-
-
Notifications
You must be signed in to change notification settings - Fork 14
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(turnstile): adds turnstile to login and verifies key on server
- Loading branch information
Showing
5 changed files
with
34 additions
and
37 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,35 +1,32 @@ | ||
import { H3Event, NodeIncomingMessage } from 'h3' | ||
import { H3Event } from 'h3' | ||
import consola from 'consola' | ||
|
||
const SECRET_KEY = '1x0000000000000000000000000000000AA' | ||
import { TURNSTILE_HEADER_KEY } from '~/utils/constants' | ||
|
||
export default defineEventHandler(async function (event: H3Event) { | ||
consola.trace('Inside auth-proxy.ts') | ||
const { req, res } = event.node | ||
const postResponse = handlePost(req) | ||
consola.trace(req) | ||
}) | ||
|
||
async function handlePost(request: NodeIncomingMessage) { | ||
const body = await request.formData() | ||
// Turnstile injects a token in "cf-turnstile-response". | ||
const token = body.get('cf-turnstile-response') | ||
const ip = request.headers.get('CF-Connecting-IP') | ||
|
||
// Validate the token by calling the | ||
// "/siteverify" API endpoint. | ||
let formData = new FormData() | ||
formData.append('secret', SECRET_KEY) | ||
formData.append('response', token) | ||
formData.append('remoteip', ip) | ||
const turnstileKey = req.headers[TURNSTILE_HEADER_KEY.toLowerCase()] | ||
consola.trace('Turnstile Key: ' + turnstileKey) | ||
|
||
const url = 'https://challenges.cloudflare.com/turnstile/v0/siteverify' | ||
const result = await fetch(url, { | ||
body: formData, | ||
method: 'POST', | ||
}) | ||
|
||
const outcome = await result.json() | ||
if (outcome.success) { | ||
// ... | ||
if (!turnstileKey) { | ||
throw createError({ | ||
statusCode: 422, | ||
statusMessage: 'TurnstileKey not provided.', | ||
}) | ||
} | ||
const result = await verifyTurnstileToken(turnstileKey) | ||
consola.trace(result) | ||
if (!result.success) { | ||
consola.error('Turnstile verification unsuccessful!') | ||
createError({ | ||
statusCode: 403, | ||
statusMessage: result['error-codes'].join(', '), | ||
}) | ||
res.statusCode = 403 | ||
res.statusMessage = 'Verification failed' | ||
res.end() | ||
return | ||
} | ||
} | ||
consola.trace('Turnstile verification succeeded') | ||
res.end() | ||
}) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters