diff options
| -rw-r--r-- | clientapi/routing/auth_fallback.go | 18 | ||||
| -rw-r--r-- | clientapi/routing/register.go | 4 | ||||
| -rw-r--r-- | dendrite-sample.monolith.yaml | 8 | ||||
| -rw-r--r-- | dendrite-sample.polylith.yaml | 8 | ||||
| -rw-r--r-- | setup/config/config_clientapi.go | 18 |
5 files changed, 45 insertions, 11 deletions
diff --git a/clientapi/routing/auth_fallback.go b/clientapi/routing/auth_fallback.go index abfe830f..ad870993 100644 --- a/clientapi/routing/auth_fallback.go +++ b/clientapi/routing/auth_fallback.go @@ -31,8 +31,7 @@ const recaptchaTemplate = ` <title>Authentication</title> <meta name='viewport' content='width=device-width, initial-scale=1, user-scalable=no, minimum-scale=1.0, maximum-scale=1.0'> -<script src="https://www.google.com/recaptcha/api.js" - async defer></script> +<script src="{{.apiJsUrl}}" async defer></script> <script src="//code.jquery.com/jquery-1.11.2.min.js"></script> <script> function captchaDone() { @@ -51,8 +50,8 @@ function captchaDone() { Please verify that you're not a robot. </p> <input type="hidden" name="session" value="{{.session}}" /> - <div class="g-recaptcha" - data-sitekey="{{.siteKey}}" + <div class="{{.sitekeyClass}}" + data-sitekey="{{.sitekey}}" data-callback="captchaDone"> </div> <noscript> @@ -114,9 +113,12 @@ func AuthFallback( serveRecaptcha := func() { data := map[string]string{ - "myUrl": req.URL.String(), - "session": sessionID, - "siteKey": cfg.RecaptchaPublicKey, + "myUrl": req.URL.String(), + "session": sessionID, + "apiJsUrl": cfg.RecaptchaApiJsUrl, + "sitekey": cfg.RecaptchaPublicKey, + "sitekeyClass": cfg.RecaptchaSitekeyClass, + "formField": cfg.RecaptchaFormField, } serveTemplate(w, recaptchaTemplate, data) } @@ -155,7 +157,7 @@ func AuthFallback( return &res } - response := req.Form.Get("g-recaptcha-response") + response := req.Form.Get(cfg.RecaptchaFormField) if err := validateRecaptcha(cfg, response, clientIP); err != nil { util.GetLogger(req.Context()).Error(err) return err diff --git a/clientapi/routing/register.go b/clientapi/routing/register.go index 698d185b..b9ebb051 100644 --- a/clientapi/routing/register.go +++ b/clientapi/routing/register.go @@ -20,6 +20,7 @@ import ( "encoding/json" "fmt" "io" + "net" "net/http" "net/url" "regexp" @@ -336,6 +337,7 @@ func validateRecaptcha( response string, clientip string, ) *util.JSONResponse { + ip, _, _ := net.SplitHostPort(clientip) if !cfg.RecaptchaEnabled { return &util.JSONResponse{ Code: http.StatusConflict, @@ -355,7 +357,7 @@ func validateRecaptcha( url.Values{ "secret": {cfg.RecaptchaPrivateKey}, "response": {response}, - "remoteip": {clientip}, + "remoteip": {ip}, }, ) diff --git a/dendrite-sample.monolith.yaml b/dendrite-sample.monolith.yaml index 5195c29b..d86e9da9 100644 --- a/dendrite-sample.monolith.yaml +++ b/dendrite-sample.monolith.yaml @@ -179,7 +179,13 @@ client_api: recaptcha_public_key: "" recaptcha_private_key: "" recaptcha_bypass_secret: "" - recaptcha_siteverify_api: "" + + # To use hcaptcha.com instead of ReCAPTCHA, set the following parameters, otherwise just keep them empty. + # recaptcha_siteverify_api: "https://hcaptcha.com/siteverify" + # recaptcha_api_js_url: "https://js.hcaptcha.com/1/api.js" + # recaptcha_form_field: "h-captcha-response" + # recaptcha_sitekey_class: "h-captcha" + # TURN server information that this homeserver should send to clients. turn: diff --git a/dendrite-sample.polylith.yaml b/dendrite-sample.polylith.yaml index bbbe16fd..ecc3f405 100644 --- a/dendrite-sample.polylith.yaml +++ b/dendrite-sample.polylith.yaml @@ -175,7 +175,13 @@ client_api: recaptcha_public_key: "" recaptcha_private_key: "" recaptcha_bypass_secret: "" - recaptcha_siteverify_api: "" + + # To use hcaptcha.com instead of ReCAPTCHA, set the following parameters, otherwise just keep them empty. + # recaptcha_siteverify_api: "https://hcaptcha.com/siteverify" + # recaptcha_api_js_url: "https://js.hcaptcha.com/1/api.js" + # recaptcha_form_field: "h-captcha-response" + # recaptcha_sitekey_class: "h-captcha" + # TURN server information that this homeserver should send to clients. turn: diff --git a/setup/config/config_clientapi.go b/setup/config/config_clientapi.go index 56f4b3f9..0a871da1 100644 --- a/setup/config/config_clientapi.go +++ b/setup/config/config_clientapi.go @@ -32,6 +32,12 @@ type ClientAPI struct { // Boolean stating whether catpcha registration is enabled // and required RecaptchaEnabled bool `yaml:"enable_registration_captcha"` + // Recaptcha api.js Url, for compatible with hcaptcha.com, etc. + RecaptchaApiJsUrl string `yaml:"recaptcha_api_js_url"` + // Recaptcha div class for sitekey, for compatible with hcaptcha.com, etc. + RecaptchaSitekeyClass string `yaml:"recaptcha_sitekey_class"` + // Recaptcha form field, for compatible with hcaptcha.com, etc. + RecaptchaFormField string `yaml:"recaptcha_form_field"` // This Home Server's ReCAPTCHA public key. RecaptchaPublicKey string `yaml:"recaptcha_public_key"` // This Home Server's ReCAPTCHA private key. @@ -75,6 +81,18 @@ func (c *ClientAPI) Verify(configErrs *ConfigErrors, isMonolith bool) { checkNotEmpty(configErrs, "client_api.recaptcha_public_key", c.RecaptchaPublicKey) checkNotEmpty(configErrs, "client_api.recaptcha_private_key", c.RecaptchaPrivateKey) checkNotEmpty(configErrs, "client_api.recaptcha_siteverify_api", c.RecaptchaSiteVerifyAPI) + if c.RecaptchaSiteVerifyAPI == "" { + c.RecaptchaSiteVerifyAPI = "https://www.google.com/recaptcha/api/siteverify" + } + if c.RecaptchaApiJsUrl == "" { + c.RecaptchaApiJsUrl = "https://www.google.com/recaptcha/api.js" + } + if c.RecaptchaFormField == "" { + c.RecaptchaFormField = "g-recaptcha" + } + if c.RecaptchaSitekeyClass == "" { + c.RecaptchaSitekeyClass = "g-recaptcha-response" + } } // Ensure there is any spam counter measure when enabling registration if !c.RegistrationDisabled && !c.OpenRegistrationWithoutVerificationEnabled { |