-
app/Http/Middleware/VerifyReCaptcha.php
Open in GitHubuse Closure; use stdClass; use GuzzleHttp\Client; use Illuminate\Http\Request; use Illuminate\Http\Response; use Pterodactyl\Events\Auth\FailedCaptcha; use Illuminate\Contracts\Config\Repository; use Illuminate\Contracts\Events\Dispatcher; use Symfony\Component\HttpKernel\Exception\HttpException; class VerifyReCaptcha { private $config; private $dispatcher; public function __construct(Dispatcher $dispatcher, Repository $config) { $this->config = $config; $this->dispatcher = $dispatcher; } public function handle($request, Closure $next) { if (!$this->config->get('recaptcha.enabled')) { return $next($request); } if ($request->filled('g-recaptcha-response')) { $client = new Client(); $res = $client->post($this->config->get('recaptcha.domain'), [ 'form_params' => [ 'secret' => $this->config->get('recaptcha.secret_key'), 'response' => $request->input('g-recaptcha-response'), ], ]); if ($res->getStatusCode() === 200) { $result = json_decode($res->getBody()); if ($result->success && (!$this->config->get('recaptcha.verify_domain') || $this->isResponseVerified($result, $request))) { return $next($request); } } } $this->dispatcher->dispatch( new FailedCaptcha( $request->ip(), !empty($result) ? ($result->hostname ?? null) : null ) ); throw new HttpException(Response::HTTP_BAD_REQUEST, 'Failed to validate reCAPTCHA data.'); } private function isResponseVerified(stdClass $result, Request $request): bool { if (!$this->config->get('recaptcha.verify_domain')) { return false; } $url = parse_url($request->url()); return $result->hostname === array_get($url, 'host'); } } -
app/Http/Kernel.php
Open in GitHubuse Pterodactyl\Http\Middleware\VerifyReCaptcha; use Illuminate\Foundation\Http\Kernel as HttpKernel; class Kernel extends HttpKernel { // protected $routeMiddleware = [ // 'recaptcha' => VerifyReCaptcha::class, // ]; }