Update main.py
Browse files
main.py
CHANGED
|
@@ -104,8 +104,25 @@ async def login_post(
|
|
| 104 |
request: Request,
|
| 105 |
email: str = Form(...),
|
| 106 |
password: str = Form(...),
|
|
|
|
| 107 |
db: Session = Depends(get_db)
|
| 108 |
):
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 109 |
if not email or not password:
|
| 110 |
raise HTTPException(status_code=400, detail="Invalid email or password")
|
| 111 |
|
|
|
|
| 104 |
request: Request,
|
| 105 |
email: str = Form(...),
|
| 106 |
password: str = Form(...),
|
| 107 |
+
recaptcha_token: str = Form(...),
|
| 108 |
db: Session = Depends(get_db)
|
| 109 |
):
|
| 110 |
+
# Perform reCAPTCHA verification first
|
| 111 |
+
|
| 112 |
+
recaptcha_secret = '6LeSJgwpAAAAAJrLrvlQYhRsOjf2wKXee_Jc4Z-k' # Replace with your reCAPTCHA secret key
|
| 113 |
+
recaptcha_url = 'https://www.google.com/recaptcha/api/siteverify'
|
| 114 |
+
recaptcha_data = {
|
| 115 |
+
'secret': recaptcha_secret,
|
| 116 |
+
'response': recaptcha_token
|
| 117 |
+
}
|
| 118 |
+
|
| 119 |
+
async with httpx.AsyncClient() as client:
|
| 120 |
+
recaptcha_response = await client.post(recaptcha_url, data=recaptcha_data)
|
| 121 |
+
|
| 122 |
+
recaptcha_result = recaptcha_response.json()
|
| 123 |
+
print(recaptcha_result) # or use proper logging
|
| 124 |
+
if not recaptcha_result.get('success', False):
|
| 125 |
+
raise HTTPException(status_code=400, detail="reCAPTCHA validation failed.")
|
| 126 |
if not email or not password:
|
| 127 |
raise HTTPException(status_code=400, detail="Invalid email or password")
|
| 128 |
|