radziel/spotlightcam
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(security): add Cloudflare Turnstile CAPTCHA to registration form

Browse Source 
- Add Turnstile widget rendering in RegisterPage on step 2
- Implement programmatic widget initialization with callbacks
- Add token validation before form submission
- Update AuthContext and API service to pass turnstileToken
- Add backend verification via Cloudflare API in register controller
- Include client IP in verification request
- Add validation rule for turnstileToken
- Reset widget on registration error
This commit is contained in:
Radosław Gierwiało
2025-12-05 18:20:26 +01:00
parent f3b8156557
commit d8085f828f
6 changed files with 112 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
frontend/src/contexts/AuthContext.jsx
View File

@@ -48,9 +48,9 @@ export const AuthProvider = ({ children }) => {
}
};
const register = async (username, email, password, firstName = null, lastName = null, wsdcId = null) => {
const register = async (username, email, password, firstName = null, lastName = null, wsdcId = null, turnstileToken = null) => {
try {
const { user: userData } = await authAPI.register(username, email, password, firstName, lastName, wsdcId);
const { user: userData } = await authAPI.register(username, email, password, firstName, lastName, wsdcId, turnstileToken);
setUser(userData);
// Save to localStorage for persistence
localStorage.setItem('user', JSON.stringify(userData));