@@ -27,12 +27,12 @@ A Spring Boot microservice that provides proof-of-work CAPTCHA challenges using
2727graph TB
2828 %% External Client
2929 Client
30-
30+
3131 %% External Services
3232 subgraph "External Services"
3333 PostgreSQL[(PostgreSQL<br/>Database)]
3434 end
35-
35+
3636 %% Main CaptchaService Application
3737 subgraph "CaptchaService Application"
3838
@@ -46,7 +46,7 @@ graph TB
4646 ChallengeEndpoint["**postChallenge()**<br/>Create CAPTCHA Challenge"]
4747 VerifyEndpoint["**postVerify()**<br/>Verify CAPTCHA Solution"]
4848 end
49-
49+
5050 %% Service Layer
5151 subgraph "Service Layer"
5252 CaptchaService["**CaptchaService**<br/>Core CAPTCHA Logic"]
@@ -55,63 +55,63 @@ graph TB
5555 SourceAddressService["**SourceAddressService**<br/>IP Address Validation"]
5656 ExpiredDataService["**ExpiredDataService**<br/>Cleanup Scheduler"]
5757 end
58-
58+
5959 %% Data Layer
6060 subgraph "Data Layer"
6161 CaptchaRequestRepo["**CaptchaRequestRepository**<br/>JPA Repository"]
6262 InvalidatedPayloadRepo["**InvalidatedPayloadRepository**<br/>JPA Repository"]
63-
63+
6464 subgraph "JPA Entities"
6565 CaptchaRequestEntity["**CaptchaRequest**<br/>Entity"]
6666 InvalidatedPayloadEntity["**InvalidatedPayload**<br/>Entity"]
6767 end
6868 end
69-
69+
7070 %% Properties/Configuration
7171 subgraph "Configuration Properties"
7272 CaptchaProperties["**CaptchaProperties**<br/>HMAC Key, Sites Config"]
7373 CaptchaSite["**CaptchaSite**<br/>Site-specific Settings"]
7474 DifficultyItem["**DifficultyItem**<br/>Difficulty Mappings"]
7575 end
7676 end
77-
77+
7878 %% Request Flow
7979 Client -->|POST /api/v1/challenge| ChallengeEndpoint
8080 Client -->|POST /api/v1/verify| VerifyEndpoint
8181 Client --> Monitoring
82-
82+
8383 %% Controller to Services
8484 ChallengeEndpoint --> CaptchaService
8585 VerifyEndpoint --> CaptchaService
8686 ChallengeEndpoint --> SiteAuthService
8787 VerifyEndpoint --> SiteAuthService
8888 ChallengeEndpoint --> SourceAddressService
89-
89+
9090 %% Service Interactions
9191 CaptchaService --> DifficultyService
9292 CaptchaService --> CaptchaRequestRepo
9393 CaptchaService --> InvalidatedPayloadRepo
9494 CaptchaService --> AltchaLib
95-
95+
9696 DifficultyService --> CaptchaRequestRepo
9797 ExpiredDataService -->|Scheduled Cleanup| CaptchaRequestRepo
9898 ExpiredDataService -->|Scheduled Cleanup| InvalidatedPayloadRepo
99-
99+
100100 %% Data Layer
101101 CaptchaRequestRepo --> CaptchaRequestEntity
102102 InvalidatedPayloadRepo --> InvalidatedPayloadEntity
103103 CaptchaRequestEntity -.->|JPA/Hibernate| PostgreSQL
104104 InvalidatedPayloadEntity -.->|JPA/Hibernate| PostgreSQL
105-
105+
106106 %% Configuration Dependencies
107107 CaptchaService -.->|Uses| CaptchaProperties
108108 SiteAuthService -.->|Uses| CaptchaProperties
109109 SourceAddressService -.->|Uses| CaptchaProperties
110110 DifficultyService -.->|Uses| CaptchaProperties
111-
111+
112112 %% Database Migration
113113 Flyway -.->|Schema Management| PostgreSQL
114-
114+
115115 class CaptchaService,DifficultyService,SiteAuthService,SourceAddressService,ExpiredDataService service
116116 class CaptchaRequestRepo,InvalidatedPayloadRepo,CaptchaRequestEntity,InvalidatedPayloadEntity data
117117 class PostgreSQL,Client external
@@ -139,24 +139,28 @@ graph TB
139139## Quick Start
140140
1411411 . ** Clone the repository**
142+
142143 ``` bash
143144 git clone https://github.com/it-at-m/captchaservice.git
144145 cd captchaservice
145146 ```
146147
1471482 . ** Start the development stack**
149+
148150 ``` bash
149151 cd stack
150152 docker compose up -d
151153 ```
152154
1531553 . ** Build and run the application**
156+
154157 ``` bash
155158 cd captchaservice-backend
156159 bash runLocal.sh
157160 ```
158161
1591624 . ** Verify the service is running**
163+
160164 ``` bash
161165 curl http://localhost:8080/actuator/health
162166 ```
@@ -165,39 +169,39 @@ graph TB
165169
166170### Environment Variables
167171
168- | Variable | Description | Default |
169- | ----------| -------------| ---------|
170- | ` SPRING_DATASOURCE_URL ` | PostgreSQL connection URL | ` jdbc:postgresql://localhost:5432/captchaservice ` |
171- | ` SPRING_DATASOURCE_USERNAME ` | Database username | - |
172- | ` SPRING_DATASOURCE_PASSWORD ` | Database password | - |
173- | ` CAPTCHA_HMAC_KEY ` | HMAC key for challenge signing | - |
174- | ` CAPTCHA_CAPTCHA_TIMEOUT_SECONDS ` | Challenge validity period | ` 300 ` |
175- | ` CAPTCHA_SOURCE_ADDRESS_WINDOW_SECONDS ` | Source address tracking window | ` 3600 ` |
172+ | Variable | Description | Default |
173+ | --------------------------------------- | ------------------------------ | ------------------------------------------------- |
174+ | ` SPRING_DATASOURCE_URL ` | PostgreSQL connection URL | ` jdbc:postgresql://localhost:5432/captchaservice ` |
175+ | ` SPRING_DATASOURCE_USERNAME ` | Database username | - |
176+ | ` SPRING_DATASOURCE_PASSWORD ` | Database password | - |
177+ | ` CAPTCHA_HMAC_KEY ` | HMAC key for challenge signing | - |
178+ | ` CAPTCHA_CAPTCHA_TIMEOUT_SECONDS ` | Challenge validity period | ` 300 ` |
179+ | ` CAPTCHA_SOURCE_ADDRESS_WINDOW_SECONDS ` | Source address tracking window | ` 3600 ` |
176180
177181### Site Configuration
178182
179183Configure multiple sites in your ` application.yml ` :
180184
181185``` yaml
182186captcha :
183- hmac-key : secret # HMAC key for signing challenges
184- captcha-timeout-seconds : 300 # How long a CAPTCHA challenge is valid
185- source-address-window-seconds : 3600 # How long a source address is stored
187+ hmac-key : secret # HMAC key for signing challenges
188+ captcha-timeout-seconds : 300 # How long a CAPTCHA challenge is valid
189+ source-address-window-seconds : 3600 # How long a source address is stored
186190 sites :
187- site1 : # Site key for site1
188- site-secret : " secret1" # Site secret for site1
189- max-verifies-per-payload : 1 # How many times a payload can be verified
191+ site1 : # Site key for site1
192+ site-secret : " secret1" # Site secret for site1
193+ max-verifies-per-payload : 1 # How many times a payload can be verified
190194 whitelisted_source-addresses :
191- - " 192.0.2.0/24" # Whitelisted IP address range
195+ - " 192.0.2.0/24" # Whitelisted IP address range
192196 site2 :
193197 site-secret : " secret2"
194198 whitelisted_source-addresses :
195- - " 192.0.2.0/24" # Whitelisted IP address range
199+ - " 192.0.2.0/24" # Whitelisted IP address range
196200 difficulty-map :
197- - min-visits : 1 # From the first visit on...
198- max-number : 1000 # ...the difficulty is 1000
199- - min-visits : 10 # From the 10th visit on...
200- max-number : 10000 # ...the difficulty is 10000
201+ - min-visits : 1 # From the first visit on...
202+ max-number : 1000 # ...the difficulty is 1000
203+ - min-visits : 10 # From the 10th visit on...
204+ max-number : 10000 # ...the difficulty is 10000
201205` ` `
202206
203207## API Documentation
@@ -209,6 +213,7 @@ captcha:
209213Creates a new CAPTCHA challenge for the specified site.
210214
211215**Request Body:**
216+
212217` ` ` json
213218{
214219 "siteKey": "site1",
@@ -218,6 +223,7 @@ Creates a new CAPTCHA challenge for the specified site.
218223` ` `
219224
220225**Response:**
226+
221227` ` ` json
222228{
223229 "algorithm": "SHA-256",
@@ -235,6 +241,7 @@ Creates a new CAPTCHA challenge for the specified site.
235241Verifies a CAPTCHA solution payload.
236242
237243**Request Body:**
244+
238245` ` ` json
239246{
240247 "siteKey": "site1",
@@ -251,6 +258,7 @@ Verifies a CAPTCHA solution payload.
251258` ` `
252259
253260**Response:**
261+
254262` ` ` json
255263{
256264 "valid": true
@@ -266,14 +274,16 @@ Verifies a CAPTCHA solution payload.
266274# ## Error Responses
267275
268276**401 Unauthorized** - Invalid site credentials
277+
269278` ` ` json
270279{
271280 "status": 401,
272- "error": "Authentication Error",
281+ "error": "Authentication Error"
273282}
274283` ` `
275284
276285**400 Bad Request** - Invalid request format
286+
277287` ` ` json
278288{
279289 "status": 400,
@@ -334,4 +344,4 @@ Distributed under the MIT License. See [LICENSE][license] file for more informat
334344
335345# # Contact
336346
337- 347+ 
0 commit comments