GSoC 2021 with SCoRe Lab — Week 7
tl;dr — This is the eighth article of my journey into the Google Summer of Code 2021 with SCoRe Lab. Here I discuss week seven (5th of July to 11th of July) of my GSoC experience.
The first evaluation is nigh!
As the first evaluation is almost near, I was on a tight schedule since I needed to complete my first evaluation milestones. As for the first evaluation milestones, I had to complete all the supporting endpoints which are needed for DNSTool-Middleware-API[API-GATEWAY] to function properly. The supporting endpoints are as follows.
GET /zones/<query>
POST /register
POST /check-email
GET /gcp-zones/<query>
GET /scans
POST /scans
PATCH /scans/<id>
DELETE /scans/<id>After developing all these endpoints, now in DNSTool-Middleware-API[API-Gateway] a user can register in our system, create a new scan, list all the existing scans, update the scan status of a specific scan and they can also delete a specific scan from our database if they want.
As we discussed in our online meeting, one of the tasks I was assigned was protecting the POST /register endpoint. The big reason behind protecting the POST /register endpoint is that it needed human interaction. If someone knows the endpoint, then they can utilize a BOT 😁 to create fake accounts and this will overutilize the Google Authentication and this will be an issue for real human users. So my task was to allow only human users to create accounts in our system.
Google reCAPTCHA v3 comes to the rescue 🙏
Google reCAPTCHA is a free service that protects our resources from spam and abuse. It uses advanced risk analysis techniques to differentiate between humans and bots. You must have seen this reCAPTCHA prompt from time to time when visiting a website.
I know sometimes it is a real pain, but it is really important that we need to safeguard our resources from spam and abuse. Sometimes you might fail the reCAPTCHA check a few times and feel like this,
So anyway, the Google reCAPTCHA v3 removes all these hassles and it silently checks your interaction with the browser and checks whether if you are a real human user or a bot. You do not need to click on anything like those annoying fire extinguisher images or mind-bending images of traffic lights anymore 😁. The documentation of Google reCAPTCHA v3 is pretty cool and straightforward.
So after adding the Google reCAPTCHA v3 to our system, I submitted a PR,
and it got merged into the main repository.
So with this concluded my tasks before the evaluation one 😎. There is more to do with our DNSTool-Middleware-API system and I will be working on them in the coming weeks. Until we meet again, happy coding…
