From 78608392208cb73351354cda5678daee232159d8 Mon Sep 17 00:00:00 2001
From: "Acid Chicken (硫酸鶏)" <root@acid-chicken.com>
Date: Tue, 28 Apr 2020 14:29:33 +0900
Subject: Add support for hCaptcha

---
 src/server/api/private/signup.ts | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

(limited to 'src/server/api/private')

diff --git a/src/server/api/private/signup.ts b/src/server/api/private/signup.ts
index 79ee74389c..e23fe43583 100644
--- a/src/server/api/private/signup.ts
+++ b/src/server/api/private/signup.ts
@@ -1,5 +1,6 @@
 import * as Koa from 'koa';
 import { fetchMeta } from '../../../misc/fetch-meta';
+import { verify } from 'hcaptcha';
 import * as recaptcha from 'recaptcha-promise';
 import { Users, RegistrationTickets } from '../../../models';
 import { signup } from '../common/signup';
@@ -9,8 +10,18 @@ export default async (ctx: Koa.Context) => {
 
 	const instance = await fetchMeta(true);
 
-	// Verify recaptcha
+	// Verify *Captcha
 	// ただしテスト時はこの機構は障害となるため無効にする
+	if (process.env.NODE_ENV !== 'test' && instance.enableHcaptcha && instance.hcaptchaSecretKey) {
+		const success = await verify(instance.hcaptchaSecretKey, body['hcaptcha-response']).then(
+			({ 'error-codes': x }) => !x || !x.length,
+			() => false,
+		);
+
+		if (!success) {
+			ctx.throw(400, 'hcaptcha-failed');
+		}
+	}
 	if (process.env.NODE_ENV !== 'test' && instance.enableRecaptcha && instance.recaptchaSecretKey) {
 		recaptcha.init({
 			secret_key: instance.recaptchaSecretKey
-- 
cgit v1.2.3-freya