updated captcha abilities & tests

app/Libraries/Aauth.php

@@ -218,15 +218,26 @@ class Aauth
 			return false;
 		}
 
-		// if ($this->config->ddos_protection && $this->config->recaptcha_active && $loginAttempts->get() > $this->config->recaptcha_login_attempts){
-		// 	$this->CI->load->helper('recaptchalib');
-		// 	$reCaptcha = new ReCaptcha( $this->config->recaptcha_secret);
-		// 	$resp      = $reCaptcha->verifyResponse( $this->CI->input->server("REMOTE_ADDR"), $this->CI->input->post("g-recaptcha-response") );
-		// 	if( ! $resp->success){
-		// 		$this->error(lang('Aauth.aauth_error_recaptcha_not_correct'));
-		// 		return false;
-		// 	}
-		// }
+		if ($this->config->loginProtection && $this->config->captchaEnabled && $this->isCaptchaRequired())
+		{
+			$request = \Config\Services::request();
+
+			if ($this->config->captchaType === 'recaptcha')
+			{
+				$response = $request->getPostGet('g-recaptcha-response');
+			}
+			else if ($this->config->captchaType === 'recaptcha')
+			{
+				$response = $request->getPostGet('h-captcha-response');
+			}
+
+			if (! $this->verifyCaptchaResponse($response))
+			{
+				$this->error('Aauth.invalidCaptcha');
+
+				return false;
+			}
+		}
 
 		if ($this->config->loginUseUsername)
 		{

app/Libraries/Aauth/CAPTCHA.php

@@ -29,7 +29,7 @@ use \App\Models\Aauth\LoginAttemptModel;
 class CAPTCHA extends \App\Libraries\Aauth
 {
 	/**
-	 * Verify Response
+	 * Verify CAPTCHA Response
 	 *
 	 * Calls the CAPTCHA site verify API to verify whether the user passes
 	 * CAPTCHA test.
@@ -38,7 +38,7 @@ class CAPTCHA extends \App\Libraries\Aauth
 	 *
 	 * @return array
 	 */
-	public function verifyResponse($response)
+	public function verifyCaptchaResponse($response)
 	{
 		if ($response === null || strlen($response) === 0)
 		{
@@ -97,11 +97,7 @@ class CAPTCHA extends \App\Libraries\Aauth
 	{
 		$content = '';
 
-		if ($this->config->loginProtection && $this->config->captchaEnabled)
-		{
-			$loginAttemptModel = new LoginAttemptModel();
-
-			if ($loginAttemptModel->find() >= $this->config->captchaLoginAttempts)
+		if ($this->config->loginProtection && $this->config->captchaEnabled && $this->isCaptchaRequired())
 		{
 			$siteKey = $this->config->captchaSiteKey;
 
@@ -116,11 +112,22 @@ class CAPTCHA extends \App\Libraries\Aauth
 				$content .= '<script src="https://hcaptcha.com/1/api.js" async defer></script>';
 			}
 		}
-		}
 
 		return $content;
 	}
 
+	/**
+	 * Is CAPTCHA Required
+	 *
+	 * @return boolean
+	 */
+	public function isCaptchaRequired()
+	{
+		$loginAttemptModel = new LoginAttemptModel();
+
+		return $loginAttemptModel->find() >= $this->config->captchaLoginAttempts;
+	}
+
 	/**
 	 * Submit GET
 	 *

tests/Aauth/Libraries/Aauth/CAPTCHATest.php

@@ -93,17 +93,17 @@ class CAPTCHATest extends CIDatabaseTestCase
 		$this->assertContains('https://hcaptcha.com/1', $this->library->generateCaptchaHtml());
 	}
 
-	public function testVerifyResponse()
+	public function testVerifyCaptchaResponse()
 	{
 		$config                 = new AauthConfig();
 		$config->captchaEnabled = true;
 		$this->library          = new Aauth($config, true);
 
-		$this->assertContains('missing-input', $this->library->verifyResponse(null)['errorCodes']);
-		$this->assertContains('invalid-input-response', $this->library->verifyResponse('0123456789')['errorCodes']);
+		$this->assertContains('missing-input', $this->library->verifyCaptchaResponse(null)['errorCodes']);
+		$this->assertContains('invalid-input-response', $this->library->verifyCaptchaResponse('0123456789')['errorCodes']);
 
 		$config->captchaType = 'hcaptcha';
 		$this->library       = new Aauth($config, true);
-		$this->assertContains('invalid-input-response', $this->library->verifyResponse('0123456789')['errorCodes']);
+		$this->assertContains('invalid-input-response', $this->library->verifyCaptchaResponse('0123456789')['errorCodes']);
 	}
 }