From f24f3ceee4ab13ce394616c89f0b0db2788bdb10 Mon Sep 17 00:00:00 2001
From: Jack Case <jackacase@gmail.com>
Date: Sun, 9 Nov 2025 18:51:22 +0000
Subject: [PATCH] remove Base64Str type from altcha

This was decoding the string, which the altcha validator expects to do itself. Now it works.
---
 slopserver/models.py   |  4 ++--
 slopserver/server.py   | 11 ++---------
 slopserver/settings.py |  9 +++++++++
 3 files changed, 13 insertions(+), 11 deletions(-)
 create mode 100644 slopserver/settings.py

diff --git a/slopserver/models.py b/slopserver/models.py
index 9775d44..1ef0b81 100644
--- a/slopserver/models.py
+++ b/slopserver/models.py
@@ -8,7 +8,7 @@ from altcha import Payload as AltchaPayload, verify_solution
 
 from urllib.parse import urlparse, ParseResult
 
-from slopserver.server import settings
+from slopserver.settings import settings
 
 NAMING_CONVENTION = {
     "ix": "ix_%(column_0_label)s",
@@ -85,4 +85,4 @@ class SlopReport(BaseModel):
 class SignupForm(BaseModel):
     email: EmailStr
     password: SecretStr
-    altcha: Annotated[Base64Str, AfterValidator(altcha_validator)]
\ No newline at end of file
+    altcha: Annotated[str, AfterValidator(altcha_validator)]
\ No newline at end of file
diff --git a/slopserver/server.py b/slopserver/server.py
index 811e964..0933c93 100644
--- a/slopserver/server.py
+++ b/slopserver/server.py
@@ -17,7 +17,7 @@ from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
 from fastapi.middleware.cors import CORSMiddleware
 
 from pydantic import AfterValidator, Base64Str
-from pydantic_settings import BaseSettings
+
 
 from sqlalchemy import create_engine
 
@@ -29,7 +29,7 @@ import jwt
 
 from uuid import uuid4
 
-
+from slopserver.settings import settings
 from slopserver.models import Domain, Path, User
 from slopserver.models import SlopReport, SignupForm, altcha_validator
 from slopserver.db import select_slop, insert_slop, get_user, create_user
@@ -38,13 +38,6 @@ app = FastAPI()
 
 oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
 
-class ServerSettings(BaseSettings):
-    db_url: str = "sqlite+pysqlite:///test_db.sqlite"
-    token_secret: str = "5bcc778a96b090c3ac1d587bb694a060eaf7bdb5832365f91d5078faf1fff210"
-    altcha_secret: str = "0460de065912d0292df1e7422a5ed2dc362ed56d6bab64fe50b89957463061f3"
-
-settings = ServerSettings()
-
 
 DB_ENGINE = create_engine(settings.db_url)
 TOKEN_SECRET = settings.token_secret
diff --git a/slopserver/settings.py b/slopserver/settings.py
new file mode 100644
index 0000000..b4ffe71
--- /dev/null
+++ b/slopserver/settings.py
@@ -0,0 +1,9 @@
+from pydantic_settings import BaseSettings
+
+
+class ServerSettings(BaseSettings):
+    db_url: str = "sqlite+pysqlite:///test_db.sqlite"
+    token_secret: str = "5bcc778a96b090c3ac1d587bb694a060eaf7bdb5832365f91d5078faf1fff210"
+    altcha_secret: str = "0460de065912d0292df1e7422a5ed2dc362ed56d6bab64fe50b89957463061f3"
+
+settings = ServerSettings()