Merge pull request #905 from e965/yandex-captcha

feat: add yandex smartcaptcha

inc/Service/YandexCaptchaQuery.php

@@ -0,0 +1,44 @@
+<?php
+namespace Vichan\Service;
+
+use Vichan\Data\Driver\HttpDriver;
+
+defined('TINYBOARD') or exit;
+
+
+class YandexCaptchaQuery implements RemoteCaptchaQuery {
+	private HttpDriver $http;
+	private string $secret;
+
+	/**
+	 * Creates a new YandexCaptchaQuery using the Yandex SmartCaptcha service.
+	 *
+	 * @param HttpDriver $http The http client.
+	 * @param string $secret Server side secret.
+	 * @return YandexCaptchaQuery A new YandexCaptchaQuery query instance.
+	 */
+	public function __construct(HttpDriver $http, string $secret) {
+		$this->http = $http;
+		$this->secret = $secret;
+	}
+
+	public function responseField(): string {
+		return 'smart-captcha';
+	}
+
+	public function verify(string $response, ?string $remote_ip): bool {
+		$data = [
+			'secret' => $this->secret,
+			'token' => $response
+		];
+
+		if ($remote_ip !== null) {
+			$data['ip'] = $remote_ip;
+		}
+
+		$ret = $this->http->requestGet('https://smartcaptcha.yandexcloud.net/validate', $data);
+		$resp = json_decode($ret, true, 16, JSON_THROW_ON_ERROR);
+
+		return isset($resp['status']) && $resp['status'] === 'ok';
+	}
+}

inc/config.php

@@ -361,7 +361,7 @@
 	$config['simple_spam'] = false;
 
 	$config['captcha'] = [
-		// Can be false, 'recaptcha', 'hcaptcha' or 'native'.
+		// Can be false, 'recaptcha', 'hcaptcha', 'yandexcaptcha' or 'native'.
 		'provider' => false,
 		/*
 		 * If not false, the captcha is dynamically injected on the client if the web server set the `captcha-required`
@@ -381,6 +381,10 @@
 			'sitekey' => '10000000-ffff-ffff-ffff-000000000001',
 			'secret' => '0x0000000000000000000000000000000000000000',
 		],
+		'yandexcaptcha' => [
+			'sitekey' => 'ysc1_rfl88NyaKGOwimTqVEShW23JdWHlRwXg6jyPhkW2sj1voM9Y',
+			'secret' => 'ysc2_M48FXzexqG5mTESVJfS4nVWhq8lytaMGObxEVqym35Kbz0r7',
+		],
 		// To enable the native captcha you need to change a couple of settings. Read more at: /inc/captcha/readme.md
 		'native' => [
 			// Custom captcha get provider path (if not working get the absolute path aka your url).

inc/context.php

@@ -6,6 +6,7 @@ use Vichan\Data\ReportQueries;
 use Vichan\Service\HCaptchaQuery;
 use Vichan\Service\SecureImageCaptchaQuery;
 use Vichan\Service\ReCaptchaQuery;
+use Vichan\Service\YandexCaptchaQuery;
 use Vichan\Service\RemoteCaptchaQuery;
 
 defined('TINYBOARD') or exit;
@@ -74,6 +75,8 @@ function build_context(array $config): Context {
 						$config['captcha']['hcaptcha']['secret'],
 						$config['captcha']['hcaptcha']['sitekey']
 					);
+				case 'yandexcaptcha':
+					return new YandexCaptchaQuery($http, $config['captcha']['yandexcaptcha']['secret']);
 				default:
 					throw new \RuntimeException('No remote captcha service available');
 			}

templates/header.html

@@ -53,3 +53,6 @@
 {% if config.captcha.provider == 'hcaptcha' %}
 <script src="https://js.hcaptcha.com/1/api.js" async defer></script>
 {% endif %}
+{% if config.captcha.provider == 'yandexcaptcha' %}
+<script src="https://smartcaptcha.yandexcloud.net/captcha.js" defer></script>
+{% endif %}

templates/post_form.html

@@ -100,6 +100,16 @@
 			</td>
 		</tr>
 		{% endif %}
+		{% if config.captcha.provider == 'yandexcaptcha' %}
+		<tr>
+			<th>
+				{% trans %}Verification{% endtrans %}
+			</th>
+			<td>
+				<div style="height: 100px" id="captcha-container" class="smart-captcha" data-sitekey="{{ config.captcha.yandexcaptcha.sitekey }}"></div>
+			</td>
+		</tr>
+		{% endif %}
 		{% if (config.captcha.provider == 'native' and not config.captcha.native.new_thread_capt) or 
 			(config.captcha.provider == 'native' and config.captcha.native.new_thread_capt and not id) %}
 			<tr class='captcha'>