From d9d4c0590ce0e08a680c9f9cb554c9340055a8f7 Mon Sep 17 00:00:00 2001 From: Dane Everitt Date: Sun, 15 Dec 2019 16:13:44 -0800 Subject: [PATCH] Fix silent failure mode when recaptcha is enabled --- app/Http/Middleware/VerifyReCaptcha.php | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/app/Http/Middleware/VerifyReCaptcha.php b/app/Http/Middleware/VerifyReCaptcha.php index 9d657548e..710360479 100644 --- a/app/Http/Middleware/VerifyReCaptcha.php +++ b/app/Http/Middleware/VerifyReCaptcha.php @@ -6,8 +6,11 @@ use Closure; use stdClass; use GuzzleHttp\Client; use Illuminate\Http\Request; +use Illuminate\Http\Response; use Pterodactyl\Events\Auth\FailedCaptcha; use Illuminate\Contracts\Config\Repository; +use Illuminate\Contracts\Events\Dispatcher; +use Symfony\Component\HttpKernel\Exception\HttpException; class VerifyReCaptcha { @@ -16,14 +19,21 @@ class VerifyReCaptcha */ private $config; + /** + * @var \Illuminate\Contracts\Events\Dispatcher + */ + private $dispatcher; + /** * VerifyReCaptcha constructor. * + * @param \Illuminate\Contracts\Events\Dispatcher $dispatcher * @param \Illuminate\Contracts\Config\Repository $config */ - public function __construct(Repository $config) + public function __construct(Dispatcher $dispatcher, Repository $config) { $this->config = $config; + $this->dispatcher = $dispatcher; } /** @@ -57,10 +67,15 @@ class VerifyReCaptcha } } - // Emit an event and return to the previous view with an error (only the captcha error will be shown!) - event(new FailedCaptcha($request->ip(), (! isset($result) ?: object_get($result, 'hostname')))); + $this->dispatcher->dispatch( + new FailedCaptcha( + $request->ip(), ! empty($result) ? ($result->hostname ?? null) : null + ) + ); - return redirect()->back()->withErrors(['g-recaptcha-response' => trans('strings.captcha_invalid')])->withInput(); + throw new HttpException( + Response::HTTP_BAD_REQUEST, 'Failed to validate reCAPTCHA data.' + ); } /**