mirror of
https://gitgud.io/fatchan/haproxy-protection.git
synced 2025-05-09 02:05:37 +00:00
55 lines
1.7 KiB
Lua
55 lines
1.7 KiB
Lua
hcaptcha = {}
|
|
|
|
local url = require("net.url")
|
|
local https = require("ssl.https")
|
|
local json = require("json")
|
|
local utils = require("utils")
|
|
|
|
local floating_hash = utils.get_floating_hash()
|
|
|
|
function hcaptcha.view(applet)
|
|
local hcaptcha_secret = os.getenv("HCAPTCHA_SECRET")
|
|
local hcaptcha_sitekey = os.getenv("HCAPTCHA_SITEKEY")
|
|
|
|
local response
|
|
if applet.method == "GET" then
|
|
response =
|
|
[[
|
|
<form method="POST">
|
|
<div class="h-captcha" data-sitekey="%s"></div>
|
|
<script src="https://hcaptcha.com/1/api.js" async defer></script>
|
|
<input type="submit" value="Submit">
|
|
</form>
|
|
]]
|
|
response = string.format(response, hcaptcha_sitekey)
|
|
elseif applet.method == "POST" then
|
|
local parsed_body = url.parseQuery(applet.receive(applet))
|
|
|
|
if parsed_body["h-captcha-response"] then
|
|
local url =
|
|
string.format(
|
|
"https://hcaptcha.com/siteverify?secret=%s&response=%s",
|
|
hcaptcha_secret,
|
|
parsed_body["h-captcha-response"]
|
|
)
|
|
local body, code, headers, status = https.request(url)
|
|
local api_response = json:decode(body)
|
|
|
|
if api_response.success == true then
|
|
print("HCAPTCHA SUCCESSFULLY PASSED")
|
|
applet:add_header("set-cookie", string.format("z_ddos_protection=%s; Max-Age=14400", floating_hash))
|
|
else
|
|
print("HCAPTCHA FAILED", body)
|
|
end
|
|
end
|
|
|
|
response = "Thank you for submitting"
|
|
end
|
|
|
|
applet:set_status(200)
|
|
applet:add_header("content-type", "text/html")
|
|
applet:add_header("content-length", string.len(response))
|
|
applet:start_response()
|
|
applet:send(response)
|
|
end
|