fix(server/utils): update recaptcha guard
- use actual form field (it's not "g-recaptcha-response") - switch from useFetch to axios - use "application/x-www-form-urlencoded" as content type
This commit is contained in:
parent
d4ae55a25b
commit
f611c56c39
@ -3,6 +3,7 @@ import { messages } from "@server/constants";
|
|||||||
import { IStory } from "@models/stories";
|
import { IStory } from "@models/stories";
|
||||||
import { isFicmasHidden } from "@functions";
|
import { isFicmasHidden } from "@functions";
|
||||||
import { IDraft } from "@models/stories/draft";
|
import { IDraft } from "@models/stories/draft";
|
||||||
|
import axios from "axios";
|
||||||
export function isIdNan(ev: H3Event<EventHandlerRequest>) {
|
export function isIdNan(ev: H3Event<EventHandlerRequest>) {
|
||||||
const id = parseInt(getRouterParam(ev, "id")!);
|
const id = parseInt(getRouterParam(ev, "id")!);
|
||||||
if (Number.isNaN(id)) {
|
if (Number.isNaN(id)) {
|
||||||
@ -61,17 +62,21 @@ export async function storyCheck(
|
|||||||
export async function captcha(ev: H3Event<EventHandlerRequest>) {
|
export async function captcha(ev: H3Event<EventHandlerRequest>) {
|
||||||
const body = await readBody(ev);
|
const body = await readBody(ev);
|
||||||
|
|
||||||
let { data: cres }: { data: any } = await useFetch(
|
let { data: cres }: { data: any } = await axios.post(
|
||||||
"https://www.google.com/recaptcha/api/siteverify",
|
"https://www.google.com/recaptcha/api/siteverify",
|
||||||
{
|
{
|
||||||
method: "post",
|
|
||||||
body: {
|
|
||||||
secret: useRuntimeConfig().captcha.secret,
|
secret: useRuntimeConfig().captcha.secret,
|
||||||
response: body["g-recaptcha-response"],
|
response: body["recaptcha"],
|
||||||
|
},
|
||||||
|
{
|
||||||
|
headers: {
|
||||||
|
"Content-Type": "application/x-www-form-urlencoded",
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
);
|
);
|
||||||
if (!cres.value.success) {
|
|
||||||
|
console.log(cres);
|
||||||
|
if (!cres?.success) {
|
||||||
throw createError({
|
throw createError({
|
||||||
statusCode: 400,
|
statusCode: 400,
|
||||||
message: "bad recaptcha",
|
message: "bad recaptcha",
|
||||||
|
Loading…
Reference in New Issue
Block a user