hCaptcha Support (#12594)

* Initial work on hCaptcha

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Use module

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Format

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* At least return and debug log a captcha error

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Pass context to hCaptcha

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add context to recaptcha

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* fix lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Finish hcaptcha

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Update example config

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Apply error fix for recaptcha

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Change recaptcha ChallengeTS to string

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: Andrew Thornton <art27@cantab.net>

1 files changed, 34 insertions, 0 deletions

diff --git a/modules/hcaptcha/hcaptcha.go b/modules/hcaptcha/hcaptcha.go
new file mode 100644
index 0000000000..95fe2dd1c3
--- /dev/null
+++ b/modules/hcaptcha/hcaptcha.go
@@ -0,0 +1,34 @@
+// Copyright 2020 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package hcaptcha
+
+import (
+	"context"
+
+	"code.gitea.io/gitea/modules/setting"
+
+	"go.jolheiser.com/hcaptcha"
+)
+
+// Verify calls hCaptcha API to verify token
+func Verify(ctx context.Context, response string) (bool, error) {
+	client, err := hcaptcha.New(setting.Service.HcaptchaSecret, hcaptcha.WithContext(ctx))
+	if err != nil {
+		return false, err
+	}
+
+	resp, err := client.Verify(response, hcaptcha.PostOptions{
+		Sitekey: setting.Service.HcaptchaSitekey,
+	})
+	if err != nil {
+		return false, err
+	}
+
+	var respErr error
+	if len(resp.ErrorCodes) > 0 {
+		respErr = resp.ErrorCodes[0]
+	}
+	return resp.Success, respErr
+}