mirror of
				https://github.com/go-gitea/gitea.git
				synced 2025-10-27 00:23:41 +09:00 
			
		
		
		
	Add option to enable CAPTCHA validation for login (#21638)
Enable this to require captcha validation for user login. You also must enable `ENABLE_CAPTCHA`. Summary: - Consolidate CAPTCHA template - add CAPTCHA handle and context - add `REQUIRE_CAPTCHA_FOR_LOGIN` config and docs - Consolidate CAPTCHA set-up and verification code Partially resolved #6049 Signed-off-by: Xinyu Zhou <i@sourcehut.net> Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Andrew Thornton <art27@cantab.net>
This commit is contained in:
		| @@ -5,9 +5,15 @@ | ||||
| package context | ||||
|  | ||||
| import ( | ||||
| 	"fmt" | ||||
| 	"sync" | ||||
|  | ||||
| 	"code.gitea.io/gitea/modules/base" | ||||
| 	"code.gitea.io/gitea/modules/cache" | ||||
| 	"code.gitea.io/gitea/modules/hcaptcha" | ||||
| 	"code.gitea.io/gitea/modules/log" | ||||
| 	"code.gitea.io/gitea/modules/mcaptcha" | ||||
| 	"code.gitea.io/gitea/modules/recaptcha" | ||||
| 	"code.gitea.io/gitea/modules/setting" | ||||
|  | ||||
| 	"gitea.com/go-chi/captcha" | ||||
| @@ -28,3 +34,56 @@ func GetImageCaptcha() *captcha.Captcha { | ||||
| 	}) | ||||
| 	return cpt | ||||
| } | ||||
|  | ||||
| // SetCaptchaData sets common captcha data | ||||
| func SetCaptchaData(ctx *Context) { | ||||
| 	if !setting.Service.EnableCaptcha { | ||||
| 		return | ||||
| 	} | ||||
| 	ctx.Data["EnableCaptcha"] = setting.Service.EnableCaptcha | ||||
| 	ctx.Data["RecaptchaURL"] = setting.Service.RecaptchaURL | ||||
| 	ctx.Data["Captcha"] = GetImageCaptcha() | ||||
| 	ctx.Data["CaptchaType"] = setting.Service.CaptchaType | ||||
| 	ctx.Data["RecaptchaSitekey"] = setting.Service.RecaptchaSitekey | ||||
| 	ctx.Data["HcaptchaSitekey"] = setting.Service.HcaptchaSitekey | ||||
| 	ctx.Data["McaptchaSitekey"] = setting.Service.McaptchaSitekey | ||||
| 	ctx.Data["McaptchaURL"] = setting.Service.McaptchaURL | ||||
| } | ||||
|  | ||||
| const ( | ||||
| 	gRecaptchaResponseField = "g-recaptcha-response" | ||||
| 	hCaptchaResponseField   = "h-captcha-response" | ||||
| 	mCaptchaResponseField   = "m-captcha-response" | ||||
| ) | ||||
|  | ||||
| // VerifyCaptcha verifies Captcha data | ||||
| // No-op if captchas are not enabled | ||||
| func VerifyCaptcha(ctx *Context, tpl base.TplName, form interface{}) { | ||||
| 	if !setting.Service.EnableCaptcha { | ||||
| 		return | ||||
| 	} | ||||
|  | ||||
| 	var valid bool | ||||
| 	var err error | ||||
| 	switch setting.Service.CaptchaType { | ||||
| 	case setting.ImageCaptcha: | ||||
| 		valid = GetImageCaptcha().VerifyReq(ctx.Req) | ||||
| 	case setting.ReCaptcha: | ||||
| 		valid, err = recaptcha.Verify(ctx, ctx.Req.Form.Get(gRecaptchaResponseField)) | ||||
| 	case setting.HCaptcha: | ||||
| 		valid, err = hcaptcha.Verify(ctx, ctx.Req.Form.Get(hCaptchaResponseField)) | ||||
| 	case setting.MCaptcha: | ||||
| 		valid, err = mcaptcha.Verify(ctx, ctx.Req.Form.Get(mCaptchaResponseField)) | ||||
| 	default: | ||||
| 		ctx.ServerError("Unknown Captcha Type", fmt.Errorf("Unknown Captcha Type: %s", setting.Service.CaptchaType)) | ||||
| 		return | ||||
| 	} | ||||
| 	if err != nil { | ||||
| 		log.Debug("%v", err) | ||||
| 	} | ||||
|  | ||||
| 	if !valid { | ||||
| 		ctx.Data["Err_Captcha"] = true | ||||
| 		ctx.RenderWithErr(ctx.Tr("form.captcha_incorrect"), tpl, form) | ||||
| 	} | ||||
| } | ||||
|   | ||||
		Reference in New Issue
	
	Block a user