Diff

mod_register_web/mod_register_web.lua @ 1778:32604bf33a4c

mod_register_web: Switch to the new reCAPTCHA API, including support for "nocaptcha" when users are already signed in to Google.
author Thijs Alkemade <me@thijsalkema.de>
date Wed, 04 Mar 2015 12:57:24 +0100
parent 1618:c56baec031e8
child 2733:c8161146c698
line wrap: on
line diff
--- a/mod_register_web/mod_register_web.lua	Mon Aug 10 21:13:31 2015 +0200
+++ b/mod_register_web/mod_register_web.lua	Wed Mar 04 12:57:24 2015 +0100
@@ -3,6 +3,8 @@
 local usermanager = require "core.usermanager";
 local http = require "net.http";
 local path_sep = package.config:sub(1,1);
+local json = require "util.json".decode;
+local t_concat = table.concat;
 
 module:depends"http";
 
@@ -47,19 +49,18 @@
 		}));
 	end
 	function verify_captcha(request, form, callback)
-		http.request("https://www.google.com/recaptcha/api/verify", {
+		http.request("https://www.google.com/recaptcha/api/siteverify", {
 			body = http.formencode {
-				privatekey = captcha_options.recaptcha_private_key;
+				secret = captcha_options.recaptcha_private_key;
 				remoteip = request.conn:ip();
-				challenge = form.recaptcha_challenge_field;
-				response = form.recaptcha_response_field;
+				response = form["g-recaptcha-response"];
 			};
 		}, function (verify_result, code)
-			local verify_ok, verify_err = verify_result:match("^([^\n]+)\n([^\n]+)");
-			if verify_ok == "true" then
+			local result = json(verify_result);
+			if result.success == true then
 				callback(true);
 			else
-				callback(false, verify_err)
+				callback(false, t_concat(result["error-codes"]));
 			end
 		end);
 	end