antibot - check IP with sessions and recaptcha
This commit is contained in:
parent
68d7988551
commit
397415211e
|
@ -1,4 +1,5 @@
|
|||
set $session_secret %ANTIBOT_SESSION_SECRET%;
|
||||
set $session_check_addr on;
|
||||
|
||||
access_by_lua_block {
|
||||
|
||||
|
|
|
@ -30,7 +30,7 @@ function M.check (token, recaptcha_secret)
|
|||
local res, err = httpc:request_uri("https://www.google.com/recaptcha/api/siteverify", {
|
||||
ssl_verify = false,
|
||||
method = "POST",
|
||||
body = "secret=" .. recaptcha_secret .. "&response=" .. token,
|
||||
body = "secret=" .. recaptcha_secret .. "&response=" .. token .. "&remoteip=" .. ngx.var.remote_addr,
|
||||
headers = { ["Content-Type"] = "application/x-www-form-urlencoded" }
|
||||
})
|
||||
if not res then
|
||||
|
|
Loading…
Reference in New Issue