Skip to content

Commit

Permalink
fix(hcaptcha): improve hCaptcha errors
Browse files Browse the repository at this point in the history
  • Loading branch information
@Cali93
Cali93 committed Jun 6, 2023
1 parent 1cc2880 commit 1dd848f
Show file tree
Hide file tree
Showing 3 changed files with 143 additions and 1 deletion.
127 changes: 127 additions & 0 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
"express-rate-limit": "^6.7.0",
"express-session": "^1.17.3",
"jsonwebtoken": "^9.0.0",
"node-fetch": "^3.3.1",
"siwe": "^1.1.6"
},
"devDependencies": {
Expand Down
16 changes: 15 additions & 1 deletion src/middlewares/captchaVerification.ts
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
import { NextFunction, Request, Response } from "express";
import fetch from "node-fetch";

export const captchaVerification = async (
req: Request,
Expand All @@ -8,6 +9,19 @@ export const captchaVerification = async (
if (process.env.NODE_ENV === "development") {
return next();
}

const captchaSecret = process.env.HCAPTCHA_SECRET;
if (!captchaSecret) {
throw new Error("Missing captcha secret environment varialbe");
}

const captchaToken = req.headers["captcha-token"];
if (!captchaToken) {
return res
.status(400)
.json({ error: "Bad request - missing 'captcha-token' header" });
}

try {
const hCaptchaResponse = await fetch("https://hcaptcha.com/siteverify", {
method: "POST",
Expand All @@ -17,7 +31,7 @@ export const captchaVerification = async (
}),
});

const { success } = await hCaptchaResponse.json();
const { success } = (await hCaptchaResponse.json()) as { success: boolean };

if (!success) {
return res.status(403).json({ error: "hCaptcha verification failed" });
Expand Down

0 comments on commit 1dd848f

Please sign in to comment.