Welcome
This repository contains the source code of a simple API built using FastAPI framework.
Warning
This API is not built to be a token logger, or anything such as that, this was built on the purpose for programs and applications, such as discord bots to warn users, if they have accidently leaked their discord bot token in the images they sent. This is a somewhat common case that happens in discord servers related to programming and programming help.
Installation
There are currently two ways to install:
Use pip package manager to install the libraries from requirements.txt file.
pip install -r requirements.txt
If you have Poetry package manager installed, you can install the dependencies using
the following command.
poetry install
As we have included a pyproject.toml file, poetry will automatically install the dependencies from the file.
How does this API work?
This API is based on Tesseract OCR library, an open source OCR engine that can extract text from images.
This API works in three main steps:
Token detection and validation
The above image shows the details about different components of a discord bot token.
A token is mainly composed of 3 components:
All the above components are encoded in base64 encryption and is seperated by a . character.
The API uses a regex to find the token in the text, if a match is found, the token goes through a validation process.
The validation process is composed of the following steps:
If the token passes all the above condition, it is deemed as a valid discord bot token, and the API returns the token and information about the token.
If the token fails any of the above condition, the token is deemed as invalid.
However, this validation process in itself is flawed due to the nature of discord bots, there is no way to know if the token is valid or invalid without actually running the bot token through Discord API, but that poses a security risk and no one will want that.
If you pass a valid token like string which is actually not valid but just a string that looks like a valid token, it will still be deemed as valid.
Tesseract
Tesseract is an open source and powerful OCR engine developed by Google that is used to process images and extract text from them.
Installation of Tesseract is pretty easy on linux, you can install it by running the following command:
sudo apt-get install tesseract-ocr
sudo apt-get install libtesseract-dev
The above command will install Tesseract OCR engine and the command-line program to interface with it.
Tesseract can be directly used by a terminal as Tesseract originally is a CLI based library. After installing the engine, we have to install tesseract language data a.k.a tessdata.
sudo apt-get install tesseract-ocr-eng
This will install the English language data (tessdata) for Tesseract. You can install other languages by running the following command:
sudo apt-get install tesseract-ocr-<language>
To know more about Tesseract and how it works, you can visit the following link:
Tesseract Documentation
Endpoints
There are currently three main endpoints:
1.) /token/image/url - This endpoint will detect a discord token in an image, and return the token if it is valid.
2.) /token/text/string - This endpoint will detect a discord token in a string, and return the token if it is valid.
3.) /ocr/text/string - This endpoint will read an image from the provided url and return the text that was detected.
All these endpoints are POST requests, and you need to pass the data to its respective request body.
Visit /docs for detailed information on these endpoints and the API itself.
API Configuration
You can configure the app by using the file called config.yml in the config directory.
You need to pass the host, port for uvicorn to run the server.
Settings:
host: "127.0.0.1"
port: 7000
preview: "true" # Preview mode opens a ngrok tunnel that portforwards the localhost address and port, so that the world can see it. Although, please don't use this in production
Redis:
address: "Your Redis Address"
port: 0000 # Your Redis Port
database: 0 # Your Redis Database
username: "..." # Your Redis Username, if ACL is enabled. Required.
password: "..." # Your Redis Password, if ACL is enabled. Required.
Preview Mode
It is a special mode that will open a ngrok tunnel that will portforward the localhost address and port, so it can be accessed from anywhere.
You will need to have ngrok installed on your machine, with ngrok properly setup.
Visit ngrok to install ngrok and for more information on how to set up ngrok.
Note
This project is still in development, and the API is decently accurate, however, it still needs improvements. You can run the API in preview mode if you want to test it.
This Readme will be updated as the project progresses.
This API has only been tested on linux (Pop!_OS) so it is not guaranteed to work on other operating systems.
Docker support will be added in the future, which will eliminate the above issue.
Credits
Well, this project is entirely free and Open Source, if you want, you can certainly use it in your own projects.
If you like this project, you can add a GitHub star to show your appreciation, and you can credit me in your project.
Thanks :)
Have a nice day!