/
WtfControllerBase.cs
52 lines (45 loc) · 1.81 KB
/
WtfControllerBase.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
using Newtonsoft.Json;
using System.Collections.Generic;
using System.Net.Http;
using System.Web.Mvc;
using TheDailyWtf.Security;
namespace TheDailyWtf
{
public abstract class WtfControllerBase : Controller
{
protected virtual new AuthorPrincipal User
{
get { return base.User as AuthorPrincipal; }
}
private class RecaptchaResponse
{
[JsonProperty(PropertyName = "success")]
public bool Success { get; set; }
[JsonProperty(PropertyName = "error-codes")]
public IEnumerable<string> ErrorCodes { get; set; }
}
protected void CheckRecaptcha()
{
if (string.IsNullOrEmpty(Request.Form["g-recaptcha-response"]))
{
ModelState.AddModelError(string.Empty, "You forgot to check the \"I'm not a robot\" box.");
return;
}
using (var client = new HttpClient())
{
var request = new Dictionary<string, string>
{
{ "secret", Config.RecaptchaPrivateKey },
{ "response", Request.Form["g-recaptcha-response"] },
{ "remoteip", Request.ServerVariables["REMOTE_ADDR"] },
};
var response = client.PostAsync("https://www.google.com/recaptcha/api/siteverify", new FormUrlEncodedContent(request)).Result;
var result = JsonConvert.DeserializeObject<RecaptchaResponse>(response.Content.ReadAsStringAsync().Result);
if (!result.Success)
{
ModelState.AddModelError(string.Empty, "The CAPTCHA was invalid. Try again.");
}
}
}
}
}