alternative ReCaptcha, close #366

Former-commit-id: c8c9baff75891868283bd353c83a19d38e6bc0e9 [formerly 88aeffc35a402c44c9c92a534c8cd271124826a7] [formerly 39cfd0e090894509e913100aa2f9b325ad6e5b68 [formerly 6e1c6a4a8c]] Former-commit-id: a49c1046af3ba28c469e93e7d88013f5a6b1d062 [formerly 07c801b64ed03b187bb1dd9bbfb502b92572af44] Former-commit-id: aa69ed3d4d78f8942b8b2c924c73c8e4c4965520
2026-01-23 02:35:10 +00:00 · 2018-02-28 01:12:54 +08:00 · 2018-02-28 01:12:54 +08:00 · 0cff87be24
commit 0cff87be24
parent a2fcb8b3b0
5 changed files with 40 additions and 11 deletions
--- a/http/auth.go
+++ b/http/auth.go
@ -12,7 +12,7 @@ import (
 	fm "github.com/filebrowser/filebrowser"
 )

-const reCaptchaAPI = "https://www.google.com/recaptcha/api/siteverify"
+const reCaptchaAPI = "/recaptcha/api/siteverify"

 type cred struct {
 	Password  string `json:"password"`
@ -21,14 +21,14 @@ type cred struct {
 }

 // reCaptcha checks the reCaptcha code.
-func reCaptcha(secret string, response string) (bool, error) {
+func reCaptcha(host, secret, response string) (bool, error) {
 	body := url.Values{}
 	body.Set("secret", secret)
 	body.Add("response", response)

 	client := &http.Client{}

-	resp, err := client.Post(reCaptchaAPI, "application/x-www-form-urlencoded", strings.NewReader(body.Encode()))
+	resp, err := client.Post(host+reCaptchaAPI, "application/x-www-form-urlencoded", strings.NewReader(body.Encode()))
 	if err != nil {
 		return false, err
 	}
@ -69,7 +69,7 @@ func authHandler(c *fm.Context, w http.ResponseWriter, r *http.Request) (int, er

 	// If ReCaptcha is enabled, check the code.
 	if len(c.ReCaptchaSecret) > 0 {
-		ok, err := reCaptcha(c.ReCaptchaSecret, cred.ReCaptcha)
+		ok, err := reCaptcha(c.ReCaptchaHost, c.ReCaptchaSecret, cred.ReCaptcha)
 		if err != nil {
 			return http.StatusForbidden, err
 		}
--- a/http/http.go
+++ b/http/http.go
@ -223,12 +223,13 @@ func renderFile(c *fm.Context, w http.ResponseWriter, file string) (int, error)
 	w.Header().Set("Content-Type", contentType+"; charset=utf-8")

 	data := map[string]interface{}{
-		"BaseURL":      c.RootURL(),
-		"NoAuth":       c.NoAuth,
-		"Version":      fm.Version,
-		"CSS":          template.CSS(c.CSS),
-		"ReCaptcha":    c.ReCaptchaKey != "" && c.ReCaptchaSecret != "",
-		"ReCaptchaKey": c.ReCaptchaKey,
+		"BaseURL":       c.RootURL(),
+		"NoAuth":        c.NoAuth,
+		"Version":       fm.Version,
+		"CSS":           template.CSS(c.CSS),
+		"ReCaptcha":     c.ReCaptchaKey != "" && c.ReCaptchaSecret != "",
+		"ReCaptchaHost": c.ReCaptchaHost,
+		"ReCaptchaKey":  c.ReCaptchaKey,
 	}

 	if c.StaticGen != nil {