36 lines
1.0 KiB
TypeScript
36 lines
1.0 KiB
TypeScript
import { HttpError } from "../http-error";
|
|
|
|
const TURNSTILE_SECRET_ID = process.env.CLOUDFLARE_TURNSTILE_SECRET;
|
|
|
|
export async function checkCfTurnstileToken({ token, remoteIp }: { token?: string; remoteIp: string }) {
|
|
// This means the instant doesnt have turnstile enabled - we skip the check and just return success.
|
|
// OR the instance is running in CI so we skip these checks also
|
|
if (!TURNSTILE_SECRET_ID || !!process.env.NEXT_PUBLIC_IS_E2E) {
|
|
return {
|
|
success: true,
|
|
};
|
|
}
|
|
|
|
if (!token) {
|
|
throw new HttpError({ statusCode: 401, message: "Invalid cloudflare token" });
|
|
}
|
|
|
|
const form = new URLSearchParams();
|
|
form.append("secret", TURNSTILE_SECRET_ID);
|
|
form.append("response", token);
|
|
form.append("remoteip", remoteIp);
|
|
|
|
const result = await fetch("https://challenges.cloudflare.com/turnstile/v0/siteverify", {
|
|
method: "POST",
|
|
body: form,
|
|
});
|
|
|
|
const data = await result.json();
|
|
|
|
if (!data["success"]) {
|
|
throw new HttpError({ statusCode: 401, message: "Invalid cloudflare token" });
|
|
}
|
|
|
|
return data;
|
|
}
|