diff options
author | John Olheiser <john.olheiser@gmail.com> | 2020-10-02 22:37:53 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-10-02 23:37:53 -0400 |
commit | 72636fd6642fcae6e7447dd499cb097c5c65ab32 (patch) | |
tree | 2138dde0d4e1fc4d0d90943b34d50f40942fada3 /routers | |
parent | 5460bf89031a77ac9e0cde685c1bff00c29ee883 (diff) | |
download | gitea-72636fd6642fcae6e7447dd499cb097c5c65ab32.tar.gz gitea-72636fd6642fcae6e7447dd499cb097c5c65ab32.zip |
hCaptcha Support (#12594)
* Initial work on hCaptcha
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Use module
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Format
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* At least return and debug log a captcha error
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Pass context to hCaptcha
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Add context to recaptcha
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* fix lint
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Finish hcaptcha
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Update example config
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Apply error fix for recaptcha
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Change recaptcha ChallengeTS to string
Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: Andrew Thornton <art27@cantab.net>
Diffstat (limited to 'routers')
-rw-r--r-- | routers/user/auth.go | 19 | ||||
-rw-r--r-- | routers/user/auth_openid.go | 18 |
2 files changed, 32 insertions, 5 deletions
diff --git a/routers/user/auth.go b/routers/user/auth.go index 96a73c9dd4..32b031fc74 100644 --- a/routers/user/auth.go +++ b/routers/user/auth.go @@ -17,6 +17,7 @@ import ( "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/eventsource" + "code.gitea.io/gitea/modules/hcaptcha" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/password" "code.gitea.io/gitea/modules/recaptcha" @@ -896,15 +897,21 @@ func LinkAccountPostRegister(ctx *context.Context, cpt *captcha.Captcha, form au if setting.Service.EnableCaptcha && setting.Service.RequireExternalRegistrationCaptcha { var valid bool + var err error switch setting.Service.CaptchaType { case setting.ImageCaptcha: valid = cpt.VerifyReq(ctx.Req) case setting.ReCaptcha: - valid, _ = recaptcha.Verify(form.GRecaptchaResponse) + valid, err = recaptcha.Verify(ctx.Req.Context(), form.GRecaptchaResponse) + case setting.HCaptcha: + valid, err = hcaptcha.Verify(ctx.Req.Context(), form.HcaptchaResponse) default: ctx.ServerError("Unknown Captcha Type", fmt.Errorf("Unknown Captcha Type: %s", setting.Service.CaptchaType)) return } + if err != nil { + log.Debug("%s", err.Error()) + } if !valid { ctx.Data["Err_Captcha"] = true @@ -1040,6 +1047,7 @@ func SignUp(ctx *context.Context) { ctx.Data["RecaptchaURL"] = setting.Service.RecaptchaURL ctx.Data["CaptchaType"] = setting.Service.CaptchaType ctx.Data["RecaptchaSitekey"] = setting.Service.RecaptchaSitekey + ctx.Data["HcaptchaSitekey"] = setting.Service.HcaptchaSitekey ctx.Data["PageIsSignUp"] = true //Show Disabled Registration message if DisableRegistration or AllowOnlyExternalRegistration options are true @@ -1058,6 +1066,7 @@ func SignUpPost(ctx *context.Context, cpt *captcha.Captcha, form auth.RegisterFo ctx.Data["RecaptchaURL"] = setting.Service.RecaptchaURL ctx.Data["CaptchaType"] = setting.Service.CaptchaType ctx.Data["RecaptchaSitekey"] = setting.Service.RecaptchaSitekey + ctx.Data["HcaptchaSitekey"] = setting.Service.HcaptchaSitekey ctx.Data["PageIsSignUp"] = true //Permission denied if DisableRegistration or AllowOnlyExternalRegistration options are true @@ -1073,15 +1082,21 @@ func SignUpPost(ctx *context.Context, cpt *captcha.Captcha, form auth.RegisterFo if setting.Service.EnableCaptcha { var valid bool + var err error switch setting.Service.CaptchaType { case setting.ImageCaptcha: valid = cpt.VerifyReq(ctx.Req) case setting.ReCaptcha: - valid, _ = recaptcha.Verify(form.GRecaptchaResponse) + valid, err = recaptcha.Verify(ctx.Req.Context(), form.GRecaptchaResponse) + case setting.HCaptcha: + valid, err = hcaptcha.Verify(ctx.Req.Context(), form.HcaptchaResponse) default: ctx.ServerError("Unknown Captcha Type", fmt.Errorf("Unknown Captcha Type: %s", setting.Service.CaptchaType)) return } + if err != nil { + log.Debug("%s", err.Error()) + } if !valid { ctx.Data["Err_Captcha"] = true diff --git a/routers/user/auth_openid.go b/routers/user/auth_openid.go index ba2c8be8c2..39e75f202d 100644 --- a/routers/user/auth_openid.go +++ b/routers/user/auth_openid.go @@ -14,6 +14,7 @@ import ( "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/generate" + "code.gitea.io/gitea/modules/hcaptcha" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/recaptcha" "code.gitea.io/gitea/modules/setting" @@ -330,6 +331,7 @@ func RegisterOpenID(ctx *context.Context) { ctx.Data["EnableCaptcha"] = setting.Service.EnableCaptcha ctx.Data["CaptchaType"] = setting.Service.CaptchaType ctx.Data["RecaptchaSitekey"] = setting.Service.RecaptchaSitekey + ctx.Data["HcaptchaSitekey"] = setting.Service.HcaptchaSitekey ctx.Data["RecaptchaURL"] = setting.Service.RecaptchaURL ctx.Data["OpenID"] = oid userName, _ := ctx.Session.Get("openid_determined_username").(string) @@ -359,24 +361,34 @@ func RegisterOpenIDPost(ctx *context.Context, cpt *captcha.Captcha, form auth.Si ctx.Data["RecaptchaURL"] = setting.Service.RecaptchaURL ctx.Data["CaptchaType"] = setting.Service.CaptchaType ctx.Data["RecaptchaSitekey"] = setting.Service.RecaptchaSitekey + ctx.Data["HcaptchaSitekey"] = setting.Service.HcaptchaSitekey ctx.Data["OpenID"] = oid if setting.Service.EnableCaptcha { var valid bool + var err error switch setting.Service.CaptchaType { case setting.ImageCaptcha: valid = cpt.VerifyReq(ctx.Req) case setting.ReCaptcha: - err := ctx.Req.ParseForm() - if err != nil { + if err := ctx.Req.ParseForm(); err != nil { ctx.ServerError("", err) return } - valid, _ = recaptcha.Verify(form.GRecaptchaResponse) + valid, err = recaptcha.Verify(ctx.Req.Context(), form.GRecaptchaResponse) + case setting.HCaptcha: + if err := ctx.Req.ParseForm(); err != nil { + ctx.ServerError("", err) + return + } + valid, err = hcaptcha.Verify(ctx.Req.Context(), form.HcaptchaResponse) default: ctx.ServerError("Unknown Captcha Type", fmt.Errorf("Unknown Captcha Type: %s", setting.Service.CaptchaType)) return } + if err != nil { + log.Debug("%s", err.Error()) + } if !valid { ctx.Data["Err_Captcha"] = true |