From 2821f513f1852b0d4f37367c8055a02c82ceeb2e Mon Sep 17 00:00:00 2001
From: Kyle Drake <kyle@kyledrake.net>
Date: Thu, 26 Nov 2020 01:45:23 -0600
Subject: [PATCH] fixes for hcaptcha, add to dmca form

---
 Gemfile                     |  1 -
 app.rb                      |  9 ++++++---
 app/contact.rb              |  2 +-
 app/dmca.rb                 |  2 +-
 app_helpers.rb              | 21 +++++++++++++++++++++
 environment.rb              |  7 +------
 views/contact.erb           |  6 +-----
 views/dmca.erb              |  5 +----
 views/dmca/contact_info.erb |  4 ----
 9 files changed, 32 insertions(+), 25 deletions(-)

diff --git a/Gemfile b/Gemfile
index 1e1de60e..95f14649 100644
--- a/Gemfile
+++ b/Gemfile
@@ -53,7 +53,6 @@ gem 'activesupport'
 gem 'facter', require: nil
 gem 'maxmind-db'
 gem 'json', '>= 2.3.0'
-gem 'hcaptcha'
 
 group :development, :test do
   gem 'pry'
diff --git a/app.rb b/app.rb
index c228217d..946613cf 100644
--- a/app.rb
+++ b/app.rb
@@ -11,8 +11,6 @@ use Rack::Session::Cookie, key:          'neocities',
 
 use Rack::TempfileReaper
 
-include Hcaptcha::Adapters::ControllerMethods
-
 helpers do
   def site_change_file_display_class(filename)
     return 'html' if filename.match(Site::HTML_REGEX)
@@ -24,7 +22,12 @@ helpers do
     %{<input name="csrf_token" type="hidden" value="#{csrf_token}">}
   end
 
-  include Hcaptcha::Adapters::ViewMethods
+  def hcaptcha_input
+    %{
+      <script src="https://hcaptcha.com/1/api.js" async defer></script>
+      <div class="h-captcha" data-sitekey="#{$config['hcaptcha_site_key']}"></div>
+    }
+  end
 end
 
 set :protection, :frame_options => "DENY"
diff --git a/app/contact.rb b/app/contact.rb
index d489d522..989ae1dd 100644
--- a/app/contact.rb
+++ b/app/contact.rb
@@ -9,7 +9,7 @@ post '/contact' do
     @errors << 'Please fill out all fields'
   end
 
-  unless verify_hcaptcha
+  unless hcaptcha_valid?
     @errors << 'Captcha was not filled out (or was filled out incorrectly)'
   end
 
diff --git a/app/dmca.rb b/app/dmca.rb
index 6037b158..56c126c5 100644
--- a/app/dmca.rb
+++ b/app/dmca.rb
@@ -16,7 +16,7 @@ post '/dmca/contact' do
     @errors << 'Please fill out all fields'
   end
 
-  if !recaptcha_valid?
+  if !hcaptcha_valid?
     @errors << 'Captcha was not filled out (or was filled out incorrectly)'
   end
 
diff --git a/app_helpers.rb b/app_helpers.rb
index 2e9e6d59..3cd08ff1 100644
--- a/app_helpers.rb
+++ b/app_helpers.rb
@@ -135,3 +135,24 @@ def recaptcha_valid?
     false
   end
 end
+
+def hcaptcha_valid?
+  return true if ENV['RACK_ENV'] == 'test' || ENV['TRAVIS']
+  return false unless params[:'h-captcha-response']
+
+  resp = Net::HTTP.get URI(
+    'https://hcaptcha.com/siteverify?'+
+    Rack::Utils.build_query(
+      secret: $config['hcaptcha_secret_key'],
+      response: params[:'h-captcha-response']
+    )
+  )
+
+  resp = JSON.parse resp
+
+  if resp['success'] == true
+    true
+  else
+    false
+  end
+end
\ No newline at end of file
diff --git a/environment.rb b/environment.rb
index 94c05e1c..f7b02b22 100644
--- a/environment.rb
+++ b/environment.rb
@@ -162,9 +162,4 @@ $gandi = Gandi::Session.new $config['gandi_api_key'], gandi_opts
 
 $image_optim = ImageOptim.new pngout: false, svgo: false
 
-Money.locale_backend = nil
-
-Hcaptcha.configure do |config|
-  config.site_key   = $config['hcaptcha_site_key']
-  config.secret_key = $config['hcaptcha_secret_key']
-end
\ No newline at end of file
+Money.locale_backend = nil
\ No newline at end of file
diff --git a/views/contact.erb b/views/contact.erb
index e6eb84ad..bc42078e 100644
--- a/views/contact.erb
+++ b/views/contact.erb
@@ -1,5 +1,3 @@
-<script src='https://www.google.com/recaptcha/api.js'></script>
-
 <div class="header-Outro">
   <div class="row content single-Col">
   <h1>Contact Us</h1>
@@ -253,9 +251,7 @@
       <textarea name="body" id="your_comments" class="col-75" rows="10"><%= params[:body] %></textarea>
 
       <label>Fill out the captcha so we know you’re not a robot:</label>
-      <div id="captcha-input" class="g-recaptcha">
-        <%== hcaptcha_tags %>
-      </div>
+      <%== hcaptcha_input %>
 
       <input class="btn-Action" type="submit" value="Send">
     </fieldset>
diff --git a/views/dmca.erb b/views/dmca.erb
index ae9d6838..3f9eec23 100644
--- a/views/dmca.erb
+++ b/views/dmca.erb
@@ -47,10 +47,7 @@
       <textarea name="body" id="your_comments" class="col-80" rows="10"><%= params[:body] %></textarea>
 
       <label>Fill out the captcha so we know you’re not a robot:</label>
-      <div id="captcha-input" class="g-recaptcha"
-           data-sitekey="<%= $config['recaptcha_public_key'] %>"
-           data-theme="light" data-placement="left" data-trigger="manual">
-      </div>
+      <%== hcaptcha_input %>
 
       <input class="btn-Action" type="submit" value="Send">
     </fieldset>
diff --git a/views/dmca/contact_info.erb b/views/dmca/contact_info.erb
index 4e807215..bfe509b1 100644
--- a/views/dmca/contact_info.erb
+++ b/views/dmca/contact_info.erb
@@ -13,7 +13,3 @@
 <p>
   1-503-395-0010
 </p>
-<h3>Fax</h3>
-<p>
-  1-541-238-9273
-</p>