update

nginx/access.lua

@@ -8,9 +8,6 @@ if captcha_status == "to_verify" then
     if recaptcha_res ~= 0 then
         valid, err = cs.validateCaptcha(recaptcha_res, ngx.var.remote_addr)
         if valid == true then
-            ngx.shared.crowdsec_cache:set("captcha_"..ngx.var.remote_addr, "validated")
-            headers = ngx.resp.get_headers()["Origin"]
-            ngx.log(ngx.ERR, "ORIG: " .. headers)
             return
         else
             ngx.log(ngx.ALERT, "Invalid captcha from " .. ngx.var.remote_addr)

nginx/crowdsec.lua

@@ -5,6 +5,7 @@ local iputils = require "plugins.crowdsec.iputils"
 local http = require "resty.http"
 local cjson = require "cjson"
 local template = require "resty.template.safe"
+local recaptcha = require "plugins.crowdsec.recaptcha"
 
 -- contain runtime = {}
 local runtime = {}
@@ -38,13 +39,7 @@ function csmod.init(configFile, userAgent)
   runtime.conf = conf
   runtime.userAgent = userAgent
   runtime.cache = ngx.shared.crowdsec_cache
-
-  captcha_template = read_file(runtime.conf["CAPTCHA_TEMPLATE_PATH"])
-  local view = template.new(captcha_template)
-  view.recaptcha_site_key = runtime.conf["SITE_KEY"]
-
-  runtime.captcha_template = tostring(view)
-  runtime.recaptcha_secret_key = runtime.conf["SECRET_KEY"]
+  runtime.recaptcha = recaptcha.New(runtime.conf["SITE_KEY"], runtime.conf["SECRET_KEY"], runtime.conf["CAPTCHA_TEMPLATE_PATH"])
 
   -- if stream mode, add callback to stream_query and start timer
   if runtime.conf["MODE"] == "stream" then
@@ -57,38 +52,7 @@ end
 
 
 function csmod.validateCaptcha(g_captcha_res, remote_ip)
-  body = {
-    secret   = runtime.recaptcha_secret_key,
-    response = g_captcha_res,
-    remoteip = remote_ip
-  }
-  res, err = post_http_request(recaptcha_verify_url, table_to_encoded_url(body))
-  if err ~= nil then
-    return true, err
-  end
-  result = cjson.decode(res.body)
-  return result.success, nil
-end
-
-
-function table_to_encoded_url(args)
-  local params = {}
-  for k, v in pairs(args) do table.insert(params, k .. '=' .. v) end
-  return table.concat(params, "&")
-end
-
-
-function post_http_request(link, body)
-  local httpc = http.new()
-  httpc:set_timeout(runtime.conf['REQUEST_TIMEOUT'])
-  local res, err = httpc:request_uri(link, {
-    method = "POST",
-    body = body,
-    headers = {
-        ["Content-Type"] = "application/x-www-form-urlencoded",
-    },
-  })
-  return res, err
+  return runtime.recaptcha.Validate(g_captcha_res, remote_ip)
 end
 
 

nginx/recaptcha.lua

@@ -1,5 +1,66 @@
 local recaptcha = {}
 
 
+local M = {_TYPE='module', _NAME='recaptcha.funcs', _VERSION='1.0-0'}
+
+_VERIFY_STATE = "to_verify"
+_VALIDATED_STATE = "validated"
+
+
+M.State = {}
+M.State["1"] = _VERIFY_STATE
+M.State["2"] = _VALIDATED_STATE
+
+M.SecretKey = ""
+M.SiteKey = ""
+M.Template = ""
+
+
+function M.New(siteKey, secretKey, TemplateFilePath)
+    M.SecretKey = secretKey
+    M.SiteKey = siteKey
+
+    captcha_template = read_file(runtime.conf["CAPTCHA_TEMPLATE_PATH"])
+    local view = template.new(captcha_template)
+
+    M.Template = tostring(view)
+end
+
+
+function table_to_encoded_url(args)
+    local params = {}
+    for k, v in pairs(args) do table.insert(params, k .. '=' .. v) end
+    return table.concat(params, "&")
+  end
+
+function M.Validate(g_captcha_res, remote_ip)
+    body = {
+        secret   = runtime.recaptcha_secret_key,
+        response = g_captcha_res,
+        remoteip = remote_ip
+      }
+
+      local httpc = http.new()
+
+      httpc:set_timeout(1)
+
+      local res, err = httpc:request_uri(link, {
+        method = "POST",
+        body = body,
+        headers = {
+            ["Content-Type"] = "application/x-www-form-urlencoded",
+        },
+      })
+
+      res, err = post_http_request(recaptcha_verify_url, table_to_encoded_url(body))
+      if err ~= nil then
+        return true, err
+      end
+
+      result = cjson.decode(res.body)
+
+      return result.success, nil
+end
+
 
 return recaptcha