Path: blob/1.0-develop/app/Http/Middleware/VerifyReCaptcha.php
10279 views
<?php12namespace Pterodactyl\Http\Middleware;34use GuzzleHttp\Client;5use Illuminate\Http\Request;6use Illuminate\Http\Response;7use Pterodactyl\Events\Auth\FailedCaptcha;8use Illuminate\Contracts\Config\Repository;9use Illuminate\Contracts\Events\Dispatcher;10use Symfony\Component\HttpKernel\Exception\HttpException;1112class VerifyReCaptcha13{14/**15* VerifyReCaptcha constructor.16*/17public function __construct(private Dispatcher $dispatcher, private Repository $config)18{19}2021/**22* Handle an incoming request.23*/24public function handle(Request $request, \Closure $next): mixed25{26if (!$this->config->get('recaptcha.enabled')) {27return $next($request);28}2930if ($request->filled('g-recaptcha-response')) {31$client = new Client();32$res = $client->post($this->config->get('recaptcha.domain'), [33'form_params' => [34'secret' => $this->config->get('recaptcha.secret_key'),35'response' => $request->input('g-recaptcha-response'),36],37]);3839if ($res->getStatusCode() === 200) {40$result = json_decode($res->getBody());4142if ($result->success && (!$this->config->get('recaptcha.verify_domain') || $this->isResponseVerified($result, $request))) {43return $next($request);44}45}46}4748$this->dispatcher->dispatch(49new FailedCaptcha(50$request->ip(),51!empty($result) ? ($result->hostname ?? null) : null52)53);5455throw new HttpException(Response::HTTP_BAD_REQUEST, 'Failed to validate reCAPTCHA data.');56}5758/**59* Determine if the response from the recaptcha servers was valid.60*/61private function isResponseVerified(\stdClass $result, Request $request): bool62{63if (!$this->config->get('recaptcha.verify_domain')) {64return false;65}6667$url = parse_url($request->url());6869return $result->hostname === array_get($url, 'host');70}71}727374