|
|
@@ -50,40 +50,12 @@ module Agents
|
50
|
50
|
def receive_web_request(params, method, format)
|
51
|
51
|
# check the secret
|
52
|
52
|
secret = params.delete('secret')
|
53
|
|
- puts secret
|
54
|
|
- puts params
|
55
|
|
- #return ["Not Authorized", 401] unless secret == options['secret']
|
|
53
|
+ return ["Not Authorized", 401] unless secret == options['secret']
|
56
|
54
|
|
57
|
55
|
# check the verbs
|
58
|
56
|
verbs = (interpolated['verbs'] || 'post').split(/,/).map { |x| x.strip.downcase }.select { |x| x.present? }
|
59
|
57
|
return ["Please use #{verbs.join('/').upcase} requests only", 401] unless verbs.include?(method)
|
60
|
58
|
|
61
|
|
- # check the reCAPTCHA response if required
|
62
|
|
- if recaptcha_secret = interpolated['recaptcha_secret'].presence
|
63
|
|
- recaptcha_response = params.delete('g-recaptcha-response') or
|
64
|
|
- return ["Not Authorized", 401]
|
65
|
|
-
|
66
|
|
- parameters = {
|
67
|
|
- secret: recaptcha_secret,
|
68
|
|
- response: recaptcha_response,
|
69
|
|
- }
|
70
|
|
-
|
71
|
|
- if boolify(interpolated['recaptcha_send_remote_addr'])
|
72
|
|
- parameters[:remoteip] = request.env['REMOTE_ADDR']
|
73
|
|
- end
|
74
|
|
-
|
75
|
|
- begin
|
76
|
|
- response = faraday.post('https://www.google.com/recaptcha/api/siteverify',
|
77
|
|
- parameters)
|
78
|
|
- rescue => e
|
79
|
|
- error "Verification failed: #{e.message}"
|
80
|
|
- return ["Not Authorized", 401]
|
81
|
|
- end
|
82
|
|
-
|
83
|
|
- JSON.parse(response.body)['success'] or
|
84
|
|
- return ["Not Authorized", 401]
|
85
|
|
- end
|
86
|
|
-
|
87
|
59
|
[payload_for(params)].flatten.each do |payload|
|
88
|
60
|
create_event(payload: payload)
|
89
|
61
|
end
|