Yadciel/Titan
1
0
Fork 0
mirror of https://github.com/TitanEmbeds/Titan.git synced 2025-06-17 03:45:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

Server administrators may disable captchas for guest users

Browse Source
This commit is contained in:
Jeremy Zhang
2017-11-04 02:58:26 +00:00
parent 71209d2824
commit bba4950ddc
12 changed files with 78 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
webapp/titanembeds/blueprints/api/api.py
View File

@ -1,6 +1,6 @@
from titanembeds.database import db, Guilds, UnauthenticatedUsers, UnauthenticatedBans, AuthenticatedUsers, KeyValueProperties, GuildMembers, Messages, get_channel_messages, list_all_guild_members, get_guild_member, get_administrators_list
from titanembeds.decorators import valid_session_required, discord_users_only
from titanembeds.utils import check_guild_existance, guild_accepts_visitors, guild_query_unauth_users_bool, get_client_ipaddr, discord_api, rate_limiter, channel_ratelimit_key, guild_ratelimit_key, user_unauthenticated, checkUserRevoke, checkUserBanned, update_user_status, check_user_in_guild, get_guild_channels, guild_webhooks_enabled
from titanembeds.utils import check_guild_existance, guild_accepts_visitors, guild_query_unauth_users_bool, get_client_ipaddr, discord_api, rate_limiter, channel_ratelimit_key, guild_ratelimit_key, user_unauthenticated, checkUserRevoke, checkUserBanned, update_user_status, check_user_in_guild, get_guild_channels, guild_webhooks_enabled, guild_unauthcaptcha_enabled
from titanembeds.oauth import user_has_permission, generate_avatar_url, check_user_can_administrate_guild
from flask import Blueprint, abort, jsonify, session, request, url_for
from flask import current_app as app
@ -291,9 +291,6 @@ def create_unauthenticated_user():
guild_id = request.form['guild_id']
ip_address = get_client_ipaddr()
username = username.strip()
captcha_response = request.form['captcha_response']
if not verify_captcha_request(captcha_response, request.remote_addr):
abort(412)
if len(username) < 2 or len(username) > 32:
abort(406)
if not all(x.isalnum() or x.isspace() or "-" == x or "_" == x for x in username):
@ -302,6 +299,10 @@ def create_unauthenticated_user():
abort(404)
if not guild_query_unauth_users_bool(guild_id):
abort(401)
if guild_unauthcaptcha_enabled(guild_id):
captcha_response = request.form['captcha_response']
if not verify_captcha_request(captcha_response, request.remote_addr):
abort(412)
if not checkUserBanned(guild_id, ip_address):
session['username'] = username
if 'user_id' not in session or len(str(session["user_id"])) > 4: