Dont allow caching captcha response (#4381)
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
This commit is contained in:
parent
b58da11fb7
commit
516db012bf
1 changed files with 16 additions and 7 deletions
|
@ -1,5 +1,13 @@
|
|||
use crate::captcha_as_wav_base64;
|
||||
use actix_web::web::{Data, Json};
|
||||
use actix_web::{
|
||||
http::{
|
||||
header::{CacheControl, CacheDirective},
|
||||
StatusCode,
|
||||
},
|
||||
web::{Data, Json},
|
||||
HttpResponse,
|
||||
HttpResponseBuilder,
|
||||
};
|
||||
use captcha::{gen, Difficulty};
|
||||
use lemmy_api_common::{
|
||||
context::LemmyContext,
|
||||
|
@ -12,13 +20,13 @@ use lemmy_db_schema::source::{
|
|||
use lemmy_utils::error::LemmyError;
|
||||
|
||||
#[tracing::instrument(skip(context))]
|
||||
pub async fn get_captcha(
|
||||
context: Data<LemmyContext>,
|
||||
) -> Result<Json<GetCaptchaResponse>, LemmyError> {
|
||||
pub async fn get_captcha(context: Data<LemmyContext>) -> Result<HttpResponse, LemmyError> {
|
||||
let local_site = LocalSite::read(&mut context.pool()).await?;
|
||||
let mut res = HttpResponseBuilder::new(StatusCode::OK);
|
||||
res.insert_header(CacheControl(vec![CacheDirective::NoStore]));
|
||||
|
||||
if !local_site.captcha_enabled {
|
||||
return Ok(Json(GetCaptchaResponse { ok: None }));
|
||||
return Ok(res.json(Json(GetCaptchaResponse { ok: None })));
|
||||
}
|
||||
|
||||
let captcha = gen(match local_site.captcha_difficulty.as_str() {
|
||||
|
@ -37,11 +45,12 @@ pub async fn get_captcha(
|
|||
// Stores the captcha item in the db
|
||||
let captcha = CaptchaAnswer::insert(&mut context.pool(), &captcha_form).await?;
|
||||
|
||||
Ok(Json(GetCaptchaResponse {
|
||||
let json = Json(GetCaptchaResponse {
|
||||
ok: Some(CaptchaResponse {
|
||||
png,
|
||||
wav,
|
||||
uuid: captcha.uuid.to_string(),
|
||||
}),
|
||||
}))
|
||||
});
|
||||
Ok(res.json(json))
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue