delete used captchas

5 years ago · 1ca5292660
parent 8a0160a924
commit 1ca5292660
4 changed files with 12 additions and 4 deletions
--- a/db/captchas.js
+++ b/db/captchas.js
@ -18,6 +18,13 @@ module.exports = {
 		});
 	},

+	findOneAndDelete: (id, text) => {
+		return db.findOneAndDelete({
+			'_id': id,
+			'text': text
+		});
+	},
+
 	deleteAll: () => {
 		return db.deleteMany({});
 	},
--- a/gulp/res/css/style.css
+++ b/gulp/res/css/style.css
@ -416,8 +416,8 @@ input[type="file"] {
 }

 .captcha {
-	margin: auto;
 	margin-bottom: 1px;
+	border: 1px solid #a9a9a9;
 }

 .postform-label {
--- a/helpers/captchaverify.js
+++ b/helpers/captchaverify.js
@ -23,17 +23,18 @@ module.exports = async (req, res, next) => {
        });
 	}

+
 	// try to get the captcha from the DB
 	let captcha;
 	try {
 		const captchaMongoId = Mongo.ObjectId(captchaId);
-		captcha = await Captchas.findOne(captchaMongoId);
+		captcha = await Captchas.findOneAndDelete(captchaMongoId, input);
 	} catch (err) {
 		return next(err);
 	}

 	//check that it exists and matches captcha in DB
-	if (!captcha || captcha.text !== input) {
+	if (!captcha || !captcha.value || captcha.value.text !== input) {
 		return res.status(403).render('message', {
            'title': 'Forbidden',
            'message': 'Incorrect captcha'
--- a/server.js
+++ b/server.js
@ -53,7 +53,7 @@ const express  = require('express')
 	// use pug view engine
 	app.set('view engine', 'pug');
 	app.set('views', path.join(__dirname, 'views/pages'));
-//	app.enable('view cache');
+	app.enable('view cache');

 	// routes
 	app.use('/forms', require(__dirname+'/controllers/forms.js'))