Add Turnstile antibot
This commit is contained in:
parent
d5e64320c4
commit
fd06a1e715
|
@ -221,6 +221,11 @@ function antibot:display_challenge()
|
|||
if self.variables["USE_ANTIBOT"] == "hcaptcha" then
|
||||
template_vars.hcaptcha_sitekey = self.variables["ANTIBOT_HCAPTCHA_SITEKEY"]
|
||||
end
|
||||
|
||||
-- Turnstile case
|
||||
if self.variables["USE_ANTIBOT"] == "turnstile" then
|
||||
template_vars.turnstile_sitekey = self.variables["ANTIBOT_TURNSTILE_SITEKEY"]
|
||||
end
|
||||
|
||||
-- Render content
|
||||
template.render(self.variables["USE_ANTIBOT"] .. ".html", template_vars)
|
||||
|
@ -346,6 +351,45 @@ function antibot:check_challenge()
|
|||
self.session_data.time_valid = ngx.now()
|
||||
return true, "resolved", self.session_data.original_uri
|
||||
end
|
||||
|
||||
-- Turnstile case
|
||||
if self.variables["USE_ANTIBOT"] == "turnstile" then
|
||||
ngx.req.read_body()
|
||||
local args, err = ngx.req.get_post_args(1)
|
||||
if err == "truncated" or not args or not args["token"] then
|
||||
return nil, "missing challenge arg", nil
|
||||
end
|
||||
local httpc, err = http.new()
|
||||
if not httpc then
|
||||
return nil, "can't instantiate http object : " .. err, nil, nil
|
||||
end
|
||||
local data = {
|
||||
secret=self.variables["ANTIBOT_TURNSTILE_SECRET"],
|
||||
response=args["token"],
|
||||
remoteip=ngx.ctx.bw.remote_addr
|
||||
}
|
||||
local res, err = httpc:request_uri("https://challenges.cloudflare.com/turnstile/v0/siteverify", {
|
||||
method = "POST",
|
||||
body = cjson.encode(data),
|
||||
headers = {
|
||||
["Content-Type"] = "application/x-www-form-urlencoded"
|
||||
}
|
||||
})
|
||||
httpc:close()
|
||||
if not res then
|
||||
return nil, "can't send request to Turnstile API : " .. err, nil
|
||||
end
|
||||
local ok, tdata = pcall(cjson.decode, res.body)
|
||||
if not ok then
|
||||
return nil, "error while decoding JSON from Turnstile API : " .. data, nil
|
||||
end
|
||||
if not tdata.success then
|
||||
return false, "client failed challenge", nil
|
||||
end
|
||||
self.session_data.resolved = true
|
||||
self.session_data.time_valid = ngx.now()
|
||||
return true, "resolved", self.session_data.original_uri
|
||||
end
|
||||
|
||||
return nil, "unknown", nil
|
||||
end
|
||||
|
|
File diff suppressed because one or more lines are too long
|
@ -11,7 +11,7 @@
|
|||
"help": "Activate antibot feature.",
|
||||
"id": "use-antibot",
|
||||
"label": "Antibot challenge",
|
||||
"regex": "^(no|cookie|javascript|captcha|recaptcha|hcaptcha)$",
|
||||
"regex": "^(no|cookie|javascript|captcha|recaptcha|hcaptcha|turnstile)$",
|
||||
"type": "select",
|
||||
"select": [
|
||||
"no",
|
||||
|
@ -19,7 +19,8 @@
|
|||
"javascript",
|
||||
"captcha",
|
||||
"recaptcha",
|
||||
"hcaptcha"
|
||||
"hcaptcha",
|
||||
"turnstile"
|
||||
]
|
||||
},
|
||||
"ANTIBOT_URI": {
|
||||
|
@ -76,6 +77,24 @@
|
|||
"regex": "^(0x[a-zA-Z0-9]+)?$",
|
||||
"type": "password"
|
||||
},
|
||||
"ANTIBOT_TURNSTILE_SITEKEY": {
|
||||
"context": "multisite",
|
||||
"default": "",
|
||||
"help": "Sitekey for Turnstile challenge.",
|
||||
"id": "antibot-turnstile-sitekey",
|
||||
"label": "Turnstile sitekey",
|
||||
"regex": "^(0x[\\w-]+)?$",
|
||||
"type": "text"
|
||||
},
|
||||
"ANTIBOT_TURNSTILE_SECRET": {
|
||||
"context": "multisite",
|
||||
"default": "",
|
||||
"help": "Secret for Turnstile challenge.",
|
||||
"id": "antibot-turnstile-secret",
|
||||
"label": "Turnstile secret",
|
||||
"regex": "^(0x[\\w-]+)?$",
|
||||
"type": "password"
|
||||
},
|
||||
"ANTIBOT_TIME_RESOLVE": {
|
||||
"context": "multisite",
|
||||
"default": "60",
|
||||
|
|
Loading…
Reference in New Issue