mirrors
/
gitea
kopia lustrzana https://github.com/go-gitea/gitea.git
Obserwuj 1
Gwiazdka 0
Forkuj 0
Kod Problemy 0 Wydania 212 Wiki Aktywność
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
12612 Commity
17 Gałęzie
Drzewo: c0ed869e0f
Gałęzie Tagi
${ item.name }
Utwórz gałąź ${ searchTerm }
z 'c0ed869e0f'
${ noResults }
gitea/modules/recaptcha/recaptcha.go

recaptcha.go 2.6KB
Czysty Blame Historia

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091 
  1. // Copyright 2018 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package recaptcha

  6. 

  7. import (

  8. 	"context"

  9. 	"fmt"

  10. 	"io"

  11. 	"net/http"

  12. 	"net/url"

  13. 	"strings"

  14. 

  15. 	"code.gitea.io/gitea/modules/json"

  16. 	"code.gitea.io/gitea/modules/setting"

  17. 	"code.gitea.io/gitea/modules/util"

  18. )

  19. 

  20. // Response is the structure of JSON returned from API

  21. type Response struct {

  22. 	Success     bool        `json:"success"`

  23. 	ChallengeTS string      `json:"challenge_ts"`

  24. 	Hostname    string      `json:"hostname"`

  25. 	ErrorCodes  []ErrorCode `json:"error-codes"`

  26. }

  27. 

  28. const apiURL = "api/siteverify"

  29. 

  30. // Verify calls Google Recaptcha API to verify token

  31. func Verify(ctx context.Context, response string) (bool, error) {

  32. 	post := url.Values{

  33. 		"secret":   {setting.Service.RecaptchaSecret},

  34. 		"response": {response},

  35. 	}

  36. 	// Basically a copy of http.PostForm, but with a context

  37. 	req, err := http.NewRequestWithContext(ctx, http.MethodPost,

  38. 		util.URLJoin(setting.Service.RecaptchaURL, apiURL), strings.NewReader(post.Encode()))

  39. 	if err != nil {

  40. 		return false, fmt.Errorf("Failed to create CAPTCHA request: %v", err)

  41. 	}

  42. 	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")

  43. 

  44. 	resp, err := http.DefaultClient.Do(req)

  45. 	if err != nil {

  46. 		return false, fmt.Errorf("Failed to send CAPTCHA response: %s", err)

  47. 	}

  48. 	defer resp.Body.Close()

  49. 	body, err := io.ReadAll(resp.Body)

  50. 	if err != nil {

  51. 		return false, fmt.Errorf("Failed to read CAPTCHA response: %s", err)

  52. 	}

  53. 

  54. 	var jsonResponse Response

  55. 	err = json.Unmarshal(body, &jsonResponse)

  56. 	if err != nil {

  57. 		return false, fmt.Errorf("Failed to parse CAPTCHA response: %s", err)

  58. 	}

  59. 	var respErr error

  60. 	if len(jsonResponse.ErrorCodes) > 0 {

  61. 		respErr = jsonResponse.ErrorCodes[0]

  62. 	}

  63. 	return jsonResponse.Success, respErr

  64. }

  65. 

  66. // ErrorCode is a reCaptcha error

  67. type ErrorCode string

  68. 

  69. // String fulfills the Stringer interface

  70. func (e ErrorCode) String() string {

  71. 	switch e {

  72. 	case "missing-input-secret":

  73. 		return "The secret parameter is missing."

  74. 	case "invalid-input-secret":

  75. 		return "The secret parameter is invalid or malformed."

  76. 	case "missing-input-response":

  77. 		return "The response parameter is missing."

  78. 	case "invalid-input-response":

  79. 		return "The response parameter is invalid or malformed."

  80. 	case "bad-request":

  81. 		return "The request is invalid or malformed."

  82. 	case "timeout-or-duplicate":

  83. 		return "The response is no longer valid: either is too old or has been used previously."

  84. 	}

  85. 	return string(e)

  86. }

  87. 

  88. // Error fulfills the error interface

  89. func (e ErrorCode) Error() string {

  90. 	return e.String()

  91. }