From 7eefcb8f8d604831708a63f0627f4e93e68a2f7e Mon Sep 17 00:00:00 2001
From: florian <contact@bunkerity.com>
Date: Mon, 24 Apr 2023 15:11:01 +0200
Subject: [PATCH] antibot - manage direct access to challenge page

---
 TODO                                |  2 --
 src/common/core/antibot/antibot.lua | 22 +++++++++++++++++++++-
 2 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/TODO b/TODO
index 0cacfd76..63994657 100644
--- a/TODO
+++ b/TODO
@@ -1,5 +1,3 @@
 - bwcli with redis
-- direct access to ANTIBOT_URI without prepare_challenge call
-- don't fail if session err is not nil (new session will be created)
 - stream refactoring
 - stream examples
diff --git a/src/common/core/antibot/antibot.lua b/src/common/core/antibot/antibot.lua
index 49afe2b9..d80932e7 100644
--- a/src/common/core/antibot/antibot.lua
+++ b/src/common/core/antibot/antibot.lua
@@ -45,6 +45,14 @@ function antibot:access()
 		return self:ret(true, "redirecting client to the challenge uri", nil, self.variables["ANTIBOT_URI"])
 	end
 
+	-- Direct access without session => prepare challenge
+	if not self:challenge_prepared() then
+		local ok, err = self:prepare_challenge()
+		if not ok then
+			return self:ret(false, "can't prepare challenge : " .. err, ngx.HTTP_INTERNAL_SERVER_ERROR)
+		end
+	end
+
 	-- Display challenge needed
 	if ngx.ctx.bw.request_method == "GET" then
 		ngx.ctx.bw.antibot_display_content = true
@@ -98,7 +106,7 @@ function antibot:challenge_resolved()
 	end
 	local ok, err, raw_data = utils.get_session_var("antibot")
 	if not raw_data then
-		return false, "session is set but no antibot data", nil
+		return false, "session is set but no antibot data"
 	end
 	local data = raw_data
 	if data.resolved and self.variables["USE_ANTIBOT"] == data.type then
@@ -107,6 +115,18 @@ function antibot:challenge_resolved()
 	return false, "challenge not resolved", data.original_uri
 end
 
+function antibot:challenge_prepared()
+	local session, err, exists, refreshed = utils.get_session()
+	if not exists then
+		return false
+	end
+	local ok, err, raw_data = utils.get_session_var("antibot")
+	if not raw_data then
+		return false
+	end
+	return self.variables["USE_ANTIBOT"] == raw_data.type
+end
+
 function antibot:prepare_challenge()
 	local session, err, exists, refreshed = utils.get_session()
 	local set_needed = false