Last active
May 12, 2019 22:35
-
-
Save msmyers/ba2a2beafc35fd22a10bcbfeb77f8a5c to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* @param {Express.Request} request | |
* @param {Express.Response} response | |
*/ | |
async testRecaptcha(request, response) { | |
/** @type {String} */ | |
const captcha = request.allParams().recaptchaToken; | |
// check assumptions, or crash | |
Preconditions.shouldBeNonBlankString(captcha, 'missing: params.recaptchaToken'); | |
/** @type {{ success:boolean, challenge_ts:String }} */ | |
const value = await RequestPromise({ | |
url: 'https://www.google.com/recaptcha/api/siteverify', | |
method: 'GET', | |
json: true, | |
qs: { // qs = query string | |
secret: Preconditions.shouldBeNonBlankString(sails.config.coinme.recaptcha.secretKey), | |
response: Preconditions.shouldBeNonBlankString(captcha), | |
remoteip: ControllerService.getRemoteHost(request) | |
} | |
}); | |
// check the assumptions | |
Preconditions.shouldBeObject(value, 'unknown dependency error'); | |
Preconditions.shouldBeTrue(value.success, 'incorrect recaptcha'); | |
/** @type {Date} */ | |
const date = Preconditions.shouldBeDate(Utility.optDate(value.challenge_ts)); | |
// make sure not too old; 600 seconds = 10 mins | |
Preconditions.shouldBeFalsey(Utility.getAgeInSeconds(date) > 600, 'should be within 10 minutes'); | |
// TODO: parse the timestamp '2017-01-17T03:08:41Z' | |
// { | |
// "success": true|false, | |
// "challenge_ts": timestamp, // timestamp of the challenge load (ISO format yyyy-MM-dd'T'HH:mm:ssZZ) | |
// "hostname": string, // the hostname of the site where the reCAPTCHA was solved | |
// "error-codes": [...] // optional | |
// } | |
return ControllerService.setRecentRecaptcha(request, response); | |
}, |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment