Signal/Signal-Server
1
0
Fork 0
mirror of https://github.com/signalapp/Signal-Server synced 2026-04-20 07:08:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add requester to recaptcha validation

Browse Source
This commit is contained in:
Moxie Marlinspike
2019-07-11 12:38:22 -07:00
parent 288285f22b
commit a6e7e30177
3 changed files with 7 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
service/src/main/java/org/whispersystems/textsecuregcm/controllers/AccountController.java
View File

@@ -401,7 +401,7 @@ public class AccountController {
{
if (captchaToken.isPresent()) {
boolean validToken = recaptchaClient.verify(captchaToken.get());
boolean validToken = recaptchaClient.verify(captchaToken.get(), requester);
if (validToken) {
captchaSuccessMeter.mark();

3
service/src/main/java/org/whispersystems/textsecuregcm/recaptcha/RecaptchaClient.java
View File

@@ -21,10 +21,11 @@ public class RecaptchaClient {
this.recaptchaSecret = recaptchaSecret;
}
public boolean verify(String captchaToken) {
public boolean verify(String captchaToken, String ip) {
MultivaluedMap<String, String> formData = new MultivaluedHashMap<>();
formData.add("secret", recaptchaSecret);
formData.add("response", captchaToken);
formData.add("remoteip", ip);
VerifyResponse response = client.target("https://www.google.com/recaptcha/api/siteverify")
.request()