mirror of
https://github.com/go-gitea/gitea.git
synced 2026-05-06 04:01:05 +09:00
3d838ef96a
After the Webpack-to-Vite migration (#37002), mCaptcha stopped working entirely on the registration page, throwing an error: `TypeError: setting getter-only property "INPUT_NAME"` This fix stops trying to mutate the read-only INPUT_NAME export. Instead it probes for the Widget constructor at module.default (direct) or module.default.default (CJS-wrapped), constructs the widget, and then renames the hidden input element it creates to m-captcha-response which is the field name Gitea's backend reads from the submitted form. Generative AI was used to help with making this PR. --------- Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Giteabot <teabot@gitea.io>
88 lines
2.6 KiB
Go
88 lines
2.6 KiB
Go
// Copyright 2020 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package context
|
|
|
|
import (
|
|
"fmt"
|
|
"image/color"
|
|
"sync"
|
|
|
|
"code.gitea.io/gitea/modules/cache"
|
|
"code.gitea.io/gitea/modules/hcaptcha"
|
|
"code.gitea.io/gitea/modules/log"
|
|
"code.gitea.io/gitea/modules/mcaptcha"
|
|
"code.gitea.io/gitea/modules/recaptcha"
|
|
"code.gitea.io/gitea/modules/setting"
|
|
"code.gitea.io/gitea/modules/templates"
|
|
"code.gitea.io/gitea/modules/turnstile"
|
|
|
|
"gitea.com/go-chi/captcha"
|
|
)
|
|
|
|
var (
|
|
imageCaptchaOnce sync.Once
|
|
cpt *captcha.Captcha
|
|
)
|
|
|
|
// GetImageCaptcha returns global image captcha
|
|
func GetImageCaptcha() *captcha.Captcha {
|
|
imageCaptchaOnce.Do(func() {
|
|
cpt = captcha.NewCaptcha(captcha.Options{
|
|
SubURL: setting.AppSubURL,
|
|
// Use a color palette with high contrast colors suitable for both light and dark modes
|
|
// These colors provide good visibility and readability in both themes
|
|
ColorPalette: color.Palette{
|
|
color.RGBA{R: 234, G: 67, B: 53, A: 255}, // Bright red
|
|
color.RGBA{R: 66, G: 133, B: 244, A: 255}, // Medium blue
|
|
color.RGBA{R: 52, G: 168, B: 83, A: 255}, // Green
|
|
color.RGBA{R: 251, G: 188, B: 5, A: 255}, // Yellow/gold
|
|
color.RGBA{R: 171, G: 71, B: 188, A: 255}, // Purple
|
|
},
|
|
})
|
|
cpt.Store = cache.GetCache().ChiCache()
|
|
})
|
|
return cpt
|
|
}
|
|
|
|
const (
|
|
gRecaptchaResponseField = "g-recaptcha-response"
|
|
hCaptchaResponseField = "h-captcha-response"
|
|
mCaptchaResponseField = "mcaptcha__token" // this form key is hard-coded in the mcaptcha frontend library
|
|
cfTurnstileResponseField = "cf-turnstile-response"
|
|
)
|
|
|
|
// VerifyCaptcha verifies Captcha data
|
|
// No-op if captchas are not enabled
|
|
func VerifyCaptcha(ctx *Context, tpl templates.TplName, form any) {
|
|
if !setting.Service.EnableCaptcha {
|
|
return
|
|
}
|
|
|
|
var valid bool
|
|
var err error
|
|
switch setting.Service.CaptchaType {
|
|
case setting.ImageCaptcha:
|
|
valid = GetImageCaptcha().VerifyReq(ctx.Req)
|
|
case setting.ReCaptcha:
|
|
valid, err = recaptcha.Verify(ctx, ctx.Req.Form.Get(gRecaptchaResponseField))
|
|
case setting.HCaptcha:
|
|
valid, err = hcaptcha.Verify(ctx, ctx.Req.Form.Get(hCaptchaResponseField))
|
|
case setting.MCaptcha:
|
|
valid, err = mcaptcha.Verify(ctx, ctx.Req.Form.Get(mCaptchaResponseField))
|
|
case setting.CfTurnstile:
|
|
valid, err = turnstile.Verify(ctx, ctx.Req.Form.Get(cfTurnstileResponseField))
|
|
default:
|
|
ctx.ServerError("Unknown Captcha Type", fmt.Errorf("unknown Captcha Type: %s", setting.Service.CaptchaType))
|
|
return
|
|
}
|
|
if err != nil {
|
|
log.Debug("Captcha Verify failed: %v", err)
|
|
}
|
|
|
|
if !valid {
|
|
ctx.Data["Err_Captcha"] = true
|
|
ctx.RenderWithErrDeprecated(ctx.Tr("form.captcha_incorrect"), tpl, form)
|
|
}
|
|
}
|