Add captcha handling in report submission endpoint
This commit is contained in:
@ -10,7 +10,31 @@ function errorResponse(error: string, status: number): Response {
|
|||||||
}
|
}
|
||||||
|
|
||||||
export async function onRequestPost(context: RequestContext) {
|
export async function onRequestPost(context: RequestContext) {
|
||||||
const { filename, filesize, usernames } = context.data.body;
|
const { filename, filesize, turnstileResponse, usernames } =
|
||||||
|
context.data.body;
|
||||||
|
|
||||||
|
if (!context.data.current_user) {
|
||||||
|
if (typeof turnstileResponse !== "string")
|
||||||
|
return errorResponse("You must complete the captcha", 401);
|
||||||
|
|
||||||
|
const turnstileAPIResponse = await fetch(
|
||||||
|
"https://challenges.cloudflare.com/turnstile/v0/siteverify",
|
||||||
|
{
|
||||||
|
body: JSON.stringify({
|
||||||
|
response: turnstileResponse,
|
||||||
|
secret: context.env.TURNSTILE_SECRETKEY,
|
||||||
|
}),
|
||||||
|
headers: {
|
||||||
|
"content-type": "application/json",
|
||||||
|
},
|
||||||
|
method: "POST",
|
||||||
|
}
|
||||||
|
);
|
||||||
|
|
||||||
|
const { success }: { success: boolean } = await turnstileAPIResponse.json();
|
||||||
|
|
||||||
|
if (!success) return errorResponse("Captcha test failed", 403);
|
||||||
|
}
|
||||||
|
|
||||||
if (!Array.isArray(usernames))
|
if (!Array.isArray(usernames))
|
||||||
return errorResponse("Usernames must be type of array", 400);
|
return errorResponse("Usernames must be type of array", 400);
|
||||||
|
Reference in New Issue
Block a user