The current Captcha class has a lot of responsibilities. It renders the captcha
image, can check if a certain captcha type is a Google captcha, if a captcha is
required for a certain email. The SubscriberSubscribeController is not only in
charge of "controlling" the subscription process but also validates, whether a
captcha is correct or not. This architecture made it difficult to extend the
functionality and introduce the audio captcha feature.
Therefore this commit refactors the captcha architecture and tries to seperate
the different concerns into several classes and objects. Validation is now done
by validators.
The CaptchaPhrase now is in charge of keeping the captcha phrase consistent
between the image and the new audio, so that you can renew the captcha and both
captchas are in sync.
[MAILPOET-4514]
The only thing Security::generateToken was providing was a default value
for the $action, which created a pattern of using the same $action
everywhere, which may not be the best way to go.
Since it was essentially a wrapper for WP's built-in nonce functions,
it seemed clearer to use those functions directly to be more explicit
about how we're handling tokens.
[MAILPOET-2030]
