7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
# File 'lib/rails_cloudflare_turnstile/controller_helpers.rb', line 7
def cloudflare_turnstile_ok?
if RailsCloudflareTurnstile.enabled?
config = RailsCloudflareTurnstile.configuration
url = URI(config.validation_url)
body = {
secret: config.secret_key,
response: params["cf-turnstile-response"],
remoteip: request.remote_ip
}
begin
resp = Faraday.new(url) { |conn|
conn.options.timeout = config.timeout
conn.options.open_timeout = config.timeout
conn.use Faraday::Response::RaiseError
conn.request :json
conn.response :json
}.post(url, body)
rescue Faraday::Error => e
Rails.logger.error "Error response from CloudFlare Turnstile: #{e}"
if config.fail_open
return true
else
return false
end
end
json = resp.body
success = json["success"]
return true if success
error = json["error-codes"][0]
ActiveSupport::Notifications.instrument(
"rails_cloudflare_turnstile.failure",
message: error,
remote_ip: request.remote_ip,
user_agent: request.user_agent,
controller: params[:controller],
action: params[:action],
url: request.url
)
false
elsif RailsCloudflareTurnstile.mock_enabled?
params["cf-turnstile-response"] == "mocked"
else
true
end
end
|