fix(server): captcha guard (#4673)

This commit is contained in:
DarkSky
2023-10-20 03:54:08 -05:00
committed by GitHub
parent 817463c40e
commit 779ac39b36

View File

@@ -151,7 +151,9 @@ export class NextAuthController {
if ( if (
this.config.auth.captcha.enable && this.config.auth.captcha.enable &&
req.method === 'POST' && req.method === 'POST' &&
action === 'signin' action === 'signin' &&
// TODO: add credentials support in frontend
['email'].includes(providerId)
) { ) {
const isVerified = await this.verifyChallenge(req, res); const isVerified = await this.verifyChallenge(req, res);
if (!isVerified) return; if (!isVerified) return;
@@ -382,11 +384,9 @@ export class NextAuthController {
rejectResponse(res: Response, error: string, status = 400) { rejectResponse(res: Response, error: string, status = 400) {
res.status(status); res.status(status);
res.json({ res.json({
url: `https://${this.config.baseUrl}/api/auth/error?${new URLSearchParams( url: `${this.config.baseUrl}/api/auth/error?${new URLSearchParams({
{ error,
error, }).toString()}`,
}
).toString()}`,
error, error,
}); });
} }