disable hcaptcha token verification (#1588)

humanprotocol · Feb 13, 2024 · 3ae24c5 · 3ae24c5
1 parent ce1b8e6
commit 3ae24c5
Show file tree

Hide file tree

Showing 2 changed files with 41 additions and 41 deletions.
diff --git a/packages/apps/job-launcher/server/src/common/config/env.ts b/packages/apps/job-launcher/server/src/common/config/env.ts
@@ -33,7 +33,7 @@ export const ConfigNames = {
   HCAPTCHA_REPUTATION_ORACLE_URI: 'HCAPTCHA_REPUTATION_ORACLE_URI',
   HCAPTCHA_ORACLE_ADDRESS: 'HCAPTCHA_ORACLE_ADDRESS',
   HCAPTCHA_SITE_KEY: 'HCAPTCHA_SITE_KEY',
-  HCAPTCHA_SECRET: 'HCAPTCHA_SECRET',
+  // HCAPTCHA_SECRET: 'HCAPTCHA_SECRET',
   HCAPTCHA_EXCHANGE_URL: 'HCAPTCHA_EXCHANGE_URL',
   S3_ENDPOINT: 'S3_ENDPOINT',
   S3_PORT: 'S3_PORT',
@@ -91,7 +91,7 @@ export const envValidator = Joi.object({
   HCAPTCHA_REPUTATION_ORACLE_URI: Joi.string().required(),
   HCAPTCHA_ORACLE_ADDRESS: Joi.string().required(),
   HCAPTCHA_SITE_KEY: Joi.string().required(),
-  HCAPTCHA_SECRET: Joi.string().required(),
+  // HCAPTCHA_SECRET: Joi.string().required(),
   HCAPTCHA_EXCHANGE_URL: Joi.string()
     .default('https://foundation-exchange.hmt.ai')
     .description('hcaptcha exchange url'),

diff --git a/packages/apps/job-launcher/server/src/modules/auth/auth.service.ts b/packages/apps/job-launcher/server/src/modules/auth/auth.service.ts
@@ -80,19 +80,19 @@ export class AuthService {
   }
 
   public async signin(data: SignInDto, ip?: string): Promise<AuthDto> {
-    if (
-      !(
-        await verifyToken(
-          this.configService.get<string>(ConfigNames.HCAPTCHA_EXCHANGE_URL)!,
-          this.configService.get<string>(ConfigNames.HCAPTCHA_SITE_KEY)!,
-          this.configService.get<string>(ConfigNames.HCAPTCHA_SECRET)!,
-          data.hCaptchaToken,
-          ip,
-        )
-      ).success
-    ) {
-      throw new UnauthorizedException(ErrorAuth.InvalidCaptchaToken);
-    }
+    // if (
+    //   !(
+    //     await verifyToken(
+    //       this.configService.get<string>(ConfigNames.HCAPTCHA_EXCHANGE_URL)!,
+    //       this.configService.get<string>(ConfigNames.HCAPTCHA_SITE_KEY)!,
+    //       this.configService.get<string>(ConfigNames.HCAPTCHA_SECRET)!,
+    //       data.hCaptchaToken,
+    //       ip,
+    //     )
+    //   ).success
+    // ) {
+    //   throw new UnauthorizedException(ErrorAuth.InvalidCaptchaToken);
+    // }
     const userEntity = await this.userService.getByCredentials(
       data.email,
       data.password,
@@ -110,19 +110,19 @@ export class AuthService {
   }
 
   public async signup(data: UserCreateDto, ip?: string): Promise<UserEntity> {
-    if (
-      !(
-        await verifyToken(
-          this.configService.get<string>(ConfigNames.HCAPTCHA_SITE_KEY)!,
-          this.configService.get<string>(ConfigNames.HCAPTCHA_EXCHANGE_URL)!,
-          this.configService.get<string>(ConfigNames.HCAPTCHA_SECRET)!,
-          data.hCaptchaToken,
-          ip,
-        )
-      ).success
-    ) {
-      throw new UnauthorizedException(ErrorAuth.InvalidCaptchaToken);
-    }
+    // if (
+    //   !(
+    //     await verifyToken(
+    //       this.configService.get<string>(ConfigNames.HCAPTCHA_SITE_KEY)!,
+    //       this.configService.get<string>(ConfigNames.HCAPTCHA_EXCHANGE_URL)!,
+    //       this.configService.get<string>(ConfigNames.HCAPTCHA_SECRET)!,
+    //       data.hCaptchaToken,
+    //       ip,
+    //     )
+    //   ).success
+    // ) {
+    //   throw new UnauthorizedException(ErrorAuth.InvalidCaptchaToken);
+    // }
     const userEntity = await this.userService.create(data);
 
     const tokenEntity = await this.tokenRepository.create({
@@ -224,19 +224,19 @@ export class AuthService {
     data: RestorePasswordDto,
     ip?: string,
   ): Promise<void> {
-    if (
-      !(
-        await verifyToken(
-          this.configService.get<string>(ConfigNames.HCAPTCHA_EXCHANGE_URL)!,
-          this.configService.get<string>(ConfigNames.HCAPTCHA_SITE_KEY)!,
-          this.configService.get<string>(ConfigNames.HCAPTCHA_SECRET)!,
-          data.hCaptchaToken,
-          ip,
-        )
-      ).success
-    ) {
-      throw new UnauthorizedException(ErrorAuth.InvalidCaptchaToken);
-    }
+    // if (
+    //   !(
+    //     await verifyToken(
+    //       this.configService.get<string>(ConfigNames.HCAPTCHA_EXCHANGE_URL)!,
+    //       this.configService.get<string>(ConfigNames.HCAPTCHA_SITE_KEY)!,
+    //       this.configService.get<string>(ConfigNames.HCAPTCHA_SECRET)!,
+    //       data.hCaptchaToken,
+    //       ip,
+    //     )
+    //   ).success
+    // ) {
+    //   throw new UnauthorizedException(ErrorAuth.InvalidCaptchaToken);
+    // }
 
     const tokenEntity = await this.tokenRepository.findOneByUuidAndTokenType(
       data.token,