payment hash added to captcha for server-side verification

2025-02-23 22:47:05 +01:00 · 2020-12-30 17:06:30 -08:00 · 2020-12-30 17:06:30 -08:00 · c5c5bdb287
commit c5c5bdb287
parent b91271315a
3 changed files with 8 additions and 1 deletions
--- a/lnbits/extensions/captcha/static/js/captcha.js
+++ b/lnbits/extensions/captcha/static/js/captcha.js
@ -44,6 +44,10 @@ document.addEventListener("DOMContentLoaded", function() {
 });

 function receiveMessage(event){
+   if (event.data.includes("paymenthash")){
+        // console.log("paymenthash received: ", event.data);
+        document.getElementById("captchapayhash").value = event.data.split("_")[1];
+   }
   if (event.data.includes("removetheiframe")){
      if (event.data.includes("nok")){
        //invoice was NOT paid
--- a/lnbits/extensions/captcha/templates/captcha/display.html
+++ b/lnbits/extensions/captcha/templates/captcha/display.html
@ -143,6 +143,8 @@
                      )
                    }

+                    parent.window.postMessage("paymenthash_"+response.data.payment_hash, "*");
+
                    self.$q.notify({
                      type: 'positive',
                      message: 'Payment received!',
--- a/lnbits/extensions/captcha/templates/captcha/index.html
+++ b/lnbits/extensions/captcha/templates/captcha/index.html
@ -365,7 +365,8 @@

        var captchasnippet = '<!-- Captcha Checkbox Start -->\n'
          + '<input type="checkbox" id="captchacheckbox">\n'
-          + '<label for="captchacheckbox">I\'m not a robot</label>\n'
+          + '<label for="captchacheckbox">I\'m not a robot</label><br/>\n'
+          + '<input type="text" id="captchapayhash" style="display: none;"/>\n'
          + '<script type="text/javascript" src="'+ locationPath +'static/js/captcha.js" id="captchascript" data-captchaid="'+ captchaId +'">\n'
          + '<\/script>\n'
          + '<!-- Captcha Checkbox End -->';