diff options
Diffstat (limited to 'api/src/routes')
| -rw-r--r-- | api/src/routes/auth/login.ts | 14 | ||||
| -rw-r--r-- | api/src/routes/auth/register.ts | 15 |
2 files changed, 22 insertions, 7 deletions
diff --git a/api/src/routes/auth/login.ts b/api/src/routes/auth/login.ts index a89721ea..cd373d9d 100644 --- a/api/src/routes/auth/login.ts +++ b/api/src/routes/auth/login.ts @@ -1,5 +1,5 @@ import { Request, Response, Router } from "express"; -import { route } from "@fosscord/api"; +import { route, getIpAdress, verifyCaptcha } from "@fosscord/api"; import bcrypt from "bcrypt"; import { Config, User, generateToken, adjustEmail, FieldErrors } from "@fosscord/util"; @@ -23,8 +23,8 @@ router.post("/", route({ body: "LoginSchema" }), async (req: Request, res: Respo const config = Config.get(); if (config.login.requireCaptcha && config.security.captcha.enabled) { + const { sitekey, service } = config.security.captcha; if (!captcha_key) { - const { sitekey, service } = config.security.captcha; return res.status(400).json({ captcha_key: ["captcha-required"], captcha_sitekey: sitekey, @@ -32,7 +32,15 @@ router.post("/", route({ body: "LoginSchema" }), async (req: Request, res: Respo }); } - // TODO: check captcha + const ip = getIpAdress(req); + const verify = await verifyCaptcha(captcha_key, ip); + if (!verify.success) { + return res.status(400).json({ + captcha_key: verify["error-codes"], + captcha_sitekey: sitekey, + captcha_service: service + }) + } } const user = await User.findOneOrFail({ diff --git a/api/src/routes/auth/register.ts b/api/src/routes/auth/register.ts index 94dd6502..98c8fd1b 100644 --- a/api/src/routes/auth/register.ts +++ b/api/src/routes/auth/register.ts @@ -1,6 +1,6 @@ import { Request, Response, Router } from "express"; -import { Config, generateToken, Invite, FieldErrors, User, adjustEmail, trimSpecial } from "@fosscord/util"; -import { route, getIpAdress, IPAnalysis, isProxy } from "@fosscord/api"; +import { Config, generateToken, Invite, FieldErrors, User, adjustEmail } from "@fosscord/util"; +import { route, getIpAdress, IPAnalysis, isProxy, verifyCaptcha } from "@fosscord/api"; import "missing-native-js-functions"; import bcrypt from "bcrypt"; import { HTTPError } from "lambert-server"; @@ -65,8 +65,8 @@ router.post("/", route({ body: "RegisterSchema" }), async (req: Request, res: Re } if (register.requireCaptcha && security.captcha.enabled) { + const { sitekey, service } = security.captcha; if (!body.captcha_key) { - const { sitekey, service } = security.captcha; return res?.status(400).json({ captcha_key: ["captcha-required"], captcha_sitekey: sitekey, @@ -74,7 +74,14 @@ router.post("/", route({ body: "RegisterSchema" }), async (req: Request, res: Re }); } - // TODO: check captcha + const verify = await verifyCaptcha(body.captcha_key, ip); + if (!verify.success) { + return res.status(400).json({ + captcha_key: verify["error-codes"], + captcha_sitekey: sitekey, + captcha_service: service + }) + } } if (!register.allowMultipleAccounts) { |