Loading appinfo/routes.php +0 −1 Original line number Diff line number Diff line Loading @@ -30,7 +30,6 @@ return ['routes' => [ ['name' => 'account#create', 'url' => '/accounts/create', 'verb' => 'POST'], ['name' => 'account#captcha', 'url' => '/accounts/captcha', 'verb' => 'GET'], ['name' => 'account#verify_captcha', 'url' => '/accounts/verify_captcha', 'verb' => 'POST'], ['name' => 'account#verify_hcaptcha', 'url' => '/accounts/verify_hcaptcha', 'verb' => 'POST'], ['name' => 'account#check_username_available', 'url' => '/accounts/check_username_available', 'verb' => 'POST'], ]]; lib/Controller/AccountController.php +21 −39 Original line number Diff line number Diff line Loading @@ -288,62 +288,44 @@ class AccountController extends Controller { * @PublicPage * @NoCSRFRequired * * @param string $captchaInput The user-provided human verification input. * @param string $token The user-provided human verification input. * @param string $bypassToken Token to bypass captcha for automation testing * * @return \OCP\AppFramework\Http\DataResponse */ public function verifyCaptcha(string $captchaInput = '', string $bypassToken = '') : DataResponse { public function verifyCaptcha(string $userToken = '', string $bypassToken = '') : DataResponse { $response = new DataResponse(); if ($this->getCaptchaProvider() !== self::DEFAULT_CAPTCHA_PROVIDER) { $response->setStatus(400); return $response; } $captchaToken = $this->config->getSystemValue('bypass_captcha_token', ''); // Initialize the default status to 400 (Bad Request) $response->setStatus(400); // Check if the input matches the bypass token or the stored captcha result $captchaResult = (string) $this->session->get(CaptchaService::CAPTCHA_RESULT_KEY, ''); if ((!empty($captchaToken) && $bypassToken === $captchaToken) || (!empty($captchaResult) && $captchaInput === $captchaResult)) { // Check if the input matches the bypass token $bypassTokenInConfig = $this->config->getSystemValue('bypass_captcha_token', ''); if ((!empty($bypassTokenInConfig) && $bypassToken === $bypassTokenInConfig)) { $this->session->set(self::CAPTCHA_VERIFIED_CHECK, true); $response->setStatus(200); } $this->session->remove(CaptchaService::CAPTCHA_RESULT_KEY); return $response; } /** * Verify against hCaptcha Service * * @NoAdminRequired * @PublicPage * @NoCSRFRequired * * @param string $captchaInput The user-provided human verification input. * * @return \OCP\AppFramework\Http\DataResponse */ public function verifyHcaptcha(string $token = '', string $bypassToken = '') : DataResponse { $response = new DataResponse(); if ($this->getCaptchaProvider() !== self::HCAPTCHA_PROVIDER) { $response->setStatus(400); return $response; } $captchaProvider = $this->getCaptchaProvider(); $captchaToken = $this->config->getSystemValue('bypass_captcha_token', ''); // Initialize the default status to 400 (Bad Request) $response->setStatus(400); // Check if the input matches the bypass token if ((!empty($captchaToken) && $bypassToken === $captchaToken) || $this->hCaptchaService->verify($token)) { // Check for default captcha provider if ($captchaProvider === self::DEFAULT_CAPTCHA_PROVIDER && $this->verifyImageCaptcha($userToken)) { $this->session->set(self::CAPTCHA_VERIFIED_CHECK, true); $this->session->remove(CaptchaService::CAPTCHA_RESULT_KEY); $response->setStatus(200); } // Check for hcaptcha provider if ($captchaProvider === self::HCAPTCHA_PROVIDER && $this->hCaptchaService->verify($userToken)) { $this->session->set(self::CAPTCHA_VERIFIED_CHECK, true); $response->setStatus(200); } return $response; } private function verifyImageCaptcha(string $captchaInput = '') : bool { $captchaResult = (string) $this->session->get(CaptchaService::CAPTCHA_RESULT_KEY, ''); return (!empty($captchaResult) && $captchaInput === $captchaResult); } private function getCaptchaProvider() : string { $captchaProvider = $this->config->getSystemValue('ecloud-accounts.captcha_provider', self::DEFAULT_CAPTCHA); Loading src/signup/CaptchaForm.vue +1 −1 Original line number Diff line number Diff line Loading @@ -88,7 +88,7 @@ export default { const urlParams = new URLSearchParams(window.location.search) const bypassToken = urlParams.get('bypassToken') const data = { captchaInput: this.formData.captchaInput, userToken: this.formData.captchaInput, bypassToken: bypassToken || null, } const url = generateUrl(`/apps/${this.appName}/accounts/verify_captcha`) Loading src/signup/HCaptchaForm.vue +2 −2 Original line number Diff line number Diff line Loading @@ -28,8 +28,8 @@ export default { }, methods: { async onVerify(token, ekey) { const url = generateUrl(`/apps/${APPLICATION_NAME}/accounts/verify_hcaptcha`) await Axios.post(url, { token, ekey }) const url = generateUrl(`/apps/${APPLICATION_NAME}/accounts/verify_captcha`) await Axios.post(url, { userToken: token }) const isFormValid = true this.$emit('form-submitted', { isFormValid }) Loading Loading
appinfo/routes.php +0 −1 Original line number Diff line number Diff line Loading @@ -30,7 +30,6 @@ return ['routes' => [ ['name' => 'account#create', 'url' => '/accounts/create', 'verb' => 'POST'], ['name' => 'account#captcha', 'url' => '/accounts/captcha', 'verb' => 'GET'], ['name' => 'account#verify_captcha', 'url' => '/accounts/verify_captcha', 'verb' => 'POST'], ['name' => 'account#verify_hcaptcha', 'url' => '/accounts/verify_hcaptcha', 'verb' => 'POST'], ['name' => 'account#check_username_available', 'url' => '/accounts/check_username_available', 'verb' => 'POST'], ]];
lib/Controller/AccountController.php +21 −39 Original line number Diff line number Diff line Loading @@ -288,62 +288,44 @@ class AccountController extends Controller { * @PublicPage * @NoCSRFRequired * * @param string $captchaInput The user-provided human verification input. * @param string $token The user-provided human verification input. * @param string $bypassToken Token to bypass captcha for automation testing * * @return \OCP\AppFramework\Http\DataResponse */ public function verifyCaptcha(string $captchaInput = '', string $bypassToken = '') : DataResponse { public function verifyCaptcha(string $userToken = '', string $bypassToken = '') : DataResponse { $response = new DataResponse(); if ($this->getCaptchaProvider() !== self::DEFAULT_CAPTCHA_PROVIDER) { $response->setStatus(400); return $response; } $captchaToken = $this->config->getSystemValue('bypass_captcha_token', ''); // Initialize the default status to 400 (Bad Request) $response->setStatus(400); // Check if the input matches the bypass token or the stored captcha result $captchaResult = (string) $this->session->get(CaptchaService::CAPTCHA_RESULT_KEY, ''); if ((!empty($captchaToken) && $bypassToken === $captchaToken) || (!empty($captchaResult) && $captchaInput === $captchaResult)) { // Check if the input matches the bypass token $bypassTokenInConfig = $this->config->getSystemValue('bypass_captcha_token', ''); if ((!empty($bypassTokenInConfig) && $bypassToken === $bypassTokenInConfig)) { $this->session->set(self::CAPTCHA_VERIFIED_CHECK, true); $response->setStatus(200); } $this->session->remove(CaptchaService::CAPTCHA_RESULT_KEY); return $response; } /** * Verify against hCaptcha Service * * @NoAdminRequired * @PublicPage * @NoCSRFRequired * * @param string $captchaInput The user-provided human verification input. * * @return \OCP\AppFramework\Http\DataResponse */ public function verifyHcaptcha(string $token = '', string $bypassToken = '') : DataResponse { $response = new DataResponse(); if ($this->getCaptchaProvider() !== self::HCAPTCHA_PROVIDER) { $response->setStatus(400); return $response; } $captchaProvider = $this->getCaptchaProvider(); $captchaToken = $this->config->getSystemValue('bypass_captcha_token', ''); // Initialize the default status to 400 (Bad Request) $response->setStatus(400); // Check if the input matches the bypass token if ((!empty($captchaToken) && $bypassToken === $captchaToken) || $this->hCaptchaService->verify($token)) { // Check for default captcha provider if ($captchaProvider === self::DEFAULT_CAPTCHA_PROVIDER && $this->verifyImageCaptcha($userToken)) { $this->session->set(self::CAPTCHA_VERIFIED_CHECK, true); $this->session->remove(CaptchaService::CAPTCHA_RESULT_KEY); $response->setStatus(200); } // Check for hcaptcha provider if ($captchaProvider === self::HCAPTCHA_PROVIDER && $this->hCaptchaService->verify($userToken)) { $this->session->set(self::CAPTCHA_VERIFIED_CHECK, true); $response->setStatus(200); } return $response; } private function verifyImageCaptcha(string $captchaInput = '') : bool { $captchaResult = (string) $this->session->get(CaptchaService::CAPTCHA_RESULT_KEY, ''); return (!empty($captchaResult) && $captchaInput === $captchaResult); } private function getCaptchaProvider() : string { $captchaProvider = $this->config->getSystemValue('ecloud-accounts.captcha_provider', self::DEFAULT_CAPTCHA); Loading
src/signup/CaptchaForm.vue +1 −1 Original line number Diff line number Diff line Loading @@ -88,7 +88,7 @@ export default { const urlParams = new URLSearchParams(window.location.search) const bypassToken = urlParams.get('bypassToken') const data = { captchaInput: this.formData.captchaInput, userToken: this.formData.captchaInput, bypassToken: bypassToken || null, } const url = generateUrl(`/apps/${this.appName}/accounts/verify_captcha`) Loading
src/signup/HCaptchaForm.vue +2 −2 Original line number Diff line number Diff line Loading @@ -28,8 +28,8 @@ export default { }, methods: { async onVerify(token, ekey) { const url = generateUrl(`/apps/${APPLICATION_NAME}/accounts/verify_hcaptcha`) await Axios.post(url, { token, ekey }) const url = generateUrl(`/apps/${APPLICATION_NAME}/accounts/verify_captcha`) await Axios.post(url, { userToken: token }) const isFormValid = true this.$emit('form-submitted', { isFormValid }) Loading
