Update captcha provider and related variables

Author: ckt1031

README.md

@@ -23,10 +23,15 @@ If you want to run this application without installing Node.js or other tools, y
 ```
 docker run \
 -e VERIFIED_ROLE_ID=x \
+-e CAPTCHA_PROVIDER=x \
 -e REQUIRE_VERIFIED_EMAIL=x \
 -e SERVER_ID=x \
 -e RECAPTCHA_SECRET=x \
 -e RECAPTCHA_SITEKEY=x \
+-e HCAPTCHA_SITEKEY=x \
+-e HCAPTCHA_SECRET=x \
+-e TURNSTILE_SITEKEY=x \
+-e TURNSTILE_SECRET=x \
 -e CALLBACK_URL=x \
 -e CLIENT_SECRET=x \
 -e TOKEN=x \
@@ -51,8 +56,16 @@ ghcr.io/ckt1031/discord-captcha-site
 
 > Register new Recaptcha v2 API key [here](https://www.google.com/recaptcha/admin/create)
 
+- `CAPTCHA_PROVIDER` - The captcha provider to use (default: `recaptcha`), available options: `recaptcha`, `hcaptcha`
+
+> Above options are only required if you are using specified captcha provider
+
 - `RECAPTCHA_SITEKEY` - The site key of your Google reCAPTCHA v2 API key (Settings -> reCAPTCHA keys -> Copy Site key)
 - `RECAPTCHA_SECRET` - The secret key of your Google reCAPTCHA v2 API key (Settings -> reCAPTCHA keys -> Copy Secret key)
+- `HCAPTCHA_SITEKEY` - The site key of your hCaptcha API key (Site -> Site key)
+- `HCAPTCHA_SECRET` - The secret key of your hCaptcha API key (Settings -> Secret key)
+- `TURNSTILE_SITEKEY` - The site key of your Turnstile API key (Turnstile -> Site -> Site key)
+- `TURNSTILE_SECRET` - The secret key of your Turnstile API key (Turnstile -> Site -> Secret key)
 
 ## Usage
 
@@ -76,36 +89,3 @@ ghcr.io/ckt1031/discord-captcha-site
 ## Captcha Verification Page
 
 ![Captcha Verification Page](./screenshots/verify-page.png)
-
-## FAQ
-
-1. **What is ZodError?**
-
-```bash
-ZodError: [
-  {
-    "code": "invalid_type",
-    "expected": "string",
-    "received": "undefined",
-    "path": [
-      "REQUIRE_VERIFIED_EMAIL"
-    ],
-    "message": "Required"
-  },
-  {
-    "code": "invalid_type",
-    "expected": "string",
-    "received": "undefined",
-    "path": [
-      "VERIFIED_ROLE_ID"
-    ],
-    "message": "Required"
-  }
-]
-```
-
-This error is caused by missing environment variables. Make sure you have set all the environment variables correctly and **add environment variables following to the `path` in the error message.**
-
-From the example above, you need to add `REQUIRE_VERIFIED_EMAIL` and `VERIFIED_ROLE_ID` to the environment variables.
-
-Please follow the [Environment Variables](#environment-variables) section for more information.

html/captcha.html

@@ -4,23 +4,22 @@
     <meta
       name="viewport"
       content="width=device-width, initial-scale=1.0, maximum-scale=1.0" />
-    <script src="https://www.google.com/recaptcha/api.js" async defer></script>
+    <script src="<%= captcha_provider_script %>" async defer></script>
     <link rel="stylesheet" href="../style.css" />
   </head>
 
   <body>
     <div class="main">
       <h1>Verification</h1>
       <h4>
-        Please solve the reCAPTCHA following below to make sure you are not a
+        Please solve the <%= captcha_provider %> following below to make sure you are not a
         robot.
       </h4>
-      <form action="/verify/solve" method="POST" id="recaptchaForm">
+      <form action="/verify/solve" method="POST" id="captcha_verification">
         <center>
           <div
-            id="recaptcha_box"
-            class="g-recaptcha"
-            data-sitekey="<%= recaptcha_sitekey %>"
+            class="g-recaptcha h-captcha cf-turnstile"
+            data-sitekey="<%= captcha_sitekey %>"
             data-callback="onPassed"
             data-expired-callback="onExpired"></div>
         </center>
@@ -31,7 +30,7 @@ <h4>
     </div>
     <script>
       function onPassed() {
-        document.getElementById('recaptchaForm').submit();
+        document.getElementById('captcha_verification').submit();
       }
       function onExpired() {
         location.reload();

src/index.js

@@ -42,7 +42,7 @@ client.on('guildMemberAdd', member => {
   const embed = new EmbedBuilder()
     .setTitle('Verification')
     .setDescription(
-      `Please solve reCAPTCHA here:${process.env.CALLBACK_URL}\nBefore accessing to the server!`,
+      `Please solve captcha here:${process.env.CALLBACK_URL}\nBefore accessing to the server!`,
     );
 
   member.send({ embeds: [embed] });

src/server.js

@@ -2,7 +2,8 @@
 
 const { resolve } = require('node:path');
 
-const { EmbedBuilder } = require('discord.js');
+// eslint-disable-next-line no-unused-vars
+const { EmbedBuilder, GuildMember } = require('discord.js');
 
 const qs = require('qs');
 // eslint-disable-next-line no-unused-vars
@@ -43,7 +44,7 @@ server.use(
     resave: true,
     proxy: true,
     saveUninitialized: true,
-    cookie: { maxAge: 60000 * 60 * 12, secure: true },
+    cookie: { maxAge: 60000 * 60 * 12, secure: "auto" },
   }),
 );
 
@@ -67,80 +68,115 @@ server.get('/verify', async (req, res) => {
     }),
   };
 
-  const response = await axios(oauthApiOptions);
+  try {
+    const response = await axios(oauthApiOptions);
 
+    const oauth_parsed = response.data;
 
-  const oauth_parsed = response.data;
+    /** @type {Axios.AxiosRequestConfig} */
+    const apiUserOptions = {
+      method: 'GET',
+      url: 'https://discord.com/api/users/@me',
+      headers: { authorization: `Bearer ${oauth_parsed.access_token}` },
+    };
 
-  /** @type {Axios.AxiosRequestConfig} */
-  const apiUserOptions = {
-    method: 'GET',
-    url: 'https://discord.com/api/users/@me',
-    headers: { authorization: `Bearer ${oauth_parsed.access_token}` },
-  };
+    const response2 = await axios(apiUserOptions);
 
-  const response2 = await axios(apiUserOptions);
+    const parsed = response2.data;
 
-  const parsed = response2.data;
+    let fetchedGuild = client.guilds.cache.get(process.env.SERVER_ID);
 
-  const fetchedGuild = client.guilds.cache.get(process.env.SERVER_ID);
+    if (!fetchedGuild) {
+      fetchedGuild = await client.guilds.fetch(process.env.SERVER_ID);
+    }
 
-  const userfetch = await client.users.fetch(parsed.id);
+    /** @type {GuildMember} */
+    let userfetch;
 
-  await fetchedGuild?.members.add(userfetch, {
-    accessToken: oauth_parsed.access_token,
-  });
+    try {
+      userfetch = await fetchedGuild.members.fetch(parsed.id);
+    } catch {
+      const userObject = await client.users.fetch(parsed.id);
+      userfetch = await fetchedGuild.members.add(userObject, {
+        accessToken: oauth_parsed.access_token,
+      });
+    }
 
-  const userguild = await fetchedGuild?.members.fetch(userfetch);
+    if (userfetch.roles.cache.has(process.env.VERIFIED_ROLE_ID)) {
+      res.render(resolve('./html/success.html'), {
+        messageText: 'You already verified!',
+      });
 
-  if (!userguild) {
-    res.render(resolve('./html/error.html'), {
-      messageText: 'You already verified!',
-    });
+      return;
+    }
 
-    return;
+    req.session.verify_userid = userfetch.id;
+
+    if (process.env.REQUIRE_VERIFIED_EMAIL === 'true' || parsed.verified) {
+      req.session.verify_status = 'waiting_captcha';
+
+      let sitekey = process.env.RECAPTCHA_SITEKEY;
+      let captcha_provider_script = 'https://www.google.com/recaptcha/api.js';
+
+      if (process.env.CAPTCHA_PROVIDER === 'hcaptcha') {
+        sitekey = process.env.HCAPTCHA_SITEKEY;
+        captcha_provider_script = 'https://js.hcaptcha.com/1/api.js';
+      }
+
+      if (process.env.CAPTCHA_PROVIDER === 'turnstile') {
+        sitekey = process.env.TURNSTILE_SITEKEY;
+        captcha_provider_script = 'https://challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha';
+      }
+
+      res.render(resolve('./html/captcha.html'), {
+        captcha_provider: process.env.CAPTCHA_PROVIDER,
+        captcha_provider_script,
+        captcha_sitekey: sitekey,
+      });
+    } else {
+      req.session.destroy(() => undefined);
+      res.render(resolve('./html/error.html'), {
+        messageText: 'Please verify your email!',
+      });
+    }
+  } catch (error) {
+    console.log(error);
+    res.redirect(
+      `https://discord.com/oauth2/authorize?client_id=${client.application?.id}&redirect_uri=${process.env.CALLBACK_URL}&response_type=code&scope=guilds.join%20email%20identify`,
+    );
   }
+});
 
-  if (userguild.roles.cache.has(process.env.VERIFIED_ROLE_ID)) {
-    res.render(resolve('./html/success.html'), {
-      messageText: 'You already verified!',
-    });
+server.post('/verify/solve', async (req, res) => {
+  let response_body_field = 'g-recaptcha-response';
+  let captha_server = 'https://www.google.com/recaptcha/api/siteverify';
+  let captcha_secret = process.env.RECAPTCHA_SECRET;
 
-    return;
+  if (process.env.CAPTCHA_PROVIDER === 'hcaptcha') {
+    response_body_field = 'h-captcha-response';
+    captha_server = 'https://hcaptcha.com/siteverify';
+    captcha_secret = process.env.HCAPTCHA_SECRET;
   }
 
-  req.session.verify_userid = parsed.id;
-
-  if (process.env.REQUIRE_VERIFIED_EMAIL === 'true' || parsed.verified) {
-    req.session.verify_status = 'waiting_recaptcha';
-    res.render(resolve('./html/captcha.html'), {
-      recaptcha_sitekey: process.env.RECAPTCHA_SITEKEY,
-    });
-  } else {
-    req.session.destroy(() => undefined);
-    res.render(resolve('./html/error.html'), {
-      messageText: 'Please verify your email!',
-    });
+  if (process.env.CAPTCHA_PROVIDER === 'turnstile') {
+    response_body_field = 'g-recaptcha-response';
+    captha_server = 'https://challenges.cloudflare.com/turnstile/v0/siteverify';
+    captcha_secret = process.env.TURNSTILE_SECRET;
   }
-});
 
-server.post('/verify/solve/', async (req, res) => {
-  console.log(req.session.verify_userid);
-  if (!req.session.verify_userid || !req.body['g-recaptcha-response']) {
+  console.log(req.session.verify_userid, req.body[response_body_field]);
+
+  if (!req.session.verify_userid || !req.body[response_body_field]) {
     return res.redirect('/verify');
   }
 
   /** @type {Axios.AxiosRequestConfig} */
   const options = {
     method: 'POST',
-    url: 'https://www.google.com/recaptcha/api/siteverify',
-    headers: {
-      'content-type':
-        'multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW',
-    },
+    url: captha_server,
     data: qs.stringify({
-      secret: process.env.RECAPTCHA_SECRET,
-      response: req.body['g-recaptcha-response'],
+      secret: captcha_secret,
+      response: req.body[response_body_field],
     }),
   };
 

src/type.d.ts

@@ -11,6 +11,6 @@ declare global {
 declare module 'express-session' {
   export interface SessionData {
     verify_userid: string;
-    verify_status: 'waiting_recaptcha' | 'done';
+    verify_status: 'waiting_captcha' | 'done';
   }
 }

src/validate-env.js

@@ -1,12 +1,20 @@
-const { object, parse, string } = require('valibot');
+const { object, parse, string, enum_, optional } = require('valibot');
 
 const EnvironmentVariableSchema = object({
   TOKEN: string(),
   CLIENT_SECRET: string(),
   CALLBACK_URL: string(),
 
-  RECAPTCHA_SITEKEY: string(),
-  RECAPTCHA_SECRET: string(),
+  CAPTCHA_PROVIDER: enum_(['hcaptcha', 'recaptcha', 'turnstile']),
+
+  RECAPTCHA_SITEKEY: optional(string()),
+  RECAPTCHA_SECRET: optional(string()),
+
+  HCAPTCHA_SITEKEY: optional(string()),
+  HCAPTCHA_SECRET: optional(string()),
+
+  TURNSTILE_SECRET: optional(string()),
+  TURNSTILE_SITEKEY: optional(string()),
 
   SERVER_ID: string(),