From 0210e07497d141aa1fcd601fc603bea168590b4b Mon Sep 17 00:00:00 2001 From: eliasylonen Date: Fri, 7 Mar 2025 11:03:30 +0100 Subject: [PATCH] Only use CAPTCHA in logged out operations and pages (#10607) Issue #10235 --------- Co-authored-by: ad-elias --- .../modules/captcha/components/CaptchaProvider.tsx | 5 +++++ .../captcha/constants/CaptchaProtectedPaths.ts | 9 +++++++++ .../captcha/hooks/useRequestFreshCaptchaToken.ts | 5 +++++ .../captcha/utils/isCaptchaRequiredForPath.ts | 13 +++++++++++++ .../engine/core-modules/captcha/captcha.module.ts | 2 +- .../engine/core-modules/captcha/captcha.service.ts | 2 +- .../captcha-driver.constants.ts} | 0 7 files changed, 34 insertions(+), 2 deletions(-) create mode 100644 packages/twenty-front/src/modules/captcha/constants/CaptchaProtectedPaths.ts create mode 100644 packages/twenty-front/src/modules/captcha/utils/isCaptchaRequiredForPath.ts rename packages/twenty-server/src/engine/core-modules/captcha/{captcha.constants.ts => constants/captcha-driver.constants.ts} (100%) diff --git a/packages/twenty-front/src/modules/captcha/components/CaptchaProvider.tsx b/packages/twenty-front/src/modules/captcha/components/CaptchaProvider.tsx index 0d88dbe43..65ba6dcf3 100644 --- a/packages/twenty-front/src/modules/captcha/components/CaptchaProvider.tsx +++ b/packages/twenty-front/src/modules/captcha/components/CaptchaProvider.tsx @@ -1,8 +1,13 @@ import React from 'react'; import { CaptchaProviderScriptLoaderEffect } from '@/captcha/components/CaptchaProviderScriptLoaderEffect'; +import { isCaptchaRequiredForPath } from '@/captcha/utils/isCaptchaRequiredForPath'; export const CaptchaProvider = ({ children }: React.PropsWithChildren) => { + if (!isCaptchaRequiredForPath(window.location.pathname)) { + return <>{children}; + } + return ( <>
diff --git a/packages/twenty-front/src/modules/captcha/constants/CaptchaProtectedPaths.ts b/packages/twenty-front/src/modules/captcha/constants/CaptchaProtectedPaths.ts new file mode 100644 index 000000000..d76b50fcc --- /dev/null +++ b/packages/twenty-front/src/modules/captcha/constants/CaptchaProtectedPaths.ts @@ -0,0 +1,9 @@ +import { AppPath } from '@/types/AppPath'; + +export const CAPTCHA_PROTECTED_PATHS: string[] = [ + AppPath.SignInUp, + AppPath.Verify, + AppPath.VerifyEmail, + AppPath.ResetPassword, + AppPath.Invite, +]; diff --git a/packages/twenty-front/src/modules/captcha/hooks/useRequestFreshCaptchaToken.ts b/packages/twenty-front/src/modules/captcha/hooks/useRequestFreshCaptchaToken.ts index 13d1fe2c1..d6b4c8a99 100644 --- a/packages/twenty-front/src/modules/captcha/hooks/useRequestFreshCaptchaToken.ts +++ b/packages/twenty-front/src/modules/captcha/hooks/useRequestFreshCaptchaToken.ts @@ -2,6 +2,7 @@ import { useRecoilCallback, useSetRecoilState } from 'recoil'; import { captchaTokenState } from '@/captcha/states/captchaTokenState'; import { isRequestingCaptchaTokenState } from '@/captcha/states/isRequestingCaptchaTokenState'; +import { isCaptchaRequiredForPath } from '@/captcha/utils/isCaptchaRequiredForPath'; import { captchaState } from '@/client-config/states/captchaState'; import { CaptchaDriverType } from '~/generated-metadata/graphql'; import { isUndefinedOrNull } from '~/utils/isUndefinedOrNull'; @@ -22,6 +23,10 @@ export const useRequestFreshCaptchaToken = () => { const requestFreshCaptchaToken = useRecoilCallback( ({ snapshot }) => async () => { + if (!isCaptchaRequiredForPath(window.location.pathname)) { + return; + } + const captcha = snapshot.getLoadable(captchaState).getValue(); if (isUndefinedOrNull(captcha?.provider)) { diff --git a/packages/twenty-front/src/modules/captcha/utils/isCaptchaRequiredForPath.ts b/packages/twenty-front/src/modules/captcha/utils/isCaptchaRequiredForPath.ts new file mode 100644 index 000000000..01b517e11 --- /dev/null +++ b/packages/twenty-front/src/modules/captcha/utils/isCaptchaRequiredForPath.ts @@ -0,0 +1,13 @@ +import { matchPath } from 'react-router-dom'; +import { CAPTCHA_PROTECTED_PATHS } from '../constants/CaptchaProtectedPaths'; + +export const isCaptchaRequiredForPath = (pathname: string): boolean => + CAPTCHA_PROTECTED_PATHS.some((path) => + matchPath( + { + path, + end: false, // Match nested routes too + }, + pathname, + ), + ); diff --git a/packages/twenty-server/src/engine/core-modules/captcha/captcha.module.ts b/packages/twenty-server/src/engine/core-modules/captcha/captcha.module.ts index 8c9dd1935..90cdc578f 100644 --- a/packages/twenty-server/src/engine/core-modules/captcha/captcha.module.ts +++ b/packages/twenty-server/src/engine/core-modules/captcha/captcha.module.ts @@ -1,6 +1,6 @@ import { DynamicModule, Global } from '@nestjs/common'; -import { CAPTCHA_DRIVER } from 'src/engine/core-modules/captcha/captcha.constants'; +import { CAPTCHA_DRIVER } from 'src/engine/core-modules/captcha/constants/captcha-driver.constants'; import { CaptchaService } from 'src/engine/core-modules/captcha/captcha.service'; import { GoogleRecaptchaDriver } from 'src/engine/core-modules/captcha/drivers/google-recaptcha.driver'; import { TurnstileDriver } from 'src/engine/core-modules/captcha/drivers/turnstile.driver'; diff --git a/packages/twenty-server/src/engine/core-modules/captcha/captcha.service.ts b/packages/twenty-server/src/engine/core-modules/captcha/captcha.service.ts index 7a0c85e5d..98388de72 100644 --- a/packages/twenty-server/src/engine/core-modules/captcha/captcha.service.ts +++ b/packages/twenty-server/src/engine/core-modules/captcha/captcha.service.ts @@ -2,7 +2,7 @@ import { Inject, Injectable } from '@nestjs/common'; import { CaptchaDriver } from 'src/engine/core-modules/captcha/drivers/interfaces/captcha-driver.interface'; -import { CAPTCHA_DRIVER } from 'src/engine/core-modules/captcha/captcha.constants'; +import { CAPTCHA_DRIVER } from 'src/engine/core-modules/captcha/constants/captcha-driver.constants'; import { CaptchaValidateResult } from 'src/engine/core-modules/captcha/interfaces'; @Injectable() diff --git a/packages/twenty-server/src/engine/core-modules/captcha/captcha.constants.ts b/packages/twenty-server/src/engine/core-modules/captcha/constants/captcha-driver.constants.ts similarity index 100% rename from packages/twenty-server/src/engine/core-modules/captcha/captcha.constants.ts rename to packages/twenty-server/src/engine/core-modules/captcha/constants/captcha-driver.constants.ts