96 lines
2.3 KiB
Go
96 lines
2.3 KiB
Go
package cloudflare
|
|
|
|
import (
|
|
"bytes"
|
|
"encoding/json"
|
|
"errors"
|
|
"html/template"
|
|
"io"
|
|
"net/http"
|
|
"strings"
|
|
|
|
"github.com/pocketbase/pocketbase"
|
|
"github.com/pocketbase/pocketbase/core"
|
|
"github.com/pocketbase/pocketbase/tools/router"
|
|
)
|
|
|
|
var VerifyUrl = "https://challenges.cloudflare.com/turnstile/v0/siteverify"
|
|
|
|
type TurnstileResponse struct {
|
|
Success bool `json:"success"`
|
|
ErrorCodes []string `json:"error-codes,omitempty"`
|
|
ChallengeTS string `json:"challenge_ts,omitempty"`
|
|
Hostname string `json:"hostname,omitempty"`
|
|
}
|
|
|
|
type TurnStilleCaptcha struct {
|
|
SiteKey string
|
|
SecretKey string
|
|
}
|
|
|
|
func ServeTurnstilleCaptchaJS(app *pocketbase.PocketBase, se *core.ServeEvent) *router.Route[*core.RequestEvent] {
|
|
return se.Router.GET("/api/email/script.js", func(e *core.RequestEvent) error {
|
|
// www.abrasive.ma-al.pl
|
|
// siteKey: "0x4AAAAAABdgeAdu4Pxxovj3"
|
|
// secretKey: "0x4AAAAAABdgeHJDjMwmeX5aXaXGh6HWZbw"
|
|
|
|
settings, err := GetSettings(app)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
file, err := JS.ReadFile("TurnStilleCaptcha.js")
|
|
if err != nil {
|
|
return err
|
|
}
|
|
templ, err := template.New("test").Parse(string(file))
|
|
|
|
buf := bytes.Buffer{}
|
|
templ.Execute(&buf, map[string]interface{}{
|
|
"SiteKey": settings.SiteKey,
|
|
})
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
e.Response.Header().Set("Content-Type", "application/javascript")
|
|
return e.String(http.StatusOK, buf.String())
|
|
})
|
|
}
|
|
|
|
func GetSettings(app *pocketbase.PocketBase) (*TurnStilleCaptcha, error) {
|
|
record, err := app.FindFirstRecordByFilter("settings", "key='turnstile'", nil)
|
|
|
|
settings := TurnStilleCaptcha{}
|
|
json.Unmarshal([]byte(record.GetString("value")), &settings)
|
|
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return &settings, nil
|
|
}
|
|
|
|
func VerifyTurnstile(app *pocketbase.PocketBase, token, ip string) error {
|
|
conf, err := GetSettings(app)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
data := map[string]string{"secret": conf.SecretKey, "response": token, "remoteip": ip}
|
|
jsonData, _ := json.Marshal(data)
|
|
resp, err := http.Post(VerifyUrl, "application/json", bytes.NewBuffer(jsonData))
|
|
if err != nil {
|
|
return err
|
|
}
|
|
defer resp.Body.Close()
|
|
var turnstileResp TurnstileResponse
|
|
body, _ := io.ReadAll(resp.Body)
|
|
json.Unmarshal(body, &turnstileResp)
|
|
|
|
if !turnstileResp.Success {
|
|
return errors.New(turnstileResp.ChallengeTS + ": " + strings.Join(turnstileResp.ErrorCodes, " "))
|
|
}
|
|
return nil
|
|
}
|