hcaptcha

package.json

@@ -32,12 +32,12 @@
     "@nestjs/swagger": "^6.0.5",
     "@nestjs/typeorm": "^9.0.1",
     "@nestjs/websockets": "^9.0.11",
-    "@nestlab/google-recaptcha": "^3.1.2",
     "bcrypt": "^5.0.1",
     "class-transformer": "^0.5.1",
     "class-validator": "^0.13.2",
     "csvtojson": "^2.0.10",
     "dotenv": "^16.0.3",
+    "hcaptcha": "^0.1.1",
     "moment": "^2.29.4",
     "mysql2": "^2.3.3",
     "nodemailer": "^6.7.8",

src/app.module.ts

@@ -1,10 +1,6 @@
 import { Module } from '@nestjs/common';
 import { ConfigModule, ConfigService } from '@nestjs/config';
 import { TypeOrmModule } from '@nestjs/typeorm';
-import {
-  GoogleRecaptchaModule,
-  GoogleRecaptchaNetwork,
-} from '@nestlab/google-recaptcha';
 
 import { AuthModule } from './auth/auth.module';
 import { BcryptModule } from './bcrypt/bcrypt.module';
@@ -99,17 +95,6 @@ import { ModuloMotivoModule } from './modulo-motivo/modulo-motivo.module';
 @Module({
   imports: [
     ConfigModule.forRoot({ isGlobal: true }),
-    GoogleRecaptchaModule.forRootAsync({
-      inject: [ConfigService],
-      useFactory: (configService: ConfigService) => {
-        return {
-          secretKey: configService.get<string>('GOOGLE_RECAPTCHA_KEY'),
-          response: (req) => req.headers.recaptcha,
-          skipIf: configService.get<string>('STATE') !== 'produccion',
-          network: GoogleRecaptchaNetwork.Recaptcha,
-        };
-      },
-    }),
     TypeOrmModule.forRootAsync({
       inject: [ConfigService],
       useFactory: (configService: ConfigService) => {

src/auth/auth.controller.ts

@@ -1,8 +1,8 @@
 import { Body, Controller, Get, Post, UseGuards } from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
 import { ApiBody, ApiOperation, ApiTags } from '@nestjs/swagger';
-import { Recaptcha } from '@nestlab/google-recaptcha';
 import { Serealize } from '../interceptors/serialize.interceptor';
+import { HcaptchaGuard } from '../guards/hcaptcha.guard';
 import { AuthService } from './auth.service';
 import { LoginAdminDto } from './dto/input/login-admin.dto';
 import { LoginOperadorDto } from './dto/input/login-operador.dto';
@@ -15,7 +15,7 @@ export class AuthController {
   constructor(private authService: AuthService) {}
 
   @Serealize(AuthTokenOutputDto)
-  @Recaptcha()
+  @UseGuards(HcaptchaGuard)
   @Post('login-admin')
   @ApiOperation({ description: 'Login del admin.' })
   @ApiBody({
@@ -27,7 +27,7 @@ export class AuthController {
   }
 
   @Serealize(AuthTokenOutputDto)
-  @Recaptcha()
+  @UseGuards(HcaptchaGuard)
   @Post('login-operador')
   @ApiOperation({ description: 'Login del operador.' })
   @ApiBody({
@@ -37,6 +37,7 @@ export class AuthController {
     },
   })
   loginOperador(@Body() body: LoginOperadorDto) {
+    console.log('Hola');
     return this.authService.loginOperador(
       body.id_modulo,
       body.operador,
@@ -45,7 +46,7 @@ export class AuthController {
   }
 
   @Serealize(AuthTokenOutputDto)
-  @Recaptcha()
+  @UseGuards(HcaptchaGuard)
   @Post('login-usuario')
   @ApiOperation({ description: 'Login del usuario.' })
   @ApiBody({

src/guards/hcaptcha.guard.ts

@@ -0,0 +1,37 @@
+const { verify } = require('hcaptcha');
+import {
+  BadRequestException,
+  CanActivate,
+  ExecutionContext,
+  ForbiddenException,
+  Injectable,
+  InternalServerErrorException,
+} from '@nestjs/common';
+import { ConfigService } from '@nestjs/config';
+import { Observable } from 'rxjs';
+
+@Injectable()
+export class HcaptchaGuard implements CanActivate {
+  constructor(private configService: ConfigService) {}
+
+  canActivate(
+    context: ExecutionContext,
+  ): boolean | Promise<boolean> | Observable<boolean> {
+    const secret = this.configService.get<string>('HCAPTCHA_KEY');
+    const token = context.switchToHttp().getRequest().headers.hcaptcha;
+
+    // if (this.configService.get<string>('STATE') !== 'produccion') return true;
+    if (!token)
+      throw new BadRequestException('No se mando un token de hcaptcha.');
+    return verify(secret, token)
+      .then((data) => {
+        if (data.success === true) return true;
+        else throw new ForbiddenException('El token de hcaptcha no es válido.');
+      })
+      .catch((err) => {
+        throw new InternalServerErrorException(
+          'Ocurrio un error con el hcaptcha.',
+        );
+      });
+  }
+}

src/main.ts

@@ -21,6 +21,7 @@ async function bootstrap() {
   app.useStaticAssets(join(__dirname, '..', 'public'), {
     prefix: '/public/',
   });
+  console.log(process.env.HCAPTCHA_KEY);
   await app.listen(process.env.API_PORT);
 }
 

src/usuario/usuario.controller.ts

@@ -16,8 +16,8 @@ import {
   ApiQuery,
   ApiTags,
 } from '@nestjs/swagger';
-import { Recaptcha } from '@nestlab/google-recaptcha';
 import { Serealize } from '../interceptors/serialize.interceptor';
+import { HcaptchaGuard } from '../guards/hcaptcha.guard';
 import { UsuarioService } from './usuario.service';
 import { ValidarUsuarioService } from '../validar-usuario/validar-usuario.service';
 import { Operador } from '../operador/entity/operador.entity';
@@ -39,7 +39,7 @@ export class UsuarioController {
 
   @Serealize(MessageOutputDto)
   @Post('registrar')
-  @Recaptcha()
+  @UseGuards(HcaptchaGuard)
   @ApiOperation({ description: 'Registro de usuario.' })
   @ApiBody({
     description: 'Variables que necesita el endpoint.',