From f611c56c391bbb13c6e76577a3c1c36a3a2769fd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E2=98=99=E2=97=A6=20The=20Tablet=20=E2=9D=80=20GamerGirla?= =?UTF-8?q?ndCo=20=E2=97=A6=E2=9D=A7?= Date: Fri, 29 Dec 2023 18:04:33 -0500 Subject: [PATCH] fix(server/utils): update recaptcha guard - use actual form field (it's not "g-recaptcha-response") - switch from useFetch to axios - use "application/x-www-form-urlencoded" as content type --- lib/server/middlewareButNotReally/index.ts | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/lib/server/middlewareButNotReally/index.ts b/lib/server/middlewareButNotReally/index.ts index 2b6f16e..417268a 100644 --- a/lib/server/middlewareButNotReally/index.ts +++ b/lib/server/middlewareButNotReally/index.ts @@ -3,6 +3,7 @@ import { messages } from "@server/constants"; import { IStory } from "@models/stories"; import { isFicmasHidden } from "@functions"; import { IDraft } from "@models/stories/draft"; +import axios from "axios"; export function isIdNan(ev: H3Event) { const id = parseInt(getRouterParam(ev, "id")!); if (Number.isNaN(id)) { @@ -61,17 +62,21 @@ export async function storyCheck( export async function captcha(ev: H3Event) { const body = await readBody(ev); - let { data: cres }: { data: any } = await useFetch( + let { data: cres }: { data: any } = await axios.post( "https://www.google.com/recaptcha/api/siteverify", { - method: "post", - body: { - secret: useRuntimeConfig().captcha.secret, - response: body["g-recaptcha-response"], + secret: useRuntimeConfig().captcha.secret, + response: body["recaptcha"], + }, + { + headers: { + "Content-Type": "application/x-www-form-urlencoded", }, }, ); - if (!cres.value.success) { + + console.log(cres); + if (!cres?.success) { throw createError({ statusCode: 400, message: "bad recaptcha",