Feature/use hcaptcha if bot (#1476)

* Add captcha to login models and methods * Add captcha web auth to login * Extract captcha to abstract base class * Add Captcha to register * Null out captcha token after each successful challenge * Cancel > close
2025-12-16 00:03:22 +00:00 · 2021-08-04 15:47:23 -04:00
parent 9042b1009e
commit 2f2fa8a25b
18 changed files with 322 additions and 42 deletions
--- a/src/Core/Services/ApiService.cs
+++ b/src/Core/Services/ApiService.cs
@@ -80,8 +80,7 @@ namespace Bit.Core.Services

        #region Auth APIs

-        public async Task<Tuple<IdentityTokenResponse, IdentityTwoFactorResponse>> PostIdentityTokenAsync(
-            TokenRequest request)
+        public async Task<IdentityResponse> PostIdentityTokenAsync(TokenRequest request)
        {
            var requestMessage = new HttpRequestMessage
            {
@@ -109,23 +108,14 @@ namespace Bit.Core.Services
                responseJObject = JObject.Parse(responseJsonString);
            }

-            if (responseJObject != null)
+            var identityResponse = new IdentityResponse(response.StatusCode, responseJObject);
+
+            if (identityResponse.FailedToParse)
            {
-                if (response.IsSuccessStatusCode)
-                {
-                    return new Tuple<IdentityTokenResponse, IdentityTwoFactorResponse>(
-                        responseJObject.ToObject<IdentityTokenResponse>(), null);
-                }
-                else if (response.StatusCode == HttpStatusCode.BadRequest &&
-                    responseJObject.ContainsKey("TwoFactorProviders2") &&
-                    responseJObject["TwoFactorProviders2"] != null &&
-                    responseJObject["TwoFactorProviders2"].HasValues)
-                {
-                    return new Tuple<IdentityTokenResponse, IdentityTwoFactorResponse>(
-                        null, responseJObject.ToObject<IdentityTwoFactorResponse>());
-                }
+                throw new ApiException(new ErrorResponse(responseJObject, response.StatusCode, true));
            }
-            throw new ApiException(new ErrorResponse(responseJObject, response.StatusCode, true));
+
+            return identityResponse;
        }

        public async Task RefreshIdentityTokenAsync()