diff options
| author | Gusted <postmaster@gusted.xyz> | 2024-08-27 01:47:10 +0200 |
|---|---|---|
| committer | Gusted <postmaster@gusted.xyz> | 2024-08-27 21:28:16 +0200 |
| commit | 0404662e99bbd7779f400108c490e619843ce569 (patch) | |
| tree | d7749c4311fb57a184c17a980decef1cd60d2f7f /services/context | |
| parent | Merge pull request '[FIX] Don't allow SSH authentication without ssh executab... (diff) | |
| download | forgejo-0404662e99bbd7779f400108c490e619843ce569.tar.xz forgejo-0404662e99bbd7779f400108c490e619843ce569.zip | |
[CHORE] Move captcha library
- This is a fork of https://github.com/dchest/captcha, as
https://gitea.com/go-chi/captcha is a fork of
github.com/go-macaron/captcha which is a fork (although not properly
credited) of a older version of https://github.com/dchest/captcha. Hence
why I've just forked the original.
- The fork includes some QoL improvements (uses standard library for
determistic RNG instead of rolling your own crypto), and removal of
audio support (500KiB unused data that bloated the binary otherwise).
Flips the image over the x-asis.
https://code.forgejo.org/go-chi/captcha/compare/47270f2b55862b38f9f65f615b53c1e04e814ef0..main
- This move is needed for the next commit, because
gitea.com/go-chi/captcha included the gitea.com/go-chi/cache dependency.
Diffstat (limited to 'services/context')
| -rw-r--r-- | services/context/captcha.go | 45 |
1 files changed, 35 insertions, 10 deletions
diff --git a/services/context/captcha.go b/services/context/captcha.go index fa8d779f56..8d302dbf87 100644 --- a/services/context/captcha.go +++ b/services/context/captcha.go @@ -15,24 +15,47 @@ import ( "code.gitea.io/gitea/modules/recaptcha" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/turnstile" + mc "gitea.com/go-chi/cache" - "gitea.com/go-chi/captcha" + "code.forgejo.org/go-chi/captcha" ) var ( imageCaptchaOnce sync.Once - cpt *captcha.Captcha + imageCachePrefix = "captcha:" ) -// GetImageCaptcha returns global image captcha -func GetImageCaptcha() *captcha.Captcha { +type imageCaptchaStore struct { + c mc.Cache +} + +func (c *imageCaptchaStore) Set(id string, digits []byte) { + if err := c.c.Put(imageCachePrefix+id, string(digits), int64(captcha.Expiration.Seconds())); err != nil { + log.Error("Couldn't store captcha cache for %q: %v", id, err) + } +} + +func (c *imageCaptchaStore) Get(id string, clear bool) (digits []byte) { + val, ok := c.c.Get(imageCachePrefix + id).(string) + if !ok { + return digits + } + + if clear { + if err := c.c.Delete(imageCachePrefix + id); err != nil { + log.Error("Couldn't delete captcha cache for %q: %v", id, err) + } + } + + return []byte(val) +} + +// GetImageCaptcha returns image captcha ID. +func GetImageCaptcha() string { imageCaptchaOnce.Do(func() { - cpt = captcha.NewCaptcha(captcha.Options{ - SubURL: setting.AppSubURL, - }) - cpt.Store = cache.GetCache() + captcha.SetCustomStore(&imageCaptchaStore{c: cache.GetCache()}) }) - return cpt + return captcha.New() } // SetCaptchaData sets common captcha data @@ -52,6 +75,8 @@ func SetCaptchaData(ctx *Context) { } const ( + imgCaptchaIDField = "img-captcha-id" + imgCaptchaResponseField = "img-captcha-response" gRecaptchaResponseField = "g-recaptcha-response" hCaptchaResponseField = "h-captcha-response" mCaptchaResponseField = "m-captcha-response" @@ -69,7 +94,7 @@ func VerifyCaptcha(ctx *Context, tpl base.TplName, form any) { var err error switch setting.Service.CaptchaType { case setting.ImageCaptcha: - valid = GetImageCaptcha().VerifyReq(ctx.Req) + valid = captcha.VerifyString(ctx.Req.Form.Get(imgCaptchaIDField), ctx.Req.Form.Get(imgCaptchaResponseField)) case setting.ReCaptcha: valid, err = recaptcha.Verify(ctx, ctx.Req.Form.Get(gRecaptchaResponseField)) case setting.HCaptcha: |