From 2c7922ccc1f1d602c9625209d46813736bbd7d2c Mon Sep 17 00:00:00 2001
From: jvyden <jvyden@jvyden.xyz>
Date: Sat, 5 Feb 2022 01:00:35 -0500
Subject: [PATCH] Add captcha to register form

---
 .../Helpers/Extensions/RequestExtensions.cs     | 17 +++++++++++++++++
 ProjectLighthouse/Pages/LoginForm.cshtml.cs     | 16 ++++------------
 ProjectLighthouse/Pages/RegisterForm.cshtml     |  6 ++++++
 ProjectLighthouse/Pages/RegisterForm.cshtml.cs  | 10 ++++++++--
 4 files changed, 35 insertions(+), 14 deletions(-)

diff --git a/ProjectLighthouse/Helpers/Extensions/RequestExtensions.cs b/ProjectLighthouse/Helpers/Extensions/RequestExtensions.cs
index 05208124..b8738c4d 100644
--- a/ProjectLighthouse/Helpers/Extensions/RequestExtensions.cs
+++ b/ProjectLighthouse/Helpers/Extensions/RequestExtensions.cs
@@ -1,5 +1,9 @@
+#nullable enable
 using System.Text.RegularExpressions;
+using System.Threading.Tasks;
+using LBPUnion.ProjectLighthouse.Types.Settings;
 using Microsoft.AspNetCore.Http;
+using Microsoft.Extensions.Primitives;
 using Microsoft.Net.Http.Headers;
 
 namespace LBPUnion.ProjectLighthouse.Helpers.Extensions;
@@ -11,4 +15,17 @@ public static class RequestExtensions
         ("Android|webOS|iPhone|iPad|iPod|BlackBerry|IEMobile|Opera Mini", RegexOptions.IgnoreCase | RegexOptions.Multiline | RegexOptions.Compiled);
 
     public static bool IsMobile(this HttpRequest request) => mobileCheck.IsMatch(request.Headers[HeaderNames.UserAgent].ToString());
+
+    public static async Task<bool> CheckCaptchaValidity(this HttpRequest request)
+    {
+        if (ServerSettings.Instance.HCaptchaEnabled)
+        {
+            bool gotCaptcha = request.Form.TryGetValue("h-captcha-response", out StringValues values);
+            if (!gotCaptcha) return false;
+
+            if (!await CaptchaHelper.Verify(values[0])) return false;
+        }
+
+        return true;
+    }
 }
\ No newline at end of file
diff --git a/ProjectLighthouse/Pages/LoginForm.cshtml.cs b/ProjectLighthouse/Pages/LoginForm.cshtml.cs
index d10d3f7d..7ceb63d3 100644
--- a/ProjectLighthouse/Pages/LoginForm.cshtml.cs
+++ b/ProjectLighthouse/Pages/LoginForm.cshtml.cs
@@ -3,13 +3,12 @@ using System.Threading.Tasks;
 using JetBrains.Annotations;
 using Kettu;
 using LBPUnion.ProjectLighthouse.Helpers;
+using LBPUnion.ProjectLighthouse.Helpers.Extensions;
 using LBPUnion.ProjectLighthouse.Logging;
 using LBPUnion.ProjectLighthouse.Pages.Layouts;
 using LBPUnion.ProjectLighthouse.Types;
-using LBPUnion.ProjectLighthouse.Types.Settings;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.EntityFrameworkCore;
-using Microsoft.Extensions.Primitives;
 
 namespace LBPUnion.ProjectLighthouse.Pages;
 
@@ -35,17 +34,10 @@ public class LoginForm : BaseLayout
             return this.Page();
         }
 
-        if (ServerSettings.Instance.HCaptchaEnabled)
+        if (!await Request.CheckCaptchaValidity())
         {
-            // && (!this.Request.Form.TryGetValue("h-captcha-response", out StringValues values) || !await CaptchaHelper.Verify(values[0])))
-            bool gotCaptcha = this.Request.Form.TryGetValue("h-captcha-response", out StringValues values);
-            string? token = gotCaptcha ? values[0] : null;
-
-            if (token == null || !await CaptchaHelper.Verify(token))
-            {
-                this.Error = "You must solve the captcha correctly.";
-                return this.Page();
-            }
+            this.Error = "You must complete the captcha correctly.";
+            return this.Page();
         }
 
         User? user = await this.Database.Users.FirstOrDefaultAsync(u => u.Username == username);
diff --git a/ProjectLighthouse/Pages/RegisterForm.cshtml b/ProjectLighthouse/Pages/RegisterForm.cshtml
index 67b3a05a..54775d85 100644
--- a/ProjectLighthouse/Pages/RegisterForm.cshtml
+++ b/ProjectLighthouse/Pages/RegisterForm.cshtml
@@ -1,4 +1,5 @@
 @page "/register"
+@using LBPUnion.ProjectLighthouse.Types.Settings
 @model LBPUnion.ProjectLighthouse.Pages.RegisterForm
 
 @{
@@ -60,5 +61,10 @@
         </div>
     </div>
 
+    @if (ServerSettings.Instance.HCaptchaEnabled)
+    {
+        @await Html.PartialAsync("Partials/CaptchaPartial")
+    }
+
     <input type="submit" value="Register" id="submit" class="ui green button">
 </form>
\ No newline at end of file
diff --git a/ProjectLighthouse/Pages/RegisterForm.cshtml.cs b/ProjectLighthouse/Pages/RegisterForm.cshtml.cs
index 310884d5..a7945459 100644
--- a/ProjectLighthouse/Pages/RegisterForm.cshtml.cs
+++ b/ProjectLighthouse/Pages/RegisterForm.cshtml.cs
@@ -2,6 +2,7 @@ using System.Diagnostics.CodeAnalysis;
 using System.Threading.Tasks;
 using JetBrains.Annotations;
 using LBPUnion.ProjectLighthouse.Helpers;
+using LBPUnion.ProjectLighthouse.Helpers.Extensions;
 using LBPUnion.ProjectLighthouse.Pages.Layouts;
 using LBPUnion.ProjectLighthouse.Types;
 using LBPUnion.ProjectLighthouse.Types.Settings;
@@ -42,13 +43,18 @@ public class RegisterForm : BaseLayout
             return this.Page();
         }
 
-        bool userExists = await this.Database.Users.FirstOrDefaultAsync(u => u.Username.ToLower() == username.ToLower()) != null;
-        if (userExists)
+        if (await this.Database.Users.FirstOrDefaultAsync(u => u.Username.ToLower() == username.ToLower()) != null)
         {
             this.Error = "The username you've chosen is already taken.";
             return this.Page();
         }
 
+        if (!await Request.CheckCaptchaValidity())
+        {
+            this.Error = "You must complete the captcha correctly.";
+            return this.Page();
+        }
+
         User user = await this.Database.CreateUser(username, HashHelper.BCryptHash(password));
 
         WebToken webToken = new()