bugfixing :D

This commit is contained in:
2026-06-29 17:26:10 +01:00
parent 682cf6d678
commit 37df155485
2 changed files with 54 additions and 56 deletions
+25 -2
View File
@@ -1369,6 +1369,23 @@ function isTurnstileSessionVerified(req) {
}
}
function protectedSiteSessionStatus(req) {
const turnstileVerified = isTurnstileSessionVerified(req)
const siteVerified = isSiteSessionVerified(req)
const canIssueSiteSession = turnstileVerified && !siteVerified && Boolean(SITE_SESSION_HMAC_KEY)
return {
turnstileVerified,
siteVerified,
canIssueSiteSession,
verified: turnstileVerified && siteVerified,
}
}
function protectedSiteSessionGateState(req) {
const sessionStatus = protectedSiteSessionStatus(req)
return sessionStatus.verified || sessionStatus.canIssueSiteSession ? 'verified' : 'required'
}
function callTurnstileSiteverify(token, remoteIp, idempotencyKey) {
return new Promise((resolve) => {
const params = new URLSearchParams()
@@ -2776,7 +2793,7 @@ function htmlWithSeo(req, data) {
.replaceAll('__SEO_PUBLISHED_TIME__', escapeHtml(seo.publishedAt || ''))
.replaceAll('__SEO_MODIFIED_TIME__', escapeHtml(seo.publishedAt || ''))
.replaceAll('__SEO_JSON_LD__', routeStructuredData(origin, seo, canonicalUrl).replace(/</g, '\\u003c'))
.replaceAll('__TURNSTILE_SESSION__', isTurnstileSessionVerified(req) ? 'verified' : 'required')
.replaceAll('__TURNSTILE_SESSION__', protectedSiteSessionGateState(req))
.replace('<div id="root"></div>', `<div id="root">\n${routeFallbackHtml(seo)}\n</div>`)
}
@@ -2791,8 +2808,11 @@ function requestPathname(req) {
function sendHtml(req, res, data, status) {
const html = htmlWithSeo(req, data)
const finalStatus = status ?? routeSeo(requestPathname(req)).status ?? 200
const sessionStatus = protectedSiteSessionStatus(req)
const sessionCookie = sessionStatus.canIssueSiteSession ? buildSiteSessionCookie(req) : ''
send(res, finalStatus, html, {
...securityHeaders(req, { html: true }),
...(sessionCookie ? { 'set-cookie': sessionCookie } : {}),
'content-type': mimeTypes['.html'],
'cache-control': 'no-cache',
})
@@ -3379,7 +3399,10 @@ const server = http.createServer((req, res) => {
sendJson(res, 403, { error: 'Turnstile session check is restricted to this site' })
return
}
sendJson(res, 200, { verified: isTurnstileSessionVerified(req) })
const sessionStatus = protectedSiteSessionStatus(req)
const sessionCookie = sessionStatus.canIssueSiteSession ? buildSiteSessionCookie(req) : ''
const headers = sessionCookie ? { 'set-cookie': sessionCookie } : {}
sendJson(res, 200, { verified: sessionStatus.verified || Boolean(sessionCookie) }, headers)
return
}