From 779ac39b36682ee25fa1158742e8657ad7c3ec77 Mon Sep 17 00:00:00 2001
From: DarkSky <25152247+darkskygit@users.noreply.github.com>
Date: Fri, 20 Oct 2023 03:54:08 -0500
Subject: [PATCH] fix(server): captcha guard (#4673)

---
 .../server/src/modules/auth/next-auth.controller.ts  | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/packages/backend/server/src/modules/auth/next-auth.controller.ts b/packages/backend/server/src/modules/auth/next-auth.controller.ts
index 8a1ee52b0f..1df2205e5b 100644
--- a/packages/backend/server/src/modules/auth/next-auth.controller.ts
+++ b/packages/backend/server/src/modules/auth/next-auth.controller.ts
@@ -151,7 +151,9 @@ export class NextAuthController {
     if (
       this.config.auth.captcha.enable &&
       req.method === 'POST' &&
-      action === 'signin'
+      action === 'signin' &&
+      // TODO: add credentials support in frontend
+      ['email'].includes(providerId)
     ) {
       const isVerified = await this.verifyChallenge(req, res);
       if (!isVerified) return;
@@ -382,11 +384,9 @@ export class NextAuthController {
   rejectResponse(res: Response, error: string, status = 400) {
     res.status(status);
     res.json({
-      url: `https://${this.config.baseUrl}/api/auth/error?${new URLSearchParams(
-        {
-          error,
-        }
-      ).toString()}`,
+      url: `${this.config.baseUrl}/api/auth/error?${new URLSearchParams({
+        error,
+      }).toString()}`,
       error,
     });
   }