peanut/new-api
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

初始提交: Gitea 项目代码

Browse Source
This commit is contained in:
root
2026-05-30 22:47:36 +08:00
commit f288f76350
6116 changed files with 776822 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/hcaptcha/error.go
+47
View File
@@ -0,0 +1,47 @@
// Copyright 2023 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package hcaptcha
const (
ErrMissingInputSecret ErrorCode = "missing-input-secret"
ErrInvalidInputSecret ErrorCode = "invalid-input-secret"
ErrMissingInputResponse ErrorCode = "missing-input-response"
ErrInvalidInputResponse ErrorCode = "invalid-input-response"
ErrBadRequest ErrorCode = "bad-request"
ErrInvalidOrAlreadySeenResponse ErrorCode = "invalid-or-already-seen-response"
ErrNotUsingDummyPasscode ErrorCode = "not-using-dummy-passcode"
ErrSitekeySecretMismatch ErrorCode = "sitekey-secret-mismatch"
)
// ErrorCode is any possible error from hCaptcha
type ErrorCode string
// String fulfills the Stringer interface
func (err ErrorCode) String() string {
switch err {
case ErrMissingInputSecret:
return "Your secret key is missing."
case ErrInvalidInputSecret:
return "Your secret key is invalid or malformed."
case ErrMissingInputResponse:
return "The response parameter (verification token) is missing."
case ErrInvalidInputResponse:
return "The response parameter (verification token) is invalid or malformed."
case ErrBadRequest:
return "The request is invalid or malformed."
case ErrInvalidOrAlreadySeenResponse:
return "The response parameter has already been checked, or has another issue."
case ErrNotUsingDummyPasscode:
return "You have used a testing sitekey but have not used its matching secret."
case ErrSitekeySecretMismatch:
return "The sitekey is not registered with the provided secret."
default:
return ""
}
}
// Error fulfills the error interface
func (err ErrorCode) Error() string {
return err.String()
}
modules/hcaptcha/hcaptcha.go
+140
View File
@@ -0,0 +1,140 @@
// Copyright 2020 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package hcaptcha
import (
"context"
"io"
"net/http"
"net/url"
"strings"
"gitea.dev/modules/json"
"gitea.dev/modules/setting"
)
const verifyURL = "https://hcaptcha.com/siteverify"
// Client is an hCaptcha client
type Client struct {
ctx context.Context
http *http.Client
secret string
}
// PostOptions are optional post form values
type PostOptions struct {
RemoteIP string
Sitekey string
}
// ClientOption is a func to modify a new Client
type ClientOption func(*Client)
// WithHTTP sets the http.Client of a Client
func WithHTTP(httpClient *http.Client) func(*Client) {
return func(hClient *Client) {
hClient.http = httpClient
}
}
// WithContext sets the context.Context of a Client
func WithContext(ctx context.Context) func(*Client) {
return func(hClient *Client) {
hClient.ctx = ctx
}
}
// New returns a new hCaptcha Client
func New(secret string, options ...ClientOption) (*Client, error) {
if strings.TrimSpace(secret) == "" {
return nil, ErrMissingInputSecret
}
client := &Client{
ctx: context.Background(),
http: http.DefaultClient,
secret: secret,
}
for _, opt := range options {
opt(client)
}
return client, nil
}
// Response is an hCaptcha response
type Response struct {
Success bool `json:"success"`
ChallengeTS string `json:"challenge_ts"`
Hostname string `json:"hostname"`
Credit bool `json:"credit,omitempty"`
ErrorCodes []ErrorCode `json:"error-codes"`
}
// Verify checks the response against the hCaptcha API
func (c *Client) Verify(token string, opts PostOptions) (*Response, error) {
if strings.TrimSpace(token) == "" {
return nil, ErrMissingInputResponse
}
post := url.Values{
"secret": []string{c.secret},
"response": []string{token},
}
if strings.TrimSpace(opts.RemoteIP) != "" {
post.Add("remoteip", opts.RemoteIP)
}
if strings.TrimSpace(opts.Sitekey) != "" {
post.Add("sitekey", opts.Sitekey)
}
// Basically a copy of http.PostForm, but with a context
req, err := http.NewRequestWithContext(c.ctx, http.MethodPost, verifyURL, strings.NewReader(post.Encode()))
if err != nil {
return nil, err
}
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
resp, err := c.http.Do(req)
if err != nil {
return nil, err
}
body, err := io.ReadAll(resp.Body)
if err != nil {
return nil, err
}
defer resp.Body.Close()
var response *Response
if err := json.Unmarshal(body, &response); err != nil {
return nil, err
}
return response, nil
}
// Verify calls hCaptcha API to verify token
func Verify(ctx context.Context, response string) (bool, error) {
client, err := New(setting.Service.HcaptchaSecret, WithContext(ctx))
if err != nil {
return false, err
}
resp, err := client.Verify(response, PostOptions{
Sitekey: setting.Service.HcaptchaSitekey,
})
if err != nil {
return false, err
}
var respErr error
if len(resp.ErrorCodes) > 0 {
respErr = resp.ErrorCodes[0]
}
return resp.Success, respErr
}
modules/hcaptcha/hcaptcha_test.go
+132
View File
@@ -0,0 +1,132 @@
// Copyright 2023 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package hcaptcha
import (
"errors"
"io"
"net/http"
"net/url"
"strings"
"testing"
"time"
)
const (
dummySiteKey = "10000000-ffff-ffff-ffff-000000000001"
dummySecret = "0x0000000000000000000000000000000000000000"
dummyToken = "10000000-aaaa-bbbb-cccc-000000000001"
)
type mockTransport struct{}
func (mockTransport) RoundTrip(req *http.Request) (*http.Response, error) {
if req.URL.String() != verifyURL {
return nil, errors.New("unsupported url")
}
body, err := io.ReadAll(req.Body)
if err != nil {
return nil, err
}
bodyValues, err := url.ParseQuery(string(body))
if err != nil {
return nil, err
}
var responseText string
if bodyValues.Get("response") == dummyToken {
responseText = `{"success":true,"credit":false,"hostname":"dummy-key-pass","challenge_ts":"2025-10-08T16:02:56.136Z"}`
} else {
responseText = `{"success":false,"error-codes":["invalid-input-response"]}`
}
return &http.Response{Request: req, Body: io.NopCloser(strings.NewReader(responseText))}, nil
}
func TestCaptcha(t *testing.T) {
tt := []struct {
Name string
Secret string
Token string
Error ErrorCode
}{
{
Name: "Success",
Secret: dummySecret,
Token: dummyToken,
},
{
Name: "Missing Secret",
Token: dummyToken,
Error: ErrMissingInputSecret,
},
{
Name: "Missing Token",
Secret: dummySecret,
Error: ErrMissingInputResponse,
},
{
Name: "Invalid Token",
Secret: dummySecret,
Token: "test",
Error: ErrInvalidInputResponse,
},
}
for _, tc := range tt {
t.Run(tc.Name, func(t *testing.T) {
client, err := New(tc.Secret, WithHTTP(&http.Client{
Timeout: time.Second * 5,
Transport: mockTransport{},
}))
if err != nil {
// The only error that can be returned from creating a client
if tc.Error == ErrMissingInputSecret && err == ErrMissingInputSecret {
return
}
t.Log(err)
t.FailNow()
}
resp, err := client.Verify(tc.Token, PostOptions{
Sitekey: dummySiteKey,
})
if err != nil {
// The only error that can be returned prior to the request
if tc.Error == ErrMissingInputResponse && err == ErrMissingInputResponse {
return
}
t.Log(err)
t.FailNow()
}
if tc.Error.String() != "" {
if resp.Success {
t.Log("Verification should fail.")
t.Fail()
}
if len(resp.ErrorCodes) == 0 {
t.Log("hCaptcha should have returned an error.")
t.Fail()
}
var hasErr bool
for _, err := range resp.ErrorCodes {
if strings.EqualFold(err.String(), tc.Error.String()) {
hasErr = true
break
}
}
if !hasErr {
t.Log("hCaptcha did not return the error being tested")
t.Fail()
}
} else if !resp.Success {
t.Log("Verification should succeed.")
t.Fail()
}
})
}
}