Below you will find pages that utilize the taxonomy term “C”

April 10, 2025

Piece 2: Signup System(Login 3)

Piece 2: Signup System(Login 3)

Link : github source code

Components

  • HAProxy: Acts as the reverse proxy, listening on “/signup” and forwarding requests to the .c2 backend.
  • .c2 Backend: A separate C-based backend (distinct from the .c login backend) handling signup logic.
  • Redis: Stores signup tracking (select 5) and user data (select 0).

Target

  • Allow users to self-sign up for an account with privacy as the highest priority, assigning them level 0 and a 30-day TTL, while preventing bot abuse and ensuring unique usernames.

Requirements (Your Inputs)

  1. Endpoint: HAProxy listens on “/signup”, accessible to anyone for self-signup.
  2. Backend: Requests are redirected to .c2 (you labeled it .c2 to distinguish it from the login .c backend).
  3. IP Limiting: Track user/ip in Redis “select 5” with a TTL of 3600s. If an IP has successfully signed up within 3600s, redirect to an HTML page saying “Your IP has already registered. Multi-register is not allowed.”
  4. Username Rules: Allow signup if the username:
    • Starts with a-zA-Z.
    • Contains only a-zA-Z0-9.
    • Is more than 8 characters.
    • Doesn’t already exist.
    • Return a generic “signup failed” error for any failure (no specific reasons like “username exists”).
  5. New User Settings: Set TTL to 30 days and level to 0 (no extra privileges).
  6. Storage: Save new users to “select 0” (you confirmed this as the user database).
  7. Privacy: No email or phone verification—users re-sign up if they lose passwords.
  8. Atomicity: Lock username insertion to prevent simultaneous duplicates (you agreed it’s unlikely but worth doing).
  9. IP Blocking Logic: 1 signup per IP in 3600s isn’t strict—users should wait if they need another account.
  10. CAPTCHA: No Google CAPTCHA; add a self-hosted CAPTCHA replacement for bot protection (you requested this for signup, login, and admin).
  11. TTL Expiry: If a new user’s TTL (30 days) expires, delete the account completely, allowing username reuse.
  12. Username as Key: Use username as the key in Redis (e.g., for GET/SET or HGET/HSET).

Conceptual Solutions (My Suggestions Integrated with Your Decisions)

  1. Flow:

read more
April 7, 2025

C code for CAPTCHA (Login 3)

C code for CAPTCHA (Login 3)

Building a Self-Hosted CAPTCHA System with HAProxy

After preparing the HAProxy server and the authentication Lua verification script, I needed to develop a PNG generator and user authentication mechanism to complete my self-hosted CAPTCHA server. I decided to use C for the core functionality due to its performance and control over system resources..

captcha_example01.png

captcha_example02.png

captcha_example03.png

The Authentication Flow

My authentication logic follows these key steps:

read more
April 1, 2025

Time is Basic Elements to ALL

Because of we need to sync the timer of linux server.. The system provided service is too active to try to connect unknow server, so, write a C prog to do it..

1
2
3
4
5
6

void print_usage(const char *program_name) {
    printf("Usage: %s [OPTIONS]\n", program_name);
    printf("Options:\n");
    printf("  -d, --debug    Enable debug output\n");
    printf("  -h, --help     Display this help message\n");
}

You can use ‘-h/–help’ to print the help info.

read more