lkddi/Xboard
1
0
Fork 0
mirror of https://github.com/lkddi/Xboard.git synced 2026-04-23 19:37:35 +08:00
Code Issues Packages Projects Releases Wiki Activity

eat: add reCAPTCHA v3 and Cloudflare Turnstile verification support

Browse Source 
- Implement reCAPTCHA v3 with score-based validation
- Add Cloudflare Turnstile as captcha alternative
- Create reusable CaptchaService for unified validation
- Support switching between recaptcha, recaptcha-v3, and turnstile
- Maintain backward compatibility with existing configurations
This commit is contained in:
xboard
2025-06-28 18:01:59 +08:00
parent f1d1dd5684
commit 6d85736eea
18 changed files with 1097 additions and 836 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/Http/Controllers/V1/Guest/CommController.php
+7 -1
View File
@@ -18,11 +18,17 @@ class CommController extends Controller
'email_whitelist_suffix' => (int) admin_setting('email_whitelist_enable', 0)
? Helper::getEmailSuffix()
: 0,
'is_recaptcha' => (int) admin_setting('recaptcha_enable', 0) ? 1 : 0,
'is_captcha' => (int) admin_setting('captcha_enable', 0) ? 1 : 0,
'captcha_type' => admin_setting('captcha_type', 'recaptcha'),
'recaptcha_site_key' => admin_setting('recaptcha_site_key'),
'recaptcha_v3_site_key' => admin_setting('recaptcha_v3_site_key'),
'recaptcha_v3_score_threshold' => admin_setting('recaptcha_v3_score_threshold', 0.5),
'turnstile_site_key' => admin_setting('turnstile_site_key'),
'app_description' => admin_setting('app_description'),
'app_url' => admin_setting('app_url'),
'logo' => admin_setting('logo'),
// 保持向后兼容
'is_recaptcha' => (int) admin_setting('captcha_enable', 0) ? 1 : 0,
];
return $this->success($data);
}
app/Http/Controllers/V1/Passport/AuthController.php
+14 -14
View File
@@ -40,7 +40,7 @@ class AuthController extends Controller
]);
[$success, $result] = $this->mailLinkService->handleMailLink(
$params['email'],
$params['email'],
$request->input('redirect')
);
@@ -92,39 +92,39 @@ class AuthController extends Controller
// 处理直接通过token重定向
if ($token = $request->input('token')) {
$redirect = '/#/login?verify=' . $token . '&redirect=' . ($request->input('redirect', 'dashboard'));
return redirect()->to(
admin_setting('app_url')
? admin_setting('app_url') . $redirect
: url($redirect)
? admin_setting('app_url') . $redirect
: url($redirect)
);
}
// 处理通过验证码登录
if ($verify = $request->input('verify')) {
$userId = $this->mailLinkService->handleTokenLogin($verify);
if (!$userId) {
return response()->json([
'message' => __('Token error')
], 400);
}
$user = \App\Models\User::find($userId);
if (!$user) {
return response()->json([
'message' => __('User not found')
], 400);
}
$authService = new AuthService($user);
return response()->json([
'data' => $authService->generateAuthData()
]);
}
return response()->json([
'message' => __('Invalid request')
], 400);
@@ -136,7 +136,7 @@ class AuthController extends Controller
public function getQuickLoginUrl(Request $request)
{
$authorization = $request->input('auth_data') ?? $request->header('authorization');
if (!$authorization) {
return response()->json([
'message' => ResponseEnum::CLIENT_HTTP_UNAUTHORIZED
@@ -144,14 +144,14 @@ class AuthController extends Controller
}
$user = AuthService::findUserByBearerToken($authorization);
if (!$user) {
return response()->json([
'message' => ResponseEnum::CLIENT_HTTP_UNAUTHORIZED_EXPIRED
], 401);
}
$url = $this->mailLinkService->getQuickLoginUrl($user, $request->input('redirect'));
$url = $this->loginService->generateQuickLoginUrl($user, $request->input('redirect'));
return $this->success($url);
}
app/Http/Controllers/V1/Passport/CommController.php
+6 -7
View File
@@ -7,23 +7,22 @@ use App\Http\Requests\Passport\CommSendEmailVerify;
use App\Jobs\SendEmailJob;
use App\Models\InviteCode;
use App\Models\User;
use App\Services\CaptchaService;
use App\Utils\CacheKey;
use App\Utils\Helper;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Cache;
use ReCaptcha\ReCaptcha;
class CommController extends Controller
{
public function sendEmailVerify(CommSendEmailVerify $request)
{
if ((int) admin_setting('recaptcha_enable', 0)) {
$recaptcha = new ReCaptcha(admin_setting('recaptcha_key'));
$recaptchaResp = $recaptcha->verify($request->input('recaptcha_data'));
if (!$recaptchaResp->isSuccess()) {
return $this->fail([400, __('Invalid code is incorrect')]);
}
// 验证人机验证码
$captchaService = app(CaptchaService::class);
[$captchaValid, $captchaError] = $captchaService->verify($request);
if (!$captchaValid) {
return $this->fail($captchaError);
}
$email = $request->input('email');
app/Http/Controllers/V1/User/UserController.php
+10 -9
View File
@@ -10,6 +10,7 @@ use App\Models\Order;
use App\Models\Plan;
use App\Models\Ticket;
use App\Models\User;
use App\Services\Auth\LoginService;
use App\Services\AuthService;
use App\Services\UserService;
use App\Utils\CacheKey;
@@ -19,6 +20,14 @@ use Illuminate\Support\Facades\Cache;
class UserController extends Controller
{
protected $loginService;
public function __construct(
LoginService $loginService
) {
$this->loginService = $loginService;
}
public function getActiveSession(Request $request)
{
$user = User::find($request->user()->id);
@@ -205,15 +214,7 @@ class UserController extends Controller
return $this->fail([400, __('The user does not exist')]);
}
$code = Helper::guid();
$key = CacheKey::get('TEMP_TOKEN', $code);
Cache::put($key, $user->id, 60);
$redirect = '/#/login?verify=' . $code . '&redirect=' . ($request->input('redirect') ? $request->input('redirect') : 'dashboard');
if (admin_setting('app_url')) {
$url = admin_setting('app_url') . $redirect;
} else {
$url = url($redirect);
}
$url = $this->loginService->generateQuickLoginUrl($user, $request->input('redirect'));
return $this->success($url);
}
}
app/Http/Controllers/V2/Admin/ConfigController.php
+29 -21
View File
@@ -85,15 +85,15 @@ class ConfigController extends Controller
public function fetch(Request $request)
{
$key = $request->input('key');
// 构建配置数据映射
$configMappings = $this->getConfigMappings();
// 如果请求特定分组,直接返回
if ($key && isset($configMappings[$key])) {
return $this->success([$key => $configMappings[$key]]);
}
return $this->success($configMappings);
}
@@ -190,15 +190,23 @@ class ConfigController extends Controller
'email_whitelist_enable' => (bool) admin_setting('email_whitelist_enable', 0),
'email_whitelist_suffix' => admin_setting('email_whitelist_suffix', Dict::EMAIL_WHITELIST_SUFFIX_DEFAULT),
'email_gmail_limit_enable' => (bool) admin_setting('email_gmail_limit_enable', 0),
'recaptcha_enable' => (bool) admin_setting('recaptcha_enable', 0),
'captcha_enable' => (bool) admin_setting('captcha_enable', 0),
'captcha_type' => admin_setting('captcha_type', 'recaptcha'),
'recaptcha_key' => admin_setting('recaptcha_key', ''),
'recaptcha_site_key' => admin_setting('recaptcha_site_key', ''),
'recaptcha_v3_secret_key' => admin_setting('recaptcha_v3_secret_key', ''),
'recaptcha_v3_site_key' => admin_setting('recaptcha_v3_site_key', ''),
'recaptcha_v3_score_threshold' => admin_setting('recaptcha_v3_score_threshold', 0.5),
'turnstile_secret_key' => admin_setting('turnstile_secret_key', ''),
'turnstile_site_key' => admin_setting('turnstile_site_key', ''),
'register_limit_by_ip_enable' => (bool) admin_setting('register_limit_by_ip_enable', 0),
'register_limit_count' => admin_setting('register_limit_count', 3),
'register_limit_expire' => admin_setting('register_limit_expire', 60),
'password_limit_enable' => (bool) admin_setting('password_limit_enable', 1),
'password_limit_count' => admin_setting('password_limit_count', 5),
'password_limit_expire' => admin_setting('password_limit_expire', 60)
'password_limit_expire' => admin_setting('password_limit_expire', 60),
// 保持向后兼容
'recaptcha_enable' => (bool) admin_setting('captcha_enable', 0)
],
'subscribe_template' => [
'subscribe_template_singbox' => $this->formatTemplateContent(
@@ -225,7 +233,7 @@ class ConfigController extends Controller
}
admin_setting([$k => $v]);
}
return $this->success(true);
}
@@ -240,23 +248,23 @@ class ConfigController extends Controller
{
return match ($format) {
'json' => match (true) {
is_array($content) => json_encode(
value: $content,
flags: JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES
),
is_string($content) && str($content)->isJson() => rescue(
callback: fn() => json_encode(
value: json_decode($content, associative: true, flags: JSON_THROW_ON_ERROR),
is_array($content) => json_encode(
value: $content,
flags: JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES
),
rescue: $content,
report: false
),
default => str($content)->toString()
},
is_string($content) && str($content)->isJson() => rescue(
callback: fn() => json_encode(
value: json_decode($content, associative: true, flags: JSON_THROW_ON_ERROR),
flags: JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES
),
rescue: $content,
report: false
),
default => str($content)->toString()
},
default => str($content)->toString()
};
}
app/Http/Requests/Admin/ConfigSave.php
+12 -1
View File
@@ -82,9 +82,16 @@ class ConfigSave extends FormRequest
'email_whitelist_enable' => 'boolean',
'email_whitelist_suffix' => 'nullable|array',
'email_gmail_limit_enable' => 'boolean',
'captcha_enable' => 'boolean',
'captcha_type' => 'in:recaptcha,turnstile,recaptcha-v3',
'recaptcha_enable' => 'boolean',
'recaptcha_key' => '',
'recaptcha_site_key' => '',
'recaptcha_v3_secret_key' => '',
'recaptcha_v3_site_key' => '',
'recaptcha_v3_score_threshold' => 'numeric|min:0|max:1',
'turnstile_secret_key' => '',
'turnstile_site_key' => '',
'email_verify' => 'bool',
'safe_mode_enable' => 'boolean',
'register_limit_by_ip_enable' => 'boolean',
@@ -124,7 +131,11 @@ class ConfigSave extends FormRequest
'telegram_discuss_link.url' => 'Telegram群组地址必须为URL格式,必须携带http(s)://',
'logo.url' => 'LOGO URL格式不正确,必须携带https(s)://',
'secure_path.min' => '后台路径长度最小为8位',
'secure_path.regex' => '后台路径只能为字母或数字'
'secure_path.regex' => '后台路径只能为字母或数字',
'captcha_type.in' => '人机验证类型只能选择 recaptcha、turnstile 或 recaptcha-v3',
'recaptcha_v3_score_threshold.numeric' => 'reCAPTCHA v3 分数阈值必须为数字',
'recaptcha_v3_score_threshold.min' => 'reCAPTCHA v3 分数阈值不能小于0',
'recaptcha_v3_score_threshold.max' => 'reCAPTCHA v3 分数阈值不能大于1'
];
}
}
app/Services/Auth/LoginService.php
+58 -20
View File
@@ -19,12 +19,18 @@ class LoginService
public function login(string $email, string $password): array
{
// 检查密码错误限制
if ((int)admin_setting('password_limit_enable', true)) {
$passwordErrorCount = (int)Cache::get(CacheKey::get('PASSWORD_ERROR_LIMIT', $email), 0);
if ($passwordErrorCount >= (int)admin_setting('password_limit_count', 5)) {
return [false, [429, __('There are too many password errors, please try again after :minute minutes.', [
'minute' => admin_setting('password_limit_expire', 60)
])]];
if ((int) admin_setting('password_limit_enable', true)) {
$passwordErrorCount = (int) Cache::get(CacheKey::get('PASSWORD_ERROR_LIMIT', $email), 0);
if ($passwordErrorCount >= (int) admin_setting('password_limit_count', 5)) {
return [
false,
[
429,
__('There are too many password errors, please try again after :minute minutes.', [
'minute' => admin_setting('password_limit_expire', 60)
])
]
];
}
}
@@ -35,19 +41,21 @@ class LoginService
}
// 验证密码
if (!Helper::multiPasswordVerify(
$user->password_algo,
$user->password_salt,
$password,
$user->password)
if (
!Helper::multiPasswordVerify(
$user->password_algo,
$user->password_salt,
$password,
$user->password
)
) {
// 增加密码错误计数
if ((int)admin_setting('password_limit_enable', true)) {
$passwordErrorCount = (int)Cache::get(CacheKey::get('PASSWORD_ERROR_LIMIT', $email), 0);
if ((int) admin_setting('password_limit_enable', true)) {
$passwordErrorCount = (int) Cache::get(CacheKey::get('PASSWORD_ERROR_LIMIT', $email), 0);
Cache::put(
CacheKey::get('PASSWORD_ERROR_LIMIT', $email),
(int)$passwordErrorCount + 1,
60 * (int)admin_setting('password_limit_expire', 60)
(int) $passwordErrorCount + 1,
60 * (int) admin_setting('password_limit_expire', 60)
);
}
return [false, [400, __('Incorrect email or password')]];
@@ -77,13 +85,13 @@ class LoginService
{
// 检查重置请求限制
$forgetRequestLimitKey = CacheKey::get('FORGET_REQUEST_LIMIT', $email);
$forgetRequestLimit = (int)Cache::get($forgetRequestLimitKey);
$forgetRequestLimit = (int) Cache::get($forgetRequestLimitKey);
if ($forgetRequestLimit >= 3) {
return [false, [429, __('Reset failed, Please try again later')]];
}
// 验证邮箱验证码
if ((string)Cache::get(CacheKey::get('EMAIL_VERIFY_CODE', $email)) !== (string)$emailCode) {
if ((string) Cache::get(CacheKey::get('EMAIL_VERIFY_CODE', $email)) !== (string) $emailCode) {
Cache::put($forgetRequestLimitKey, $forgetRequestLimit ? $forgetRequestLimit + 1 : 1, 300);
return [false, [400, __('Incorrect email verification code')]];
}
@@ -98,14 +106,44 @@ class LoginService
$user->password = password_hash($password, PASSWORD_DEFAULT);
$user->password_algo = NULL;
$user->password_salt = NULL;
if (!$user->save()) {
return [false, [500, __('Reset failed')]];
}
// 清除邮箱验证码
Cache::forget(CacheKey::get('EMAIL_VERIFY_CODE', $email));
return [true, true];
}
}
/**
* 生成临时登录令牌和快速登录URL
*
* @param User $user 用户对象
* @param string $redirect 重定向路径
* @return string|null 快速登录URL
*/
public function generateQuickLoginUrl(User $user, string $redirect = 'dashboard'): ?string
{
if (!$user || !$user->exists) {
return null;
}
$code = Helper::guid();
$key = CacheKey::get('TEMP_TOKEN', $code);
Cache::put($key, $user->id, 60);
$loginRedirect = '/#/login?verify=' . $code . '&redirect=' . $redirect;
if (admin_setting('app_url')) {
$url = admin_setting('app_url') . $loginRedirect;
} else {
$url = url($loginRedirect);
}
return $url;
}
}
app/Services/Auth/MailLinkService.php
+7 -29
View File
@@ -19,7 +19,7 @@ class MailLinkService
*/
public function handleMailLink(string $email, ?string $redirect = null): array
{
if (!(int)admin_setting('login_with_mail_link_enable')) {
if (!(int) admin_setting('login_with_mail_link_enable')) {
return [false, [404, null]];
}
@@ -72,28 +72,6 @@ class MailLinkService
]);
}
/**
* 获取快速登录URL
*
* @param User $user 用户对象
* @param string|null $redirect 重定向地址
* @return string 登录URL
*/
public function getQuickLoginUrl(User $user, ?string $redirect = null): string
{
$code = Helper::guid();
$key = CacheKey::get('TEMP_TOKEN', $code);
Cache::put($key, $user->id, 60);
$redirectUrl = '/#/login?verify=' . $code . '&redirect=' . ($redirect ? $redirect : 'dashboard');
if (admin_setting('app_url')) {
return admin_setting('app_url') . $redirectUrl;
} else {
return url($redirectUrl);
}
}
/**
* 处理Token登录
*
@@ -104,19 +82,19 @@ class MailLinkService
{
$key = CacheKey::get('TEMP_TOKEN', $token);
$userId = Cache::get($key);
if (!$userId) {
return null;
}
$user = User::find($userId);
if (!$user || $user->banned) {
return null;
}
Cache::forget($key);
return $userId;
}
}
}
app/Services/Auth/RegisterService.php
+36 -30
View File
@@ -5,12 +5,12 @@ namespace App\Services\Auth;
use App\Models\InviteCode;
use App\Models\Plan;
use App\Models\User;
use App\Services\CaptchaService;
use App\Utils\CacheKey;
use App\Utils\Dict;
use App\Utils\Helper;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Cache;
use ReCaptcha\ReCaptcha;
class RegisterService
{
@@ -23,36 +23,42 @@ class RegisterService
public function validateRegister(Request $request): array
{
// 检查IP注册限制
if ((int)admin_setting('register_limit_by_ip_enable', 0)) {
if ((int) admin_setting('register_limit_by_ip_enable', 0)) {
$registerCountByIP = Cache::get(CacheKey::get('REGISTER_IP_RATE_LIMIT', $request->ip())) ?? 0;
if ((int)$registerCountByIP >= (int)admin_setting('register_limit_count', 3)) {
return [false, [429, __('Register frequently, please try again after :minute minute', [
'minute' => admin_setting('register_limit_expire', 60)
])]];
if ((int) $registerCountByIP >= (int) admin_setting('register_limit_count', 3)) {
return [
false,
[
429,
__('Register frequently, please try again after :minute minute', [
'minute' => admin_setting('register_limit_expire', 60)
])
]
];
}
}
// 检查验证码
if ((int)admin_setting('recaptcha_enable', 0)) {
$recaptcha = new ReCaptcha(admin_setting('recaptcha_key'));
$recaptchaResp = $recaptcha->verify($request->input('recaptcha_data'));
if (!$recaptchaResp->isSuccess()) {
return [false, [400, __('Invalid code is incorrect')]];
}
$captchaService = app(CaptchaService::class);
[$captchaValid, $captchaError] = $captchaService->verify($request);
if (!$captchaValid) {
return [false, $captchaError];
}
// 检查邮箱白名单
if ((int)admin_setting('email_whitelist_enable', 0)) {
if (!Helper::emailSuffixVerify(
$request->input('email'),
admin_setting('email_whitelist_suffix', Dict::EMAIL_WHITELIST_SUFFIX_DEFAULT))
if ((int) admin_setting('email_whitelist_enable', 0)) {
if (
!Helper::emailSuffixVerify(
$request->input('email'),
admin_setting('email_whitelist_suffix', Dict::EMAIL_WHITELIST_SUFFIX_DEFAULT)
)
) {
return [false, [400, __('Email suffix is not in the Whitelist')]];
}
}
// 检查Gmail限制
if ((int)admin_setting('email_gmail_limit_enable', 0)) {
if ((int) admin_setting('email_gmail_limit_enable', 0)) {
$prefix = explode('@', $request->input('email'))[0];
if (strpos($prefix, '.') !== false || strpos($prefix, '+') !== false) {
return [false, [400, __('Gmail alias is not supported')]];
@@ -60,23 +66,23 @@ class RegisterService
}
// 检查是否关闭注册
if ((int)admin_setting('stop_register', 0)) {
if ((int) admin_setting('stop_register', 0)) {
return [false, [400, __('Registration has closed')]];
}
// 检查邀请码要求
if ((int)admin_setting('invite_force', 0)) {
if ((int) admin_setting('invite_force', 0)) {
if (empty($request->input('invite_code'))) {
return [false, [422, __('You must use the invitation code to register')]];
}
}
// 检查邮箱验证
if ((int)admin_setting('email_verify', 0)) {
if ((int) admin_setting('email_verify', 0)) {
if (empty($request->input('email_code'))) {
return [false, [422, __('Email verification code cannot be empty')]];
}
if ((string)Cache::get(CacheKey::get('EMAIL_VERIFY_CODE', $request->input('email'))) !== (string)$request->input('email_code')) {
if ((string) Cache::get(CacheKey::get('EMAIL_VERIFY_CODE', $request->input('email'))) !== (string) $request->input('email_code')) {
return [false, [400, __('Incorrect email verification code')]];
}
}
@@ -109,15 +115,15 @@ class RegisterService
->first();
if (!$inviteCodeModel) {
if ((int)admin_setting('invite_force', 0)) {
if ((int) admin_setting('invite_force', 0)) {
return [false, [400, __('Invalid invitation code')]];
}
return [true, null];
}
$user->invite_user_id = $inviteCodeModel->user_id ? $inviteCodeModel->user_id : null;
if (!(int)admin_setting('invite_never_expire', 0)) {
if (!(int) admin_setting('invite_never_expire', 0)) {
$inviteCodeModel->status = true;
$inviteCodeModel->save();
}
@@ -133,7 +139,7 @@ class RegisterService
*/
public function handleTryOut(User $user): void
{
if ((int)admin_setting('try_out_plan_id', 0)) {
if ((int) admin_setting('try_out_plan_id', 0)) {
$plan = Plan::find(admin_setting('try_out_plan_id'));
if ($plan) {
$user->transfer_enable = $plan->transfer_enable * 1073741824;
@@ -186,7 +192,7 @@ class RegisterService
}
// 清除邮箱验证码
if ((int)admin_setting('email_verify', 0)) {
if ((int) admin_setting('email_verify', 0)) {
Cache::forget(CacheKey::get('EMAIL_VERIFY_CODE', $email));
}
@@ -195,15 +201,15 @@ class RegisterService
$user->save();
// 更新IP注册计数
if ((int)admin_setting('register_limit_by_ip_enable', 0)) {
if ((int) admin_setting('register_limit_by_ip_enable', 0)) {
$registerCountByIP = Cache::get(CacheKey::get('REGISTER_IP_RATE_LIMIT', $request->ip())) ?? 0;
Cache::put(
CacheKey::get('REGISTER_IP_RATE_LIMIT', $request->ip()),
(int)$registerCountByIP + 1,
(int)admin_setting('register_limit_expire', 60) * 60
(int) $registerCountByIP + 1,
(int) admin_setting('register_limit_expire', 60) * 60
);
}
return [true, $user];
}
}
}
app/Services/CaptchaService.php
+112
View File
@@ -0,0 +1,112 @@
<?php
namespace App\Services;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Http;
use ReCaptcha\ReCaptcha;
class CaptchaService
{
/**
* 验证人机验证码
*
* @param Request $request 请求对象
* @return array [是否通过, 错误消息]
*/
public function verify(Request $request): array
{
if (!(int) admin_setting('captcha_enable', 0)) {
return [true, null];
}
$captchaType = admin_setting('captcha_type', 'recaptcha');
return match ($captchaType) {
'turnstile' => $this->verifyTurnstile($request),
'recaptcha-v3' => $this->verifyRecaptchaV3($request),
'recaptcha' => $this->verifyRecaptcha($request),
default => [false, [400, __('Invalid captcha type')]]
};
}
/**
* 验证 Cloudflare Turnstile
*
* @param Request $request
* @return array
*/
private function verifyTurnstile(Request $request): array
{
$turnstileToken = $request->input('turnstile_token');
if (!$turnstileToken) {
return [false, [400, __('Invalid code is incorrect')]];
}
$response = Http::post('https://challenges.cloudflare.com/turnstile/v0/siteverify', [
'secret' => admin_setting('turnstile_secret_key'),
'response' => $turnstileToken,
'remoteip' => $request->ip()
]);
$result = $response->json();
if (!$result['success']) {
return [false, [400, __('Invalid code is incorrect')]];
}
return [true, null];
}
/**
* 验证 Google reCAPTCHA v3
*
* @param Request $request
* @return array
*/
private function verifyRecaptchaV3(Request $request): array
{
$recaptchaV3Token = $request->input('recaptcha_v3_token');
if (!$recaptchaV3Token) {
return [false, [400, __('Invalid code is incorrect')]];
}
$recaptcha = new ReCaptcha(admin_setting('recaptcha_v3_secret_key'));
$recaptchaResp = $recaptcha->verify($recaptchaV3Token, $request->ip());
if (!$recaptchaResp->isSuccess()) {
return [false, [400, __('Invalid code is incorrect')]];
}
// 检查分数阈值(如果有的话)
$score = $recaptchaResp->getScore();
$threshold = admin_setting('recaptcha_v3_score_threshold', 0.5);
if ($score !== null && $score < $threshold) {
return [false, [400, __('Invalid code is incorrect')]];
}
return [true, null];
}
/**
* 验证 Google reCAPTCHA v2
*
* @param Request $request
* @return array
*/
private function verifyRecaptcha(Request $request): array
{
$recaptchaData = $request->input('recaptcha_data');
if (!$recaptchaData) {
return [false, [400, __('Invalid code is incorrect')]];
}
$recaptcha = new ReCaptcha(admin_setting('recaptcha_key'));
$recaptchaResp = $recaptcha->verify($recaptchaData);
if (!$recaptchaResp->isSuccess()) {
return [false, [400, __('Invalid code is incorrect')]];
}
return [true, null];
}
}
public/assets/admin/assets/index.js
Vendored
+14 -14
View File
File diff suppressed because one or more lines are too long
public/assets/admin/index.html
+1 -1
View File
@@ -16,7 +16,7 @@
title: 'Xboard',
version: '1.0.0',
logo: 'https://xboard.io/i6mages/logo.png',
secure_path: '/6a416b7a',
secure_path: '/22aba88a',
}
</script>
<script src="./locales/en-US.js"></script>
public/assets/admin/locales/en-US.js
Vendored
+51 -11
View File
@@ -416,20 +416,60 @@ window.XBOARD_TRANSLATIONS['en-US'] = {
"description": "Enter the allowed email suffixes, one per line"
}
},
"recaptcha": {
"captcha": {
"enable": {
"label": "Enable reCAPTCHA",
"description": "When enabled, users will need to pass reCAPTCHA verification when registering."
"label": "Enable Captcha",
"description": "When enabled, users will need to pass captcha verification when registering."
},
"key": {
"label": "reCAPTCHA Key",
"placeholder": "Enter reCAPTCHA key",
"description": "Enter your reCAPTCHA key"
"type": {
"label": "Captcha Type",
"description": "Select the captcha service type to use",
"options": {
"recaptcha": "Google reCAPTCHA v2",
"recaptcha-v3": "Google reCAPTCHA v3",
"turnstile": "Cloudflare Turnstile"
}
},
"siteKey": {
"label": "reCAPTCHA Site Key",
"placeholder": "Enter reCAPTCHA site key",
"description": "Enter your reCAPTCHA site key"
"recaptcha": {
"key": {
"label": "reCAPTCHA Key",
"placeholder": "Enter reCAPTCHA key",
"description": "Enter your reCAPTCHA key"
},
"siteKey": {
"label": "reCAPTCHA Site Key",
"placeholder": "Enter reCAPTCHA site key",
"description": "Enter your reCAPTCHA site key"
}
},
"recaptcha_v3": {
"secretKey": {
"label": "reCAPTCHA v3 Key",
"placeholder": "Enter reCAPTCHA v3 key",
"description": "Enter your reCAPTCHA v3 server key"
},
"siteKey": {
"label": "reCAPTCHA v3 Site Key",
"placeholder": "Enter reCAPTCHA v3 site key",
"description": "Enter your reCAPTCHA v3 site key"
},
"scoreThreshold": {
"label": "Score Threshold",
"placeholder": "0.5",
"description": "Set verification score threshold (0-1), higher scores indicate more likely human behavior"
}
},
"turnstile": {
"secretKey": {
"label": "Turnstile Key",
"placeholder": "Enter Turnstile key",
"description": "Enter your Cloudflare Turnstile key"
},
"siteKey": {
"label": "Turnstile Site Key",
"placeholder": "Enter Turnstile site key",
"description": "Enter your Cloudflare Turnstile site key"
}
}
},
"registerLimit": {
public/assets/admin/locales/ko-KR.js
Vendored
+33 -11
View File
@@ -414,20 +414,42 @@ window.XBOARD_TRANSLATIONS['ko-KR'] = {
"description": "허용된 이메일 접미사를 한 줄에 하나씩 입력하세요"
}
},
"recaptcha": {
"captcha": {
"enable": {
"label": "reCAPTCHA 활성화",
"description": "활성화하면 사용자는 등록 시 reCAPTCHA 인증을 통과해야 합니다."
"label": "캡차 활성화",
"description": "활성화하면 사용자는 등록 시 캡차 인증을 통과해야 합니다."
},
"key": {
"label": "reCAPTCHA 키",
"placeholder": "reCAPTCHA 키 입력",
"description": "reCAPTCHA 키를 입력하세요"
"type": {
"label": "캡차 유형",
"description": "사용할 캡차 서비스 유형을 선택하세요",
"options": {
"recaptcha": "Google reCAPTCHA v2",
"turnstile": "Cloudflare Turnstile"
}
},
"siteKey": {
"label": "reCAPTCHA 사이트 키",
"placeholder": "reCAPTCHA 사이트 키 입력",
"description": "reCAPTCHA 사이트 키를 입력하세요"
"recaptcha": {
"key": {
"label": "reCAPTCHA ",
"placeholder": "reCAPTCHA 키 입력",
"description": "reCAPTCHA 키를 입력하세요"
},
"siteKey": {
"label": "reCAPTCHA 사이트 키",
"placeholder": "reCAPTCHA 사이트 키 입력",
"description": "reCAPTCHA 사이트 키를 입력하세요"
}
},
"turnstile": {
"secretKey": {
"label": "Turnstile 키",
"placeholder": "Turnstile 키 입력",
"description": "Cloudflare Turnstile 키를 입력하세요"
},
"siteKey": {
"label": "Turnstile 사이트 키",
"placeholder": "Turnstile 사이트 키 입력",
"description": "Cloudflare Turnstile 사이트 키를 입력하세요"
}
}
},
"registerLimit": {
public/assets/admin/locales/zh-CN.js
Vendored
+51 -11
View File
@@ -336,20 +336,60 @@ window.XBOARD_TRANSLATIONS['zh-CN'] = {
"description": "输入允许的邮箱后缀,每行一个"
}
},
"recaptcha": {
"captcha": {
"enable": {
"label": "启用reCAPTCHA",
"description": "开启后用户注册时需要通过reCAPTCHA验证。"
"label": "启用验证码",
"description": "开启后用户注册时需要通过验证码验证。"
},
"key": {
"label": "reCAPTCHA密钥",
"placeholder": "输入reCAPTCHA密钥",
"description": "输入您的reCAPTCHA密钥"
"type": {
"label": "验证码类型",
"description": "选择要使用的验证码服务类型",
"options": {
"recaptcha": "Google reCAPTCHA v2",
"recaptcha-v3": "Google reCAPTCHA v3",
"turnstile": "Cloudflare Turnstile"
}
},
"siteKey": {
"label": "reCAPTCHA站点密钥",
"placeholder": "输入reCAPTCHA站点密钥",
"description": "输入您的reCAPTCHA站点密钥"
"recaptcha": {
"key": {
"label": "reCAPTCHA密钥",
"placeholder": "输入reCAPTCHA密钥",
"description": "输入您的reCAPTCHA密钥"
},
"siteKey": {
"label": "reCAPTCHA站点密钥",
"placeholder": "输入reCAPTCHA站点密钥",
"description": "输入您的reCAPTCHA站点密钥"
}
},
"recaptcha_v3": {
"secretKey": {
"label": "reCAPTCHA v3密钥",
"placeholder": "输入reCAPTCHA v3密钥",
"description": "输入您的reCAPTCHA v3服务器密钥"
},
"siteKey": {
"label": "reCAPTCHA v3站点密钥",
"placeholder": "输入reCAPTCHA v3站点密钥",
"description": "输入您的reCAPTCHA v3站点密钥"
},
"scoreThreshold": {
"label": "分数阈值",
"placeholder": "0.5",
"description": "设置验证分数阈值(0-1),分数越高表示越可能是真人操作"
}
},
"turnstile": {
"secretKey": {
"label": "Turnstile密钥",
"placeholder": "输入Turnstile密钥",
"description": "输入您的Cloudflare Turnstile密钥"
},
"siteKey": {
"label": "Turnstile站点密钥",
"placeholder": "输入Turnstile站点密钥",
"description": "输入您的Cloudflare Turnstile站点密钥"
}
}
},
"registerLimit": {
theme/Xboard/assets/umi.js
Vendored
+656 -656
View File
File diff suppressed because one or more lines are too long
theme/Xboard/assets/umi.js.br
BIN
View File
Binary file not shown.
theme/Xboard/assets/umi.js.gz
BIN
View File
Binary file not shown.