Merge remote-tracking branch 'origin/develop' into global-status-expiration

[akkoma] / lib / pleroma / captcha / kocaptcha.ex

diff --git a/lib/pleroma/captcha/kocaptcha.ex b/lib/pleroma/captcha/kocaptcha.ex
index 51900d123735925be1187d8fa8803861bb1f5ce0..06ceb20b6f49237f3a706a838b7744751db1162a 100644 (file)
--- a/lib/pleroma/captcha/kocaptcha.ex
+++ b/lib/pleroma/captcha/kocaptcha.ex
@@ -1,67 +1,38 @@
-defmodule Pleroma.Captcha.Kocaptcha do
-  alias Calendar.DateTime
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
 
+defmodule Pleroma.Captcha.Kocaptcha do
+  import Pleroma.Web.Gettext
   alias Pleroma.Captcha.Service
   @behaviour Service
 
-  @ets __MODULE__.Ets
-
   @impl Service
-  def new() do
+  def new do
     endpoint = Pleroma.Config.get!([__MODULE__, :endpoint])
 
     case Tesla.get(endpoint <> "/new") do
       {:error, _} ->
-        %{error: "Kocaptcha service unavailable"}
+        %{error: dgettext("errors", "Kocaptcha service unavailable")}
 
       {:ok, res} ->
-        json_resp = Poison.decode!(res.body)
-
-        token = json_resp["token"]
-
-        true =
-          :ets.insert(
-            @ets,
-            {token, json_resp["md5"], DateTime.now_utc() |> DateTime.Format.unix()}
-          )
-
-        %{type: :kocaptcha, token: token, url: endpoint <> json_resp["url"]}
-    end
-  end
-
-  @impl Service
-  def validate(token, captcha) do
-    with false <- is_nil(captcha),
-         [{^token, saved_md5, _}] <- :ets.lookup(@ets, token),
-         true <- :crypto.hash(:md5, captcha) |> Base.encode16() == String.upcase(saved_md5) do
-      # Clear the saved value
-      :ets.delete(@ets, token)
+        json_resp = Jason.decode!(res.body)
 
-      true
-    else
-      _ -> false
+        %{
+          type: :kocaptcha,
+          token: json_resp["token"],
+          url: endpoint <> json_resp["url"],
+          answer_data: json_resp["md5"]
+        }
     end
   end
 
   @impl Service
-  def cleanup() do
-    seconds_retained = Pleroma.Config.get!([Pleroma.Captcha, :seconds_retained])
-    # If the time in ETS is less than current_time - seconds_retained, then the time has
-    # already passed
-    delete_after =
-      DateTime.subtract!(DateTime.now_utc(), seconds_retained) |> DateTime.Format.unix()
-
-    :ets.select_delete(
-      @ets,
-      [
-        {
-          {:_, :_, :"$1"},
-          [{:<, :"$1", {:const, delete_after}}],
-          [true]
-        }
-      ]
-    )
-
-    :ok
+  def validate(_token, captcha, answer_data) do
+    # Here the token is unsed, because the unencrypted captcha answer is just passed to method
+    if not is_nil(captcha) and
+         :crypto.hash(:md5, captcha) |> Base.encode16() == String.upcase(answer_data),
+       do: :ok,
+       else: {:error, dgettext("errors", "Invalid CAPTCHA")}
   end
 end