package protection;

use nginx;
use String::Util 'trim';
use MIME::Base64;
use Digest::SHA1 qw(sha1_hex);

my $_constant = "editme";

sub protect {
	my $_request = shift;
	my $_success = 0;
	my @cookie = split(";", lc $_request->header_in("Cookie"));
	for my $_a (@cookie) {
		@_a = split("=", trim($_a));
		if($_a[0] == "indexhm-ddos"){
			my @_data = split("-", $_a[1]);
			
			$_secret = $_constant . $_request->remote_addr;
			$_answer = sha1_hex($_data[0] . $_data[2]);
			if(sha1_hex($_secret . $_data[0]) == $_data[1] && substr($_answer, 0, 4) == "0000"){
				$_success = 1;
			}
		}
	}
	return $_success;
}
sub token {
	my $_request = shift;
	my @_chars = ("a".."z", "0" .. "9");
	my $_string;
	$_string .= $_chars[rand @_chars] for 1..16;
	return $_string . "-" . sha1_hex($_constant . $_request->remote_addr . $_string);
}
1;