From 3c9e5388baa176f40341f61ed01716c45e3ff1c8 Mon Sep 17 00:00:00 2001
From: notmd <tinhmeo10@gmail.com>
Date: Thu, 26 Jan 2023 01:00:31 +0700
Subject: [PATCH 02/22] add captcha to signin page

---
 .vscode/settings.json                         |  3 +-
 docker-compose.yaml                           |  2 +
 website/.env                                  |  3 +-
 website/src/components/CloudfareCaptcha.tsx   |  8 ---
 website/src/components/CloudflareCaptcha.tsx  | 20 +++++++
 website/src/lib/captcha.ts                    | 56 +++++++++++++++++++
 website/src/middleware.ts                     | 25 ++++++++-
 website/src/pages/api/auth/invalid-captcha.ts |  7 +++
 website/src/pages/auth/signin.tsx             | 19 +++++--
 website/types/env.d.ts                        |  5 +-
 10 files changed, 132 insertions(+), 16 deletions(-)
 delete mode 100644 website/src/components/CloudfareCaptcha.tsx
 create mode 100644 website/src/components/CloudflareCaptcha.tsx
 create mode 100644 website/src/lib/captcha.ts
 create mode 100644 website/src/pages/api/auth/invalid-captcha.ts

diff --git a/.vscode/settings.json b/.vscode/settings.json
index 56a51f78..c59304cb 100644
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -1,4 +1,5 @@
 {
   "python.formatting.provider": "black",
-  "python.analysis.extraPaths": ["${workspaceFolder}/oasst-shared"]
+  "python.analysis.extraPaths": ["${workspaceFolder}/oasst-shared"],
+  "prettier.singleQuote": false
 }
diff --git a/docker-compose.yaml b/docker-compose.yaml
index 908457cd..4376e25d 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -125,6 +125,8 @@ services:
       - EMAIL_FROM=info@example.com
       - NEXTAUTH_URL=http://localhost:3000
       - DEBUG_LOGIN=true
+      - NEXT_PUBLIC_CLOUDFARE_CAPTCHA_SITE_KEY=1x00000000000000000000AA
+      - CLOUDFLARE_CAPTCHA_SERCERT_KEY=1x0000000000000000000000000000000AA
     depends_on:
       webdb:
         condition: service_healthy
diff --git a/website/.env b/website/.env
index 4bbfe001..a5bb7e0a 100644
--- a/website/.env
+++ b/website/.env
@@ -15,4 +15,5 @@ EMAIL_SERVER_HOST=localhost
 EMAIL_SERVER_PORT=1025
 EMAIL_FROM=info@example.com
 
-NEXT_PUBLIC_CLOUDFARE_CAPTCHA_SITE_KEY=1x0000000000000000000000000000000AA
+NEXT_PUBLIC_CLOUDFLARE_CAPTCHA_SITE_KEY=1x00000000000000000000AA
+CLOUDFLARE_CAPTCHA_SERCERT_KEY=1x0000000000000000000000000000000AA
diff --git a/website/src/components/CloudfareCaptcha.tsx b/website/src/components/CloudfareCaptcha.tsx
deleted file mode 100644
index d4d827f4..00000000
--- a/website/src/components/CloudfareCaptcha.tsx
+++ /dev/null
@@ -1,8 +0,0 @@
-import { Turnstile } from "@marsidev/react-turnstile";
-import { forwardRef } from "react";
-
-export const CloudFareCatpcha = forwardRef((ref, props) => {
-  return <Turnstile siteKey={process.env.NEXT_PUBLIC_CLOUDFARE_CAPTCHA_SITE_KEY} />;
-});
-
-CloudFareCatpcha.displayName = "CloudFareCatpcha";
diff --git a/website/src/components/CloudflareCaptcha.tsx b/website/src/components/CloudflareCaptcha.tsx
new file mode 100644
index 00000000..ad0104f5
--- /dev/null
+++ b/website/src/components/CloudflareCaptcha.tsx
@@ -0,0 +1,20 @@
+import { useColorMode } from "@chakra-ui/react";
+import { Turnstile, TurnstileInstance, TurnstileProps } from "@marsidev/react-turnstile";
+import { forwardRef } from "react";
+
+export const CloudFlareCatpcha = forwardRef<TurnstileInstance, Omit<TurnstileProps, "siteKey">>((props, ref) => {
+  const { colorMode } = useColorMode();
+  return (
+    <Turnstile
+      ref={ref}
+      {...props}
+      siteKey={process.env.NEXT_PUBLIC_CLOUDFLARE_CAPTCHA_SITE_KEY}
+      options={{
+        theme: colorMode,
+        ...props.options,
+      }}
+    />
+  );
+});
+
+CloudFlareCatpcha.displayName = "CloudFlareCatpcha";
diff --git a/website/src/lib/captcha.ts b/website/src/lib/captcha.ts
new file mode 100644
index 00000000..2eb4f0a6
--- /dev/null
+++ b/website/src/lib/captcha.ts
@@ -0,0 +1,56 @@
+type CaptchaErrorCode =
+  | "missing-input-secret"
+  | "invalid-input-secret"
+  | "missing-input-response"
+  | "invalid-input-response"
+  | "bad-request"
+  | "timeout-or-duplicate"
+  | "internal-error";
+
+type CheckCaptchaResponse = {
+  success: boolean;
+  challenge_ts?: string;
+  hostname: string;
+  "error-codes": CaptchaErrorCode[];
+  action?: string;
+  cdata?: string;
+};
+
+// https://developers.cloudflare.com/turnstile/get-started/server-side-validation/
+export const checkCaptcha = async (
+  token: string,
+  ipAdress: string,
+  options?: { cdata?: string; action?: string }
+): Promise<CheckCaptchaResponse> => {
+  const data = new FormData();
+
+  data.append("secret", process.env.CLOUDFLARE_CAPTCHA_SERCERT_KEY);
+  data.append("response", token);
+  data.append("remoteip", ipAdress);
+
+  const result = await fetch("https://challenges.cloudflare.com/turnstile/v0/siteverify", {
+    body: data,
+    method: "POST",
+  });
+
+  const res: CheckCaptchaResponse = await result.json();
+  return {
+    ...res,
+    success: getSuccess(res, options?.action, options?.cdata),
+  };
+};
+
+const getSuccess = (response: CheckCaptchaResponse, action: string | undefined, cdata: string | undefined) => {
+  if (action === undefined && cdata === undefined) {
+    return response.success;
+  }
+
+  if (action) {
+    if (cdata) {
+      return response.action === action && response.cdata === cdata;
+    }
+    return response.action === action;
+  }
+
+  return false;
+};
diff --git a/website/src/middleware.ts b/website/src/middleware.ts
index 21eeaaa7..87651301 100644
--- a/website/src/middleware.ts
+++ b/website/src/middleware.ts
@@ -1,5 +1,7 @@
-export { default } from "next-auth/middleware";
+import { NextResponse } from "next/server";
+import { NextRequestWithAuth, withAuth } from "next-auth/middleware";
 
+import { checkCaptcha } from "./lib/captcha";
 /**
  * Guards these pages and redirects them to the sign in page.
  */
@@ -14,5 +16,26 @@ export const config = {
     "/tasks/:path*",
     "/leaderboard",
     "/messages/:path*",
+    "/api/auth/signin/email",
   ],
 };
+
+const middleware = async (req: NextRequestWithAuth) => {
+  if (req.method === "POST" && req.nextUrl.pathname === "/api/auth/signin/email") {
+    const data = await req.formData();
+    const res = await checkCaptcha(data.get("captcha").toString(), req.ip);
+
+    if (res.success) {
+      return NextResponse.next();
+    }
+
+    const url = req.nextUrl.clone();
+    url.pathname = "/api/auth/invalid-captcha";
+
+    return NextResponse.redirect(url);
+  }
+
+  return withAuth(req);
+};
+
+export default middleware;
diff --git a/website/src/pages/api/auth/invalid-captcha.ts b/website/src/pages/api/auth/invalid-captcha.ts
new file mode 100644
index 00000000..86fe7eab
--- /dev/null
+++ b/website/src/pages/api/auth/invalid-captcha.ts
@@ -0,0 +1,7 @@
+import { NextApiRequest, NextApiResponse } from "next";
+
+export default function handler(_: NextApiRequest, res: NextApiResponse) {
+  return res.status(200).json({
+    url: "/auth/signin?error=InvalidCaptcha",
+  });
+}
diff --git a/website/src/pages/auth/signin.tsx b/website/src/pages/auth/signin.tsx
index d171182d..3036a0b9 100644
--- a/website/src/pages/auth/signin.tsx
+++ b/website/src/pages/auth/signin.tsx
@@ -1,5 +1,6 @@
 import { Button, ButtonProps, Input, Stack, useColorModeValue } from "@chakra-ui/react";
 import { useColorMode } from "@chakra-ui/react";
+import { TurnstileInstance } from "@marsidev/react-turnstile";
 import { Bug, Github, Mail } from "lucide-react";
 import { GetServerSideProps } from "next";
 import Head from "next/head";
@@ -7,9 +8,10 @@ import Link from "next/link";
 import { useRouter } from "next/router";
 import { ClientSafeProvider, getProviders, signIn } from "next-auth/react";
 import { serverSideTranslations } from "next-i18next/serverSideTranslations";
-import React, { useEffect, useState } from "react";
+import React, { useEffect, useRef, useState } from "react";
 import { useForm } from "react-hook-form";
 import { AuthLayout } from "src/components/AuthLayout";
+import { CloudFlareCatpcha } from "src/components/CloudflareCaptcha";
 import { Footer } from "src/components/Footer";
 import { Header } from "src/components/Header";
 import { Discord } from "src/components/Icons/Discord";
@@ -26,6 +28,7 @@ export type SignInErrorTypes =
   | "EmailSignin"
   | "CredentialsSignin"
   | "SessionRequired"
+  | "InvalidCaptcha"
   | "default";
 
 const errorMessages: Record<SignInErrorTypes, string> = {
@@ -39,6 +42,7 @@ const errorMessages: Record<SignInErrorTypes, string> = {
   EmailSignin: "The e-mail could not be sent.",
   CredentialsSignin: "Sign in failed. Check the details you provided are correct.",
   SessionRequired: "Please sign in to access this page.",
+  InvalidCaptcha: "Invalid captcha",
   default: "Unable to sign in.",
 };
 
@@ -62,14 +66,20 @@ function Signin({ providers }: SigninProps) {
     }
   }, [router]);
 
-  const signinWithEmail = (data: { email: string }) => {
-    signIn(email.id, { callbackUrl: "/dashboard", email: data.email });
+  const signinWithEmail = async (data: { email: string }) => {
+    const res = await signIn(email.id, {
+      callbackUrl: "/dashboard",
+      email: data.email,
+      captcha: captcha.current?.getResponse(),
+    });
+    console.log(res);
   };
 
   const { colorMode } = useColorMode();
   const bgColorClass = colorMode === "light" ? "bg-gray-50" : "bg-chakra-gray-900";
   const buttonBgColor = colorMode === "light" ? "#2563eb" : "#2563eb";
   const { register, handleSubmit } = useForm<{ email: string }>();
+  const captcha = useRef<TurnstileInstance>();
   return (
     <div className={bgColorClass}>
       <Head>
@@ -90,7 +100,8 @@ function Signin({ providers }: SigninProps) {
                   placeholder="Email Address"
                   {...register("email")}
                 />
-                <SigninButton data-cy="signin-email-button" leftIcon={<Mail />}>
+                <CloudFlareCatpcha options={{ size: "invisible" }} ref={captcha}></CloudFlareCatpcha>
+                <SigninButton data-cy="signin-email-button" leftIcon={<Mail />} mt="4">
                   Continue with Email
                 </SigninButton>
               </Stack>
diff --git a/website/types/env.d.ts b/website/types/env.d.ts
index 959662db..79fc51fc 100644
--- a/website/types/env.d.ts
+++ b/website/types/env.d.ts
@@ -2,7 +2,10 @@ declare global {
   namespace NodeJS {
     interface ProcessEnv {
       NODE_ENV: "development" | "production";
-      NEXT_PUBLIC_CLOUDFARE_CAPTCHA_SITE_KEY: string;
+      NEXT_PUBLIC_CLOUDFLARE_CAPTCHA_SITE_KEY: string;
+      CLOUDFLARE_CAPTCHA_SERCERT_KEY: string;
     }
   }
 }
+
+export {};

From 1af8079e17df57b1eb30052001769e669c5728d1 Mon Sep 17 00:00:00 2001
From: notmd <tinhmeo10@gmail.com>
Date: Thu, 26 Jan 2023 01:02:27 +0700
Subject: [PATCH 03/22] remove debug code

---
 website/src/pages/auth/signin.tsx | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/website/src/pages/auth/signin.tsx b/website/src/pages/auth/signin.tsx
index 3036a0b9..8f1edf9f 100644
--- a/website/src/pages/auth/signin.tsx
+++ b/website/src/pages/auth/signin.tsx
@@ -66,13 +66,12 @@ function Signin({ providers }: SigninProps) {
     }
   }, [router]);
 
-  const signinWithEmail = async (data: { email: string }) => {
-    const res = await signIn(email.id, {
+  const signinWithEmail = (data: { email: string }) => {
+    signIn(email.id, {
       callbackUrl: "/dashboard",
       email: data.email,
       captcha: captcha.current?.getResponse(),
     });
-    console.log(res);
   };
 
   const { colorMode } = useColorMode();

From 0d629c19cd5375562857df75013c08c0e15b301c Mon Sep 17 00:00:00 2001
From: notmd <tinhmeo10@gmail.com>
Date: Thu, 26 Jan 2023 02:13:30 +0700
Subject: [PATCH 04/22] fix test

---
 website/cypress/e2e/auth/signin.cy.ts | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

diff --git a/website/cypress/e2e/auth/signin.cy.ts b/website/cypress/e2e/auth/signin.cy.ts
index 2a651f1f..04a042cf 100644
--- a/website/cypress/e2e/auth/signin.cy.ts
+++ b/website/cypress/e2e/auth/signin.cy.ts
@@ -14,11 +14,20 @@ describe("signin flow", () => {
     cy.request("GET", "/api/auth/csrf")
       .then((response) => {
         const csrfToken = response.body.csrfToken;
-        cy.request("POST", "/api/auth/signin/email", {
-          callbackUrl: "/",
-          email: emailAddress,
-          csrfToken,
-          json: "true",
+        cy.request({
+          form: true,
+          method: "POST",
+          url: "/api/auth/signin/email",
+          body: {
+            callbackUrl: "/",
+            email: emailAddress,
+            csrfToken,
+            json: "true",
+            captcha: "XXXX.DUMMY.TOKEN.XXXX",
+          },
+          headers: {
+            "content-type": "application/x-www-form-urlencoded",
+          },
         });
       })
       .then((response) => {

From 877aabfef1af6a969bc0b8afff7088b33ffa32c9 Mon Sep 17 00:00:00 2001
From: notmd <tinhmeo10@gmail.com>
Date: Thu, 26 Jan 2023 02:15:06 +0700
Subject: [PATCH 05/22] check for null

---
 website/src/middleware.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/src/middleware.ts b/website/src/middleware.ts
index 87651301..0bfb4527 100644
--- a/website/src/middleware.ts
+++ b/website/src/middleware.ts
@@ -23,7 +23,7 @@ export const config = {
 const middleware = async (req: NextRequestWithAuth) => {
   if (req.method === "POST" && req.nextUrl.pathname === "/api/auth/signin/email") {
     const data = await req.formData();
-    const res = await checkCaptcha(data.get("captcha").toString(), req.ip);
+    const res = await checkCaptcha(data.get("captcha")?.toString(), req.ip);
 
     if (res.success) {
       return NextResponse.next();

From d456cffc4a4d0bc8dbeebc3f708902301a250c36 Mon Sep 17 00:00:00 2001
From: notmd <tinhmeo10@gmail.com>
Date: Thu, 26 Jan 2023 02:49:22 +0700
Subject: [PATCH 06/22] support json content-type

---
 website/cypress/e2e/auth/signin.cy.ts |  4 ----
 website/cypress/support/commands.ts   | 15 ++++++++++-----
 website/src/middleware.ts             | 16 ++++++++++++++--
 3 files changed, 24 insertions(+), 11 deletions(-)

diff --git a/website/cypress/e2e/auth/signin.cy.ts b/website/cypress/e2e/auth/signin.cy.ts
index 04a042cf..9d6e63e1 100644
--- a/website/cypress/e2e/auth/signin.cy.ts
+++ b/website/cypress/e2e/auth/signin.cy.ts
@@ -15,7 +15,6 @@ describe("signin flow", () => {
       .then((response) => {
         const csrfToken = response.body.csrfToken;
         cy.request({
-          form: true,
           method: "POST",
           url: "/api/auth/signin/email",
           body: {
@@ -25,9 +24,6 @@ describe("signin flow", () => {
             json: "true",
             captcha: "XXXX.DUMMY.TOKEN.XXXX",
           },
-          headers: {
-            "content-type": "application/x-www-form-urlencoded",
-          },
         });
       })
       .then((response) => {
diff --git a/website/cypress/support/commands.ts b/website/cypress/support/commands.ts
index 096720d0..3939c685 100644
--- a/website/cypress/support/commands.ts
+++ b/website/cypress/support/commands.ts
@@ -58,11 +58,16 @@ Cypress.Commands.add("signInWithEmail", (emailAddress) => {
   cy.request("GET", "/api/auth/csrf")
     .then((response) => {
       const csrfToken = response.body.csrfToken;
-      cy.request("POST", "/api/auth/signin/email", {
-        callbackUrl: "/",
-        email: emailAddress,
-        csrfToken,
-        json: "true",
+      cy.request({
+        method: "POST",
+        url: "/api/auth/signin/email",
+        body: {
+          callbackUrl: "/",
+          email: emailAddress,
+          csrfToken,
+          json: "true",
+          captcha: "XXXX.DUMMY.TOKEN.XXXX",
+        },
       });
     })
     .then(() => {
diff --git a/website/src/middleware.ts b/website/src/middleware.ts
index 0bfb4527..4c85d3ac 100644
--- a/website/src/middleware.ts
+++ b/website/src/middleware.ts
@@ -22,8 +22,8 @@ export const config = {
 
 const middleware = async (req: NextRequestWithAuth) => {
   if (req.method === "POST" && req.nextUrl.pathname === "/api/auth/signin/email") {
-    const data = await req.formData();
-    const res = await checkCaptcha(data.get("captcha")?.toString(), req.ip);
+    const data = await getBody(req);
+    const res = await checkCaptcha(data?.captcha, req.ip);
 
     if (res.success) {
       return NextResponse.next();
@@ -38,4 +38,16 @@ const middleware = async (req: NextRequestWithAuth) => {
   return withAuth(req);
 };
 
+async function getBody(req: Request): Promise<Record<string, any> | undefined> {
+  if (!("body" in req) || !req.body || req.method !== "POST") return;
+
+  const contentType = req.headers.get("content-type");
+  if (contentType?.includes("application/json")) {
+    return await req.json();
+  } else if (contentType?.includes("application/x-www-form-urlencoded")) {
+    const params = new URLSearchParams(await req.text());
+    return Object.fromEntries(params);
+  }
+}
+
 export default middleware;

From a7ff5e5f213ed6a263a33ee307ad9c7e744de952 Mon Sep 17 00:00:00 2001
From: notmd <tinhmeo10@gmail.com>
Date: Sun, 29 Jan 2023 20:42:23 +0700
Subject: [PATCH 07/22] add comment

---
 website/src/lib/captcha.ts | 1 +
 1 file changed, 1 insertion(+)

diff --git a/website/src/lib/captcha.ts b/website/src/lib/captcha.ts
index 2eb4f0a6..384f69dd 100644
--- a/website/src/lib/captcha.ts
+++ b/website/src/lib/captcha.ts
@@ -40,6 +40,7 @@ export const checkCaptcha = async (
   };
 };
 
+// This function hasn't been tested yet, Cloudflare doesn't send `action` and `cdata` with a demo key.
 const getSuccess = (response: CheckCaptchaResponse, action: string | undefined, cdata: string | undefined) => {
   if (action === undefined && cdata === undefined) {
     return response.success;

From f75d02c33a725ad0389d5050707d2ca19ccbac8b Mon Sep 17 00:00:00 2001
From: notmd <tinhmeo10@gmail.com>
Date: Sun, 29 Jan 2023 22:59:45 +0700
Subject: [PATCH 08/22] use `signIn` callback instead middleware

---
 website/src/middleware.ts                     | 37 +------------------
 website/src/pages/api/auth/[...nextauth].ts   | 31 +++++++++++++++-
 website/src/pages/api/auth/invalid-captcha.ts |  7 ----
 3 files changed, 30 insertions(+), 45 deletions(-)
 delete mode 100644 website/src/pages/api/auth/invalid-captcha.ts

diff --git a/website/src/middleware.ts b/website/src/middleware.ts
index 4c85d3ac..21eeaaa7 100644
--- a/website/src/middleware.ts
+++ b/website/src/middleware.ts
@@ -1,7 +1,5 @@
-import { NextResponse } from "next/server";
-import { NextRequestWithAuth, withAuth } from "next-auth/middleware";
+export { default } from "next-auth/middleware";
 
-import { checkCaptcha } from "./lib/captcha";
 /**
  * Guards these pages and redirects them to the sign in page.
  */
@@ -16,38 +14,5 @@ export const config = {
     "/tasks/:path*",
     "/leaderboard",
     "/messages/:path*",
-    "/api/auth/signin/email",
   ],
 };
-
-const middleware = async (req: NextRequestWithAuth) => {
-  if (req.method === "POST" && req.nextUrl.pathname === "/api/auth/signin/email") {
-    const data = await getBody(req);
-    const res = await checkCaptcha(data?.captcha, req.ip);
-
-    if (res.success) {
-      return NextResponse.next();
-    }
-
-    const url = req.nextUrl.clone();
-    url.pathname = "/api/auth/invalid-captcha";
-
-    return NextResponse.redirect(url);
-  }
-
-  return withAuth(req);
-};
-
-async function getBody(req: Request): Promise<Record<string, any> | undefined> {
-  if (!("body" in req) || !req.body || req.method !== "POST") return;
-
-  const contentType = req.headers.get("content-type");
-  if (contentType?.includes("application/json")) {
-    return await req.json();
-  } else if (contentType?.includes("application/x-www-form-urlencoded")) {
-    const params = new URLSearchParams(await req.text());
-    return Object.fromEntries(params);
-  }
-}
-
-export default middleware;
diff --git a/website/src/pages/api/auth/[...nextauth].ts b/website/src/pages/api/auth/[...nextauth].ts
index 3d3dbaa4..065d67f4 100644
--- a/website/src/pages/api/auth/[...nextauth].ts
+++ b/website/src/pages/api/auth/[...nextauth].ts
@@ -1,11 +1,13 @@
 import { PrismaAdapter } from "@next-auth/prisma-adapter";
 import { boolean } from "boolean";
+import { NextApiRequest, NextApiResponse } from "next";
 import type { AuthOptions } from "next-auth";
 import NextAuth from "next-auth";
 import { Provider } from "next-auth/providers";
 import CredentialsProvider from "next-auth/providers/credentials";
 import DiscordProvider from "next-auth/providers/discord";
 import EmailProvider from "next-auth/providers/email";
+import { checkCaptcha } from "src/lib/captcha";
 import prisma from "src/lib/prismadb";
 import { generateUsername } from "unique-username-generator";
 
@@ -74,7 +76,7 @@ const adminUserMap = process.env.ADMIN_USERS.split(",").reduce((result, entry) =
   return result;
 }, new Map());
 
-export const authOptions: AuthOptions = {
+const authOptions: AuthOptions = {
   // Ensure we can store user data in a database.
   adapter: PrismaAdapter(prisma),
   providers,
@@ -153,4 +155,29 @@ export const authOptions: AuthOptions = {
   },
 };
 
-export default NextAuth(authOptions);
+export default function auth(req: NextApiRequest, res: NextApiResponse) {
+  return NextAuth(req, res, {
+    ...authOptions,
+    callbacks: {
+      ...authOptions.callbacks,
+      async signIn({ account }) {
+        if (account.provider !== "email") {
+          return true;
+        }
+
+        const captcha = req.body.captcha;
+        // https://stackoverflow.com/questions/66111742/get-the-client-ip-on-nextjs-and-use-ssr
+        const forwarded = req.headers["x-forwarded-for"];
+        const ip = typeof forwarded === "string" ? forwarded.split(/, /)[0] : req.socket.remoteAddress;
+
+        const res = await checkCaptcha(captcha, ip);
+
+        if (res.success) {
+          return true;
+        }
+
+        return "/auth/signin?error=InvalidCaptcha";
+      },
+    },
+  });
+}
diff --git a/website/src/pages/api/auth/invalid-captcha.ts b/website/src/pages/api/auth/invalid-captcha.ts
deleted file mode 100644
index 86fe7eab..00000000
--- a/website/src/pages/api/auth/invalid-captcha.ts
+++ /dev/null
@@ -1,7 +0,0 @@
-import { NextApiRequest, NextApiResponse } from "next";
-
-export default function handler(_: NextApiRequest, res: NextApiResponse) {
-  return res.status(200).json({
-    url: "/auth/signin?error=InvalidCaptcha",
-  });
-}

From fce158b8d32be89a176814ffa10facebe86d229f Mon Sep 17 00:00:00 2001
From: notmd <tinhmeo10@gmail.com>
Date: Sun, 29 Jan 2023 23:18:08 +0700
Subject: [PATCH 09/22] disable sigin button until captcha success

---
 website/src/pages/auth/signin.tsx | 73 +++++++++++++++++--------------
 1 file changed, 41 insertions(+), 32 deletions(-)

diff --git a/website/src/pages/auth/signin.tsx b/website/src/pages/auth/signin.tsx
index 8f1edf9f..3a2f48ff 100644
--- a/website/src/pages/auth/signin.tsx
+++ b/website/src/pages/auth/signin.tsx
@@ -6,7 +6,7 @@ import { GetServerSideProps } from "next";
 import Head from "next/head";
 import Link from "next/link";
 import { useRouter } from "next/router";
-import { ClientSafeProvider, getProviders, signIn } from "next-auth/react";
+import { getProviders, signIn } from "next-auth/react";
 import { serverSideTranslations } from "next-i18next/serverSideTranslations";
 import React, { useEffect, useRef, useState } from "react";
 import { useForm } from "react-hook-form";
@@ -66,19 +66,10 @@ function Signin({ providers }: SigninProps) {
     }
   }, [router]);
 
-  const signinWithEmail = (data: { email: string }) => {
-    signIn(email.id, {
-      callbackUrl: "/dashboard",
-      email: data.email,
-      captcha: captcha.current?.getResponse(),
-    });
-  };
-
   const { colorMode } = useColorMode();
   const bgColorClass = colorMode === "light" ? "bg-gray-50" : "bg-chakra-gray-900";
   const buttonBgColor = colorMode === "light" ? "#2563eb" : "#2563eb";
-  const { register, handleSubmit } = useForm<{ email: string }>();
-  const captcha = useRef<TurnstileInstance>();
+
   return (
     <div className={bgColorClass}>
       <Head>
@@ -87,25 +78,8 @@ function Signin({ providers }: SigninProps) {
       </Head>
       <AuthLayout>
         <Stack spacing="2">
-          {credentials && <DebugSigninForm credentials={credentials} bgColorClass={bgColorClass} />}
-          {email && (
-            <form onSubmit={handleSubmit(signinWithEmail)}>
-              <Stack>
-                <Input
-                  type="email"
-                  data-cy="email-address"
-                  variant="outline"
-                  size="lg"
-                  placeholder="Email Address"
-                  {...register("email")}
-                />
-                <CloudFlareCatpcha options={{ size: "invisible" }} ref={captcha}></CloudFlareCatpcha>
-                <SigninButton data-cy="signin-email-button" leftIcon={<Mail />} mt="4">
-                  Continue with Email
-                </SigninButton>
-              </Stack>
-            </form>
-          )}
+          {credentials && <DebugSigninForm providerId={credentials.id} bgColorClass={bgColorClass} />}
+          {email && <EmailSignInForm providerId={email.id}></EmailSignInForm>}
           {discord && (
             <Button
               bg={buttonBgColor}
@@ -170,6 +144,41 @@ Signin.getLayout = (page) => (
 
 export default Signin;
 
+const EmailSignInForm = ({ providerId }: { providerId: string }) => {
+  const { register, handleSubmit } = useForm<{ email: string }>();
+  const captcha = useRef<TurnstileInstance>();
+  const [captchaSuccess, setCaptchaSuccess] = useState(false);
+  const signinWithEmail = (data: { email: string }) => {
+    signIn(providerId, {
+      callbackUrl: "/dashboard",
+      email: data.email,
+      captcha: captcha.current?.getResponse(),
+    });
+  };
+  return (
+    <form onSubmit={handleSubmit(signinWithEmail)}>
+      <Stack>
+        <Input
+          type="email"
+          data-cy="email-address"
+          variant="outline"
+          size="lg"
+          placeholder="Email Address"
+          {...register("email")}
+        />
+        <CloudFlareCatpcha
+          options={{ size: "invisible" }}
+          ref={captcha}
+          onSuccess={() => setCaptchaSuccess(true)}
+        ></CloudFlareCatpcha>
+        <SigninButton data-cy="signin-email-button" leftIcon={<Mail />} mt="4" disabled={!captchaSuccess}>
+          Continue with Email
+        </SigninButton>
+      </Stack>
+    </form>
+  );
+};
+
 const SigninButton = (props: ButtonProps) => {
   const buttonColorScheme = useColorModeValue("blue", "dark-blue-btn");
 
@@ -190,7 +199,7 @@ interface DebugSigninFormData {
   role: Role;
 }
 
-const DebugSigninForm = ({ credentials, bgColorClass }: { credentials: ClientSafeProvider; bgColorClass: string }) => {
+const DebugSigninForm = ({ providerId, bgColorClass }: { providerId: string; bgColorClass: string }) => {
   const { register, handleSubmit } = useForm<DebugSigninFormData>({
     defaultValues: {
       role: "general",
@@ -199,7 +208,7 @@ const DebugSigninForm = ({ credentials, bgColorClass }: { credentials: ClientSaf
   });
 
   function signinWithDebugCredentials(data: DebugSigninFormData) {
-    signIn(credentials.id, {
+    signIn(providerId, {
       callbackUrl: "/dashboard",
       ...data,
     });

From fb26a52c2cb51197c12b7daf9cd6a12cc688a72c Mon Sep 17 00:00:00 2001
From: notmd <tinhmeo10@gmail.com>
Date: Sun, 29 Jan 2023 23:28:26 +0700
Subject: [PATCH 10/22] allow to enable/disable email signin captcha via env
 variable

---
 docker-compose.yaml                         |  1 +
 website/.env                                |  1 +
 website/src/pages/api/auth/[...nextauth].ts |  2 +-
 website/src/pages/auth/signin.tsx           | 22 +++++++++++++++------
 website/types/env.d.ts                      |  1 +
 5 files changed, 20 insertions(+), 7 deletions(-)

diff --git a/docker-compose.yaml b/docker-compose.yaml
index 4376e25d..edb33162 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -127,6 +127,7 @@ services:
       - DEBUG_LOGIN=true
       - NEXT_PUBLIC_CLOUDFARE_CAPTCHA_SITE_KEY=1x00000000000000000000AA
       - CLOUDFLARE_CAPTCHA_SERCERT_KEY=1x0000000000000000000000000000000AA
+      - NEXT_PUBLIC_ENABLE_EMAIL_SIGNIN_CAPTCHA=true
     depends_on:
       webdb:
         condition: service_healthy
diff --git a/website/.env b/website/.env
index a5bb7e0a..e71e2a3b 100644
--- a/website/.env
+++ b/website/.env
@@ -17,3 +17,4 @@ EMAIL_FROM=info@example.com
 
 NEXT_PUBLIC_CLOUDFLARE_CAPTCHA_SITE_KEY=1x00000000000000000000AA
 CLOUDFLARE_CAPTCHA_SERCERT_KEY=1x0000000000000000000000000000000AA
+NEXT_PUBLIC_ENABLE_EMAIL_SIGNIN_CAPTCHA=true
diff --git a/website/src/pages/api/auth/[...nextauth].ts b/website/src/pages/api/auth/[...nextauth].ts
index 065d67f4..bc876182 100644
--- a/website/src/pages/api/auth/[...nextauth].ts
+++ b/website/src/pages/api/auth/[...nextauth].ts
@@ -161,7 +161,7 @@ export default function auth(req: NextApiRequest, res: NextApiResponse) {
     callbacks: {
       ...authOptions.callbacks,
       async signIn({ account }) {
-        if (account.provider !== "email") {
+        if (account.provider !== "email" || !boolean(process.env.NEXT_PUBLIC_ENABLE_EMAIL_SIGNIN_CAPTCHA)) {
           return true;
         }
 
diff --git a/website/src/pages/auth/signin.tsx b/website/src/pages/auth/signin.tsx
index 3a2f48ff..a0826b3c 100644
--- a/website/src/pages/auth/signin.tsx
+++ b/website/src/pages/auth/signin.tsx
@@ -1,6 +1,7 @@
 import { Button, ButtonProps, Input, Stack, useColorModeValue } from "@chakra-ui/react";
 import { useColorMode } from "@chakra-ui/react";
 import { TurnstileInstance } from "@marsidev/react-turnstile";
+import { boolean } from "boolean";
 import { Bug, Github, Mail } from "lucide-react";
 import { GetServerSideProps } from "next";
 import Head from "next/head";
@@ -144,6 +145,8 @@ Signin.getLayout = (page) => (
 
 export default Signin;
 
+const emailSigninCaptcha = boolean(process.env.NEXT_PUBLIC_ENABLE_EMAIL_SIGNIN_CAPTCHA);
+
 const EmailSignInForm = ({ providerId }: { providerId: string }) => {
   const { register, handleSubmit } = useForm<{ email: string }>();
   const captcha = useRef<TurnstileInstance>();
@@ -166,12 +169,19 @@ const EmailSignInForm = ({ providerId }: { providerId: string }) => {
           placeholder="Email Address"
           {...register("email")}
         />
-        <CloudFlareCatpcha
-          options={{ size: "invisible" }}
-          ref={captcha}
-          onSuccess={() => setCaptchaSuccess(true)}
-        ></CloudFlareCatpcha>
-        <SigninButton data-cy="signin-email-button" leftIcon={<Mail />} mt="4" disabled={!captchaSuccess}>
+        {emailSigninCaptcha && (
+          <CloudFlareCatpcha
+            options={{ size: "invisible" }}
+            ref={captcha}
+            onSuccess={() => setCaptchaSuccess(true)}
+          ></CloudFlareCatpcha>
+        )}
+        <SigninButton
+          data-cy="signin-email-button"
+          leftIcon={<Mail />}
+          mt="4"
+          disabled={!captchaSuccess && emailSigninCaptcha}
+        >
           Continue with Email
         </SigninButton>
       </Stack>
diff --git a/website/types/env.d.ts b/website/types/env.d.ts
index 79fc51fc..b5484154 100644
--- a/website/types/env.d.ts
+++ b/website/types/env.d.ts
@@ -4,6 +4,7 @@ declare global {
       NODE_ENV: "development" | "production";
       NEXT_PUBLIC_CLOUDFLARE_CAPTCHA_SITE_KEY: string;
       CLOUDFLARE_CAPTCHA_SERCERT_KEY: string;
+      NEXT_PUBLIC_ENABLE_EMAIL_SIGNIN_CAPTCHA: boolean;
     }
   }
 }

From e3f496df819e9d4f6113f922273835c92c568d35 Mon Sep 17 00:00:00 2001
From: notmd <tinhmeo10@gmail.com>
Date: Sun, 29 Jan 2023 23:44:30 +0700
Subject: [PATCH 11/22] try to fix test

---
 website/src/pages/api/auth/[...nextauth].ts | 22 ++++++---------------
 1 file changed, 6 insertions(+), 16 deletions(-)

diff --git a/website/src/pages/api/auth/[...nextauth].ts b/website/src/pages/api/auth/[...nextauth].ts
index 596c91e3..fa18df9e 100644
--- a/website/src/pages/api/auth/[...nextauth].ts
+++ b/website/src/pages/api/auth/[...nextauth].ts
@@ -150,21 +150,6 @@ const authOptions: AuthOptions = {
       }
     },
   },
-  /*
-   * We maybe need this, we maybe don't.  Checking in this uncommented until
-   * it's confirmed we can drop this.
-  cookies: {
-    sessionToken: {
-      name: `next-auth.session-token`,
-      options: {
-        httpOnly: true,
-        sameSite: "none",
-        path: "/",
-        secure: true,
-      },
-    },
-  },
-  */
   session: {
     strategy: "jwt",
   },
@@ -180,7 +165,7 @@ export default function auth(req: NextApiRequest, res: NextApiResponse) {
           return true;
         }
 
-        const captcha = req.body.captcha;
+        const captcha = getBody(req.body)?.captcha;
         // https://stackoverflow.com/questions/66111742/get-the-client-ip-on-nextjs-and-use-ssr
         const forwarded = req.headers["x-forwarded-for"];
         const ip = typeof forwarded === "string" ? forwarded.split(/, /)[0] : req.socket.remoteAddress;
@@ -196,3 +181,8 @@ export default function auth(req: NextApiRequest, res: NextApiResponse) {
     },
   });
 }
+
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+const getBody = (req: NextApiRequest): Record<string, any> => {
+  return req.headers["content-type"]?.includes("application/x-www-form-urlencoded") ? req.body : req.query;
+};

From 0ab2fd5c5ca8a25531e9f2d538579d5eb6e36a4f Mon Sep 17 00:00:00 2001
From: notmd <tinhmeo10@gmail.com>
Date: Mon, 30 Jan 2023 01:00:12 +0700
Subject: [PATCH 12/22] try fix test

---
 website/src/pages/api/auth/[...nextauth].ts | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

diff --git a/website/src/pages/api/auth/[...nextauth].ts b/website/src/pages/api/auth/[...nextauth].ts
index fa18df9e..aadb7e0f 100644
--- a/website/src/pages/api/auth/[...nextauth].ts
+++ b/website/src/pages/api/auth/[...nextauth].ts
@@ -165,13 +165,13 @@ export default function auth(req: NextApiRequest, res: NextApiResponse) {
           return true;
         }
 
-        const captcha = getBody(req.body)?.captcha;
+        const captcha = req.body.captcha;
         // https://stackoverflow.com/questions/66111742/get-the-client-ip-on-nextjs-and-use-ssr
         const forwarded = req.headers["x-forwarded-for"];
         const ip = typeof forwarded === "string" ? forwarded.split(/, /)[0] : req.socket.remoteAddress;
 
         const res = await checkCaptcha(captcha, ip);
-
+        console.log(res);
         if (res.success) {
           return true;
         }
@@ -181,8 +181,3 @@ export default function auth(req: NextApiRequest, res: NextApiResponse) {
     },
   });
 }
-
-// eslint-disable-next-line @typescript-eslint/no-explicit-any
-const getBody = (req: NextApiRequest): Record<string, any> => {
-  return req.headers["content-type"]?.includes("application/x-www-form-urlencoded") ? req.body : req.query;
-};

From c05c0d88a18300c6807d2d98865e270b01ec0537 Mon Sep 17 00:00:00 2001
From: notmd <tinhmeo10@gmail.com>
Date: Mon, 30 Jan 2023 02:00:45 +0700
Subject: [PATCH 13/22] remove debug code

---
 website/src/pages/api/auth/[...nextauth].ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/src/pages/api/auth/[...nextauth].ts b/website/src/pages/api/auth/[...nextauth].ts
index aadb7e0f..bc876182 100644
--- a/website/src/pages/api/auth/[...nextauth].ts
+++ b/website/src/pages/api/auth/[...nextauth].ts
@@ -171,7 +171,7 @@ export default function auth(req: NextApiRequest, res: NextApiResponse) {
         const ip = typeof forwarded === "string" ? forwarded.split(/, /)[0] : req.socket.remoteAddress;
 
         const res = await checkCaptcha(captcha, ip);
-        console.log(res);
+
         if (res.success) {
           return true;
         }

From f825ae54fb589075e2323eb08382c5c2663832ab Mon Sep 17 00:00:00 2001
From: notmd <tinhmeo10@gmail.com>
Date: Mon, 30 Jan 2023 02:15:34 +0700
Subject: [PATCH 14/22] try to fix test

---
 website/src/pages/api/auth/[...nextauth].ts | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/website/src/pages/api/auth/[...nextauth].ts b/website/src/pages/api/auth/[...nextauth].ts
index bc876182..5a316256 100644
--- a/website/src/pages/api/auth/[...nextauth].ts
+++ b/website/src/pages/api/auth/[...nextauth].ts
@@ -166,11 +166,8 @@ export default function auth(req: NextApiRequest, res: NextApiResponse) {
         }
 
         const captcha = req.body.captcha;
-        // https://stackoverflow.com/questions/66111742/get-the-client-ip-on-nextjs-and-use-ssr
-        const forwarded = req.headers["x-forwarded-for"];
-        const ip = typeof forwarded === "string" ? forwarded.split(/, /)[0] : req.socket.remoteAddress;
 
-        const res = await checkCaptcha(captcha, ip);
+        const res = await checkCaptcha(captcha, getIp(req));
 
         if (res.success) {
           return true;
@@ -181,3 +178,13 @@ export default function auth(req: NextApiRequest, res: NextApiResponse) {
     },
   });
 }
+
+const getIp = (req: NextApiRequest) => {
+  try {
+    // https://stackoverflow.com/questions/66111742/get-the-client-ip-on-nextjs-and-use-ssr
+    const forwarded = req.headers["x-forwarded-for"];
+    return typeof forwarded === "string" ? forwarded.split(/, /)[0] : req.socket.remoteAddress;
+  } catch {
+    return "";
+  }
+};

From 158cb02025cd8a3a277c2867523d7b41879efae9 Mon Sep 17 00:00:00 2001
From: notmd <tinhmeo10@gmail.com>
Date: Tue, 31 Jan 2023 19:53:37 +0700
Subject: [PATCH 15/22] try disable captcha

---
 website/.env | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/.env b/website/.env
index 899e2d34..e81374e7 100644
--- a/website/.env
+++ b/website/.env
@@ -20,4 +20,4 @@ EMAIL_FROM=info@example.com
 
 NEXT_PUBLIC_CLOUDFLARE_CAPTCHA_SITE_KEY=1x00000000000000000000AA
 CLOUDFLARE_CAPTCHA_SERCERT_KEY=1x0000000000000000000000000000000AA
-NEXT_PUBLIC_ENABLE_EMAIL_SIGNIN_CAPTCHA=true
+NEXT_PUBLIC_ENABLE_EMAIL_SIGNIN_CAPTCHA=false

From 4d2baf09a7339590a7931c40f7f06d93d6a868a5 Mon Sep 17 00:00:00 2001
From: notmd <tinhmeo10@gmail.com>
Date: Tue, 31 Jan 2023 20:13:52 +0700
Subject: [PATCH 16/22] fix typo

---
 website/src/components/CloudflareCaptcha.tsx | 4 ++--
 website/src/pages/auth/signin.tsx            | 6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/website/src/components/CloudflareCaptcha.tsx b/website/src/components/CloudflareCaptcha.tsx
index ad0104f5..550e7e25 100644
--- a/website/src/components/CloudflareCaptcha.tsx
+++ b/website/src/components/CloudflareCaptcha.tsx
@@ -2,7 +2,7 @@ import { useColorMode } from "@chakra-ui/react";
 import { Turnstile, TurnstileInstance, TurnstileProps } from "@marsidev/react-turnstile";
 import { forwardRef } from "react";
 
-export const CloudFlareCatpcha = forwardRef<TurnstileInstance, Omit<TurnstileProps, "siteKey">>((props, ref) => {
+export const CloudFlareCaptcha = forwardRef<TurnstileInstance, Omit<TurnstileProps, "siteKey">>((props, ref) => {
   const { colorMode } = useColorMode();
   return (
     <Turnstile
@@ -17,4 +17,4 @@ export const CloudFlareCatpcha = forwardRef<TurnstileInstance, Omit<TurnstilePro
   );
 });
 
-CloudFlareCatpcha.displayName = "CloudFlareCatpcha";
+CloudFlareCaptcha.displayName = "CloudFlareCaptcha";
diff --git a/website/src/pages/auth/signin.tsx b/website/src/pages/auth/signin.tsx
index a0826b3c..b65fa742 100644
--- a/website/src/pages/auth/signin.tsx
+++ b/website/src/pages/auth/signin.tsx
@@ -12,7 +12,7 @@ import { serverSideTranslations } from "next-i18next/serverSideTranslations";
 import React, { useEffect, useRef, useState } from "react";
 import { useForm } from "react-hook-form";
 import { AuthLayout } from "src/components/AuthLayout";
-import { CloudFlareCatpcha } from "src/components/CloudflareCaptcha";
+import { CloudFlareCaptcha } from "src/components/CloudflareCaptcha";
 import { Footer } from "src/components/Footer";
 import { Header } from "src/components/Header";
 import { Discord } from "src/components/Icons/Discord";
@@ -170,11 +170,11 @@ const EmailSignInForm = ({ providerId }: { providerId: string }) => {
           {...register("email")}
         />
         {emailSigninCaptcha && (
-          <CloudFlareCatpcha
+          <CloudFlareCaptcha
             options={{ size: "invisible" }}
             ref={captcha}
             onSuccess={() => setCaptchaSuccess(true)}
-          ></CloudFlareCatpcha>
+          ></CloudFlareCaptcha>
         )}
         <SigninButton
           data-cy="signin-email-button"

From f569c6d12b21c6a080313f0eb5ca97f9d691bc4e Mon Sep 17 00:00:00 2001
From: notmd <tinhmeo10@gmail.com>
Date: Tue, 31 Jan 2023 22:00:14 +0700
Subject: [PATCH 17/22] Display number of available tasks

---
 website/public/locales/en/tasks.json          |  3 +-
 .../src/components/Dashboard/TaskOption.tsx   | 62 ++++++++++++-------
 website/src/pages/dashboard.tsx               |  2 +-
 3 files changed, 44 insertions(+), 23 deletions(-)

diff --git a/website/public/locales/en/tasks.json b/website/public/locales/en/tasks.json
index 53cfa088..7fa7c452 100644
--- a/website/public/locales/en/tasks.json
+++ b/website/public/locales/en/tasks.json
@@ -77,5 +77,6 @@
     "label": "Classify Assistant Reply",
     "desc": "Provide labels for a prompt.",
     "overview": "Read the following conversation and then answer the question about the last reply in the discussion."
-  }
+  },
+  "available_task_count": "{{count}} tasks available"
 }
diff --git a/website/src/components/Dashboard/TaskOption.tsx b/website/src/components/Dashboard/TaskOption.tsx
index 0401fd97..87910695 100644
--- a/website/src/components/Dashboard/TaskOption.tsx
+++ b/website/src/components/Dashboard/TaskOption.tsx
@@ -1,5 +1,7 @@
 import {
+  Badge,
   Box,
+  Card,
   Flex,
   GridItem,
   Heading,
@@ -8,7 +10,6 @@ import {
   SimpleGrid,
   Spacer,
   Text,
-  useColorModeValue,
 } from "@chakra-ui/react";
 import { HelpCircle } from "lucide-react";
 import Link from "next/link";
@@ -20,18 +21,17 @@ import { TaskCategory, TaskInfo, TaskType } from "src/types/Task";
 import { TaskCategoryLabels, TaskInfos } from "../Tasks/TaskTypes";
 
 export interface TasksOptionProps {
-  content: Partial<Record<TaskCategory, TaskType[]>>;
+  content: Partial<Record<TaskCategory, Array<{ taskType: TaskType; count: number }>>>;
 }
 
 export const TaskOption = ({ content }: TasksOptionProps) => {
   const { t } = useTranslation(["dashboard", "tasks"]);
-  const backgroundColor = useColorModeValue("white", "gray.700");
 
   const taskInfoMap = useMemo(
     () =>
       Object.values(content)
         .flat()
-        .reduce((obj, taskType) => {
+        .reduce((obj, { taskType }) => {
           obj[taskType] = TaskInfos.filter((t) => t.type === taskType).pop();
           return obj;
         }, {} as Record<TaskType, TaskInfo>),
@@ -53,23 +53,35 @@ export const TaskOption = ({ content }: TasksOptionProps) => {
           </Flex>
           <SimpleGrid columns={[1, 1, 2, 2, 3, 4]} gap={4}>
             {taskTypes
-              .map((taskType) => taskInfoMap[taskType])
+              .map(({ taskType, count }) => ({ ...taskInfoMap[taskType], count }))
               .map((item) => (
                 <Link key={category + item.id} href={item.pathname}>
-                  <GridItem
-                    bg={backgroundColor}
-                    borderRadius="xl"
-                    boxShadow="base"
-                    className="flex flex-col justify-between h-full"
-                  >
-                    <Flex className="p-6 pb-10" flexDir="column" gap="3">
-                      <Heading size="md">{t(getTypeSafei18nKey(`tasks:${item.id}.label`))}</Heading>
-                      <Text size="sm">{t(getTypeSafei18nKey(`tasks:${item.id}.desc`))}</Text>
+                  <GridItem as={Card} height="100%" justifyContent="space-between">
+                    <Flex px="6" pt="6" flexDir="column" gap="3" justifyContent="space-between" height="100%">
+                      <Flex flexDir="column" gap="3">
+                        <Heading size="md">{t(getTypeSafei18nKey(`tasks:${item.id}.label`))}</Heading>
+                        <Text size="sm">{t(getTypeSafei18nKey(`tasks:${item.id}.desc`))}</Text>
+                      </Flex>
+                      <Box>
+                        <Badge
+                          colorScheme="blue"
+                          flexGrow={0}
+                          rounded="lg"
+                          px={2}
+                          py={0.5}
+                          variant="solid"
+                          textTransform="none"
+                          fontWeight="600"
+                        >
+                          {t("tasks:available_task_count", { count: item.count })}
+                        </Badge>
+                      </Box>
                     </Flex>
                     <Text
                       fontWeight="bold"
                       color="white"
                       borderBottomRadius="xl"
+                      mt="6"
                       className="px-6 py-2 transition-colors duration-300 bg-blue-500 hover:bg-blue-600"
                     >
                       {t("go")} -&gt;
@@ -85,12 +97,20 @@ export const TaskOption = ({ content }: TasksOptionProps) => {
 };
 
 export const allTaskOptions: TasksOptionProps["content"] = {
-  [TaskCategory.Random]: [TaskType.random],
-  [TaskCategory.Create]: [TaskType.initial_prompt, TaskType.prompter_reply, TaskType.assistant_reply],
-  [TaskCategory.Evaluate]: [
-    TaskType.rank_initial_prompts,
-    TaskType.rank_prompter_replies,
-    TaskType.rank_assistant_replies,
+  [TaskCategory.Random]: [{ taskType: TaskType.random, count: 0 }],
+  [TaskCategory.Create]: [
+    { taskType: TaskType.initial_prompt, count: 0 },
+    { taskType: TaskType.prompter_reply, count: 0 },
+    { taskType: TaskType.assistant_reply, count: 0 },
+  ],
+  [TaskCategory.Evaluate]: [
+    { taskType: TaskType.rank_initial_prompts, count: 0 },
+    { taskType: TaskType.rank_prompter_replies, count: 0 },
+    { taskType: TaskType.rank_assistant_replies, count: 0 },
+  ],
+  [TaskCategory.Label]: [
+    { taskType: TaskType.label_initial_prompt, count: 0 },
+    { taskType: TaskType.label_prompter_reply, count: 0 },
+    { taskType: TaskType.label_assistant_reply, count: 0 },
   ],
-  [TaskCategory.Label]: [TaskType.label_initial_prompt, TaskType.label_prompter_reply, TaskType.label_assistant_reply],
 };
diff --git a/website/src/pages/dashboard.tsx b/website/src/pages/dashboard.tsx
index 23fcec06..94c25e57 100644
--- a/website/src/pages/dashboard.tsx
+++ b/website/src/pages/dashboard.tsx
@@ -59,4 +59,4 @@ const filterAvailableTasks = (availableTasks: Partial<AvailableTasks>) =>
   Object.entries(availableTasks)
     .filter(([, count]) => count > 0)
     .sort((a, b) => b[1] - a[1])
-    .map(([taskType]) => taskType) as TaskType[];
+    .map(([taskType, count]) => ({ taskType, count })) as Array<{ taskType: TaskType; count: number }>;

From 25ca82f7e532452472dda1adcf00b8d140cfaa37 Mon Sep 17 00:00:00 2001
From: chs20 <schlarmann.christian@gmail.com>
Date: Tue, 31 Jan 2023 22:27:14 +0100
Subject: [PATCH 18/22] Fix #1034 - display newlines in full text modal during
 ranking

---
 website/src/components/CollapsableText.tsx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/src/components/CollapsableText.tsx b/website/src/components/CollapsableText.tsx
index 21325d29..9be43c4b 100644
--- a/website/src/components/CollapsableText.tsx
+++ b/website/src/components/CollapsableText.tsx
@@ -51,7 +51,7 @@ export const CollapsableText = ({
             <ModalContent alignItems="center">
               <ModalHeader>Full Text</ModalHeader>
               <ModalCloseButton />
-              <ModalBody>{text}</ModalBody>
+              <ModalBody style={{ whiteSpace: "pre-line" }}>{text}</ModalBody>
             </ModalContent>
           </ModalOverlay>
         </Modal>

From c8cd869594788a9cb4e64cf3fa3ca624e751f572 Mon Sep 17 00:00:00 2001
From: notmd <tinhmeo10@gmail.com>
Date: Wed, 1 Feb 2023 14:34:47 +0700
Subject: [PATCH 19/22] extract type

---
 website/src/components/Dashboard/TaskOption.tsx | 8 +++++---
 website/src/pages/dashboard.tsx                 | 5 +++--
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/website/src/components/Dashboard/TaskOption.tsx b/website/src/components/Dashboard/TaskOption.tsx
index 87910695..1ee0489b 100644
--- a/website/src/components/Dashboard/TaskOption.tsx
+++ b/website/src/components/Dashboard/TaskOption.tsx
@@ -20,8 +20,10 @@ import { TaskCategory, TaskInfo, TaskType } from "src/types/Task";
 
 import { TaskCategoryLabels, TaskInfos } from "../Tasks/TaskTypes";
 
+export type TaskCategoryItem = { taskType: TaskType; count: number };
+
 export interface TasksOptionProps {
-  content: Partial<Record<TaskCategory, Array<{ taskType: TaskType; count: number }>>>;
+  content: Partial<Record<TaskCategory, TaskCategoryItem[]>>;
 }
 
 export const TaskOption = ({ content }: TasksOptionProps) => {
@@ -40,7 +42,7 @@ export const TaskOption = ({ content }: TasksOptionProps) => {
 
   return (
     <Box className="flex flex-col gap-14">
-      {Object.entries(content).map(([category, taskTypes]) => (
+      {Object.entries(content).map(([category, items]) => (
         <div key={category}>
           <Flex>
             <Heading size="lg" className="pb-4">
@@ -52,7 +54,7 @@ export const TaskOption = ({ content }: TasksOptionProps) => {
             </ExternalLink>
           </Flex>
           <SimpleGrid columns={[1, 1, 2, 2, 3, 4]} gap={4}>
-            {taskTypes
+            {items
               .map(({ taskType, count }) => ({ ...taskInfoMap[taskType], count }))
               .map((item) => (
                 <Link key={category + item.id} href={item.pathname}>
diff --git a/website/src/pages/dashboard.tsx b/website/src/pages/dashboard.tsx
index 94c25e57..e9fe3a18 100644
--- a/website/src/pages/dashboard.tsx
+++ b/website/src/pages/dashboard.tsx
@@ -5,8 +5,9 @@ import { useEffect, useMemo, useState } from "react";
 import { LeaderboardWidget, TaskOption, WelcomeCard } from "src/components/Dashboard";
 import { getDashboardLayout } from "src/components/Layout";
 import { get } from "src/lib/api";
-import { AvailableTasks, TaskCategory, TaskType } from "src/types/Task";
+import { AvailableTasks, TaskCategory } from "src/types/Task";
 export { getDefaultStaticProps as getStaticProps } from "src/lib/default_static_props";
+import { TaskCategoryItem } from "src/components/Dashboard/TaskOption";
 import useSWR from "swr";
 
 const Dashboard = () => {
@@ -59,4 +60,4 @@ const filterAvailableTasks = (availableTasks: Partial<AvailableTasks>) =>
   Object.entries(availableTasks)
     .filter(([, count]) => count > 0)
     .sort((a, b) => b[1] - a[1])
-    .map(([taskType, count]) => ({ taskType, count })) as Array<{ taskType: TaskType; count: number }>;
+    .map(([taskType, count]) => ({ taskType, count })) as TaskCategoryItem[];

From 36e55c9bf4da5afc94b3fff27949ae3f7a33a491 Mon Sep 17 00:00:00 2001
From: notmd <tinhmeo10@gmail.com>
Date: Wed, 1 Feb 2023 14:53:28 +0700
Subject: [PATCH 20/22] extract to theme

---
 website/src/components/Dashboard/TaskOption.tsx | 13 +------------
 website/src/styles/Theme/components/Badge.ts    | 14 ++++++++++++++
 website/src/styles/Theme/index.ts               |  2 ++
 3 files changed, 17 insertions(+), 12 deletions(-)
 create mode 100644 website/src/styles/Theme/components/Badge.ts

diff --git a/website/src/components/Dashboard/TaskOption.tsx b/website/src/components/Dashboard/TaskOption.tsx
index 1ee0489b..55236b93 100644
--- a/website/src/components/Dashboard/TaskOption.tsx
+++ b/website/src/components/Dashboard/TaskOption.tsx
@@ -65,18 +65,7 @@ export const TaskOption = ({ content }: TasksOptionProps) => {
                         <Text size="sm">{t(getTypeSafei18nKey(`tasks:${item.id}.desc`))}</Text>
                       </Flex>
                       <Box>
-                        <Badge
-                          colorScheme="blue"
-                          flexGrow={0}
-                          rounded="lg"
-                          px={2}
-                          py={0.5}
-                          variant="solid"
-                          textTransform="none"
-                          fontWeight="600"
-                        >
-                          {t("tasks:available_task_count", { count: item.count })}
-                        </Badge>
+                        <Badge textTransform="none">{t("tasks:available_task_count", { count: item.count })}</Badge>
                       </Box>
                     </Flex>
                     <Text
diff --git a/website/src/styles/Theme/components/Badge.ts b/website/src/styles/Theme/components/Badge.ts
new file mode 100644
index 00000000..b67c1f3e
--- /dev/null
+++ b/website/src/styles/Theme/components/Badge.ts
@@ -0,0 +1,14 @@
+import { defineStyleConfig } from "@chakra-ui/react";
+
+export const badgeTheme = defineStyleConfig({
+  baseStyle: {
+    borderRadius: "lg",
+    px: 2,
+    py: 0.5,
+    fontWeight: "600",
+  },
+  defaultProps: {
+    variant: "solid",
+    colorScheme: "blue",
+  },
+});
diff --git a/website/src/styles/Theme/index.ts b/website/src/styles/Theme/index.ts
index 37ca424d..91d54088 100644
--- a/website/src/styles/Theme/index.ts
+++ b/website/src/styles/Theme/index.ts
@@ -2,6 +2,7 @@ import { type ThemeConfig, extendTheme } from "@chakra-ui/react";
 import { Styles } from "@chakra-ui/theme-tools";
 
 import { colors } from "./colors";
+import { badgeTheme } from "./components/Badge";
 import { cardTheme } from "./components/Card";
 import { containerTheme } from "./components/Container";
 
@@ -12,6 +13,7 @@ const config: ThemeConfig = {
 };
 
 const components = {
+  Badge: badgeTheme,
   Container: containerTheme,
   Card: cardTheme,
 };

From 2d2fdef889f07b439a11437467fdb8af79ead341 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Korbinian=20P=C3=B6ppel?=
 <37810656+kpoeppel@users.noreply.github.com>
Date: Wed, 1 Feb 2023 09:31:04 +0100
Subject: [PATCH 21/22] Update FAQs for docker port problems. (#1045)

---
 docs/docs/faq/faq.md | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/docs/docs/faq/faq.md b/docs/docs/faq/faq.md
index 025ae02b..4b1d16eb 100644
--- a/docs/docs/faq/faq.md
+++ b/docs/docs/faq/faq.md
@@ -90,3 +90,17 @@ getting permission denied (using root user), you can try the following:
     # And remove the container
     docker rm -f <container id>
 ```
+
+### Docker Port Problems
+
+Oftentimes people already have some Postgres instance running on the dev
+machine. To avoid port problems, change the ports in the `docker-compose.yml` to
+ones excluding `5433`, like:
+
+1. Change `db.ports` to `- 5431:5431`.
+2. Add `POSTGRES_PORT: 5431` to `db.environment`
+3. Change `webdb.ports` to `- 5432:5431`
+4. Add `POSTGRES_PORT: 5431` to `db.environment`
+5. Add `- POSTGRES_PORT=5432` to `backend.environment`
+6. Change `web.environment.DATABASE_URL` to
+   `postgres://postgres:postgres@webdb:5432/oasst_web`

From 530d3e1d1d76145404e3dd4f4f67a245acb3a5d5 Mon Sep 17 00:00:00 2001
From: Adrian Cowan <othrayte@gmail.com>
Date: Wed, 1 Feb 2023 19:34:58 +1100
Subject: [PATCH 22/22] website: Add missing message features in label initial
 prompt

Now the backend passes a single message conversation for the label initial prompt task,
this allows us to just show the conversation the same way we do for the other labelling tasks.

The MessageView component was now no longer used and all messages shown are using MessageTableEntry.
---
 website/src/components/Messages.tsx           | 23 -------------------
 .../components/Tasks/LabelTask/LabelTask.tsx  | 14 +++--------
 website/src/types/Tasks.ts                    |  3 +--
 3 files changed, 4 insertions(+), 36 deletions(-)
 delete mode 100644 website/src/components/Messages.tsx

diff --git a/website/src/components/Messages.tsx b/website/src/components/Messages.tsx
deleted file mode 100644
index 58e0d2be..00000000
--- a/website/src/components/Messages.tsx
+++ /dev/null
@@ -1,23 +0,0 @@
-import { Box, forwardRef, useColorMode } from "@chakra-ui/react";
-import { useMemo } from "react";
-import { Message } from "src/types/Conversation";
-
-export const MessageView = forwardRef<Partial<Message>, "div">((message: Partial<Message>, ref) => {
-  const { colorMode } = useColorMode();
-
-  const bgColor = useMemo(() => {
-    if (colorMode === "light") {
-      return message.is_assistant ? "gray.800" : "blue.600";
-    } else {
-      return message.is_assistant ? "black" : "blue.600";
-    }
-  }, [colorMode, message.is_assistant]);
-
-  return (
-    <Box bg={bgColor} ref={ref} className={`p-4 rounded-md text-white whitespace-pre-wrap`}>
-      {message.text}
-    </Box>
-  );
-});
-
-MessageView.displayName = "MessageView";
diff --git a/website/src/components/Tasks/LabelTask/LabelTask.tsx b/website/src/components/Tasks/LabelTask/LabelTask.tsx
index 33152ba1..33369757 100644
--- a/website/src/components/Tasks/LabelTask/LabelTask.tsx
+++ b/website/src/components/Tasks/LabelTask/LabelTask.tsx
@@ -1,13 +1,11 @@
 import { Box, useBoolean, useColorModeValue } from "@chakra-ui/react";
 import { useTranslation } from "next-i18next";
 import { useEffect, useState } from "react";
-import { MessageView } from "src/components/Messages";
 import { LabelInputGroup } from "src/components/Messages/LabelInputGroup";
 import { MessageTable } from "src/components/Messages/MessageTable";
 import { TwoColumnsWithCards } from "src/components/Survey/TwoColumnsWithCards";
 import { TaskSurveyProps } from "src/components/Tasks/Task";
 import { TaskHeader } from "src/components/Tasks/TaskHeader";
-import { TaskType } from "src/types/Task";
 import { LabelTaskType } from "src/types/Tasks";
 
 const isRequired = (labelName: string, requiredLabels?: string[]) => {
@@ -56,15 +54,9 @@ export const LabelTask = ({
       <TwoColumnsWithCards>
         <>
           <TaskHeader taskType={taskType} />
-          {task.type !== TaskType.label_initial_prompt ? (
-            <Box mt="4" p={[4, 6]} borderRadius="lg" bg={cardColor}>
-              <MessageTable messages={task.conversation.messages} highlightLastMessage />
-            </Box>
-          ) : (
-            <Box mt="4">
-              <MessageView text={task.prompt} is_assistant={false} id={task.message_id} emojis={{}} user_emojis={[]} />
-            </Box>
-          )}
+          <Box mt="4" p={[4, 6]} borderRadius="lg" bg={cardColor}>
+            <MessageTable messages={task.conversation.messages} highlightLastMessage />
+          </Box>
         </>
         <LabelInputGroup
           labels={task.labels}
diff --git a/website/src/types/Tasks.ts b/website/src/types/Tasks.ts
index 737392bd..af6590cf 100644
--- a/website/src/types/Tasks.ts
+++ b/website/src/types/Tasks.ts
@@ -46,6 +46,7 @@ export interface Label {
 
 export interface BaseLabelTask extends BaseTask {
   message_id: string;
+  conversation: Conversation;
   labels: Label[];
   valid_labels: string[];
   disposition: "spam" | "quality";
@@ -55,14 +56,12 @@ export interface BaseLabelTask extends BaseTask {
 
 export interface LabelAssistantReplyTask extends BaseLabelTask {
   type: TaskType.label_assistant_reply;
-  conversation: Conversation;
   reply_message: Message;
   reply: string;
 }
 
 export interface LabelPrompterReplyTask extends BaseLabelTask {
   type: TaskType.label_prompter_reply;
-  conversation: Conversation;
   reply_message: Message;
   reply: string;
 }