Add cookie to prevent captcha constantly

2025-10-04 17:33:21 +08:00 · 2017-03-14 14:08:46 -03:00
parent 0770eb689b
commit a875bbe23e
4 changed files with 41 additions and 7 deletions
--- a/services/recaptcha.go
+++ b/services/recaptcha.go
@@ -2,11 +2,17 @@ package services

 import (
 	"encoding/json"
+	"fmt"
 	"log"
 	"net/http"
 	"net/url"
 	"os"
 	"strings"
+	"time"
+
+	"github.com/franela/play-with-docker/config"
+	"github.com/gorilla/securecookie"
+	"github.com/twinj/uuid"
 )

 func GetGoogleRecaptchaSiteKey() string {
@@ -31,10 +37,22 @@ type recaptchaResponse struct {
 	Success bool `json:"success"`
 }

-func IsHuman(req *http.Request) bool {
+var s = securecookie.New([]byte(config.HashKey), nil)
+
+func IsHuman(req *http.Request, rw http.ResponseWriter) bool {
 	if os.Getenv("GOOGLE_RECAPTCHA_DISABLED") != "" {
 		return true
 	}
+
+	if cookie, _ := req.Cookie("session_id"); cookie != nil {
+		fmt.Println(cookie)
+		var value string
+		if err := s.Decode("session_id", cookie.Value, &value); err != nil {
+			return false
+		}
+		return true
+	}
+
 	challenge := req.Form.Get("g-recaptcha-response")

 	// Of X-Forwarded-For exists, it means we are behind a loadbalancer and we should use the real IP address of the user
@@ -57,5 +75,16 @@ func IsHuman(req *http.Request) bool {
 	var r recaptchaResponse
 	json.NewDecoder(resp.Body).Decode(&r)

-	return r.Success
+	if !r.Success {
+		return false
+	}
+
+	encoded, _ := s.Encode("session_id", uuid.NewV4().String())
+	http.SetCookie(rw, &http.Cookie{
+		Name:    "session_id",
+		Value:   encoded,
+		Expires: time.Now().Add(10 * time.Second),
+	})
+
+	return true
 }