From d0d3d6a101e652896e9512653ab7a37c05549b74 Mon Sep 17 00:00:00 2001
From: thonk <hello@villainsrule.xyz>
Date: Fri, 14 Feb 2025 18:20:22 -0500
Subject: [PATCH] add antibot infrastructure

---
 .gitignore                                  | 3 +++
 index.js                                    | 6 ++++++
 server/moderation/using-antibot.js          | 5 +++++
 server/multiplayer/handle-wss-connection.js | 8 +++++++-
 4 files changed, 21 insertions(+), 1 deletion(-)
 create mode 100644 server/moderation/using-antibot.js

diff --git a/.gitignore b/.gitignore
index c7b776a9..781cff22 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,7 @@
+antibot
+
 node_modules
+bun.lock
 
 **/.DS_store
 .env
diff --git a/index.js b/index.js
index 86077054..495cd71a 100644
--- a/index.js
+++ b/index.js
@@ -1,6 +1,7 @@
 import 'dotenv/config';
 
 import { ipFilterMiddleware, ipFilterError } from './server/moderation/ip-filter.js';
+import { isUsingAntibot } from './server/moderation/using-antibot.js';
 import { WEBSOCKET_MAX_PAYLOAD, COOKIE_MAX_AGE } from './constants.js';
 import indexRouter from './routes/index.js';
 import webhookRouter from './routes/api/webhook.js';
@@ -44,6 +45,11 @@ app.use(cookieSession({
 app.use(ipFilterMiddleware);
 app.use(ipFilterError);
 
+if (isUsingAntibot) {
+    const { default: antibot } = await import('./server/antibot/middleware.js');
+    app.use(antibot);
+}
+
 wss.on('connection', handleWssConnection);
 
 app.use(indexRouter);
diff --git a/server/moderation/using-antibot.js b/server/moderation/using-antibot.js
new file mode 100644
index 00000000..db7c5264
--- /dev/null
+++ b/server/moderation/using-antibot.js
@@ -0,0 +1,5 @@
+import fs from 'fs';
+import path from 'path';
+
+const isUsingAntibot = fs.existsSync(path.join(import.meta.dirname, '..', 'antibot'));
+export { isUsingAntibot };
\ No newline at end of file
diff --git a/server/multiplayer/handle-wss-connection.js b/server/multiplayer/handle-wss-connection.js
index e68cc441..acd735d0 100644
--- a/server/multiplayer/handle-wss-connection.js
+++ b/server/multiplayer/handle-wss-connection.js
@@ -4,6 +4,7 @@ import { checkToken } from '../authentication.js';
 import getRandomName from '../../quizbowl/get-random-name.js';
 import hasValidCharacters from '../moderation/has-valid-characters.js';
 import isAppropriateString from '../moderation/is-appropriate-string.js';
+import { isUsingAntibot } from '../moderation/using-antibot.js';
 
 import createDOMPurify from 'dompurify';
 import { JSDOM } from 'jsdom';
@@ -45,7 +46,12 @@ function createAndReturnRoom (roomName, userId, isPrivate = false, isControlled
  * @param {WebSocket} ws
  * @param {http.IncomingMessage} req
  */
-export default function handleWssConnection (ws, req) {
+export default async function handleWssConnection (ws, req) {
+  if (isUsingAntibot) {
+    let clearance = (await import('../antibot/check.js')).canConnectTo(ws, req);
+    if (!clearance) return ws.close();
+  }
+
   const parsedUrl = new url.URL(req.url, process.env.BASE_URL ?? 'http://localhost');
   const isPrivate = parsedUrl.searchParams.get('private') === 'true';
   const isControlled = parsedUrl.searchParams.get('controlled') === 'true';