bugfixing :D
This commit is contained in:
+25
-2
@@ -1369,6 +1369,23 @@ function isTurnstileSessionVerified(req) {
|
||||
}
|
||||
}
|
||||
|
||||
function protectedSiteSessionStatus(req) {
|
||||
const turnstileVerified = isTurnstileSessionVerified(req)
|
||||
const siteVerified = isSiteSessionVerified(req)
|
||||
const canIssueSiteSession = turnstileVerified && !siteVerified && Boolean(SITE_SESSION_HMAC_KEY)
|
||||
return {
|
||||
turnstileVerified,
|
||||
siteVerified,
|
||||
canIssueSiteSession,
|
||||
verified: turnstileVerified && siteVerified,
|
||||
}
|
||||
}
|
||||
|
||||
function protectedSiteSessionGateState(req) {
|
||||
const sessionStatus = protectedSiteSessionStatus(req)
|
||||
return sessionStatus.verified || sessionStatus.canIssueSiteSession ? 'verified' : 'required'
|
||||
}
|
||||
|
||||
function callTurnstileSiteverify(token, remoteIp, idempotencyKey) {
|
||||
return new Promise((resolve) => {
|
||||
const params = new URLSearchParams()
|
||||
@@ -2776,7 +2793,7 @@ function htmlWithSeo(req, data) {
|
||||
.replaceAll('__SEO_PUBLISHED_TIME__', escapeHtml(seo.publishedAt || ''))
|
||||
.replaceAll('__SEO_MODIFIED_TIME__', escapeHtml(seo.publishedAt || ''))
|
||||
.replaceAll('__SEO_JSON_LD__', routeStructuredData(origin, seo, canonicalUrl).replace(/</g, '\\u003c'))
|
||||
.replaceAll('__TURNSTILE_SESSION__', isTurnstileSessionVerified(req) ? 'verified' : 'required')
|
||||
.replaceAll('__TURNSTILE_SESSION__', protectedSiteSessionGateState(req))
|
||||
.replace('<div id="root"></div>', `<div id="root">\n${routeFallbackHtml(seo)}\n</div>`)
|
||||
}
|
||||
|
||||
@@ -2791,8 +2808,11 @@ function requestPathname(req) {
|
||||
function sendHtml(req, res, data, status) {
|
||||
const html = htmlWithSeo(req, data)
|
||||
const finalStatus = status ?? routeSeo(requestPathname(req)).status ?? 200
|
||||
const sessionStatus = protectedSiteSessionStatus(req)
|
||||
const sessionCookie = sessionStatus.canIssueSiteSession ? buildSiteSessionCookie(req) : ''
|
||||
send(res, finalStatus, html, {
|
||||
...securityHeaders(req, { html: true }),
|
||||
...(sessionCookie ? { 'set-cookie': sessionCookie } : {}),
|
||||
'content-type': mimeTypes['.html'],
|
||||
'cache-control': 'no-cache',
|
||||
})
|
||||
@@ -3379,7 +3399,10 @@ const server = http.createServer((req, res) => {
|
||||
sendJson(res, 403, { error: 'Turnstile session check is restricted to this site' })
|
||||
return
|
||||
}
|
||||
sendJson(res, 200, { verified: isTurnstileSessionVerified(req) })
|
||||
const sessionStatus = protectedSiteSessionStatus(req)
|
||||
const sessionCookie = sessionStatus.canIssueSiteSession ? buildSiteSessionCookie(req) : ''
|
||||
const headers = sessionCookie ? { 'set-cookie': sessionCookie } : {}
|
||||
sendJson(res, 200, { verified: sessionStatus.verified || Boolean(sessionCookie) }, headers)
|
||||
return
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user