|
|
@ -23,17 +23,18 @@ module.exports = async (req, res, next) => { |
|
|
|
}); |
|
|
|
}); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// try to get the captcha from the DB
|
|
|
|
// try to get the captcha from the DB
|
|
|
|
let captcha; |
|
|
|
let captcha; |
|
|
|
try { |
|
|
|
try { |
|
|
|
const captchaMongoId = Mongo.ObjectId(captchaId); |
|
|
|
const captchaMongoId = Mongo.ObjectId(captchaId); |
|
|
|
captcha = await Captchas.findOne(captchaMongoId); |
|
|
|
captcha = await Captchas.findOneAndDelete(captchaMongoId, input); |
|
|
|
} catch (err) { |
|
|
|
} catch (err) { |
|
|
|
return next(err); |
|
|
|
return next(err); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
//check that it exists and matches captcha in DB
|
|
|
|
//check that it exists and matches captcha in DB
|
|
|
|
if (!captcha || captcha.text !== input) { |
|
|
|
if (!captcha || !captcha.value || captcha.value.text !== input) { |
|
|
|
return res.status(403).render('message', { |
|
|
|
return res.status(403).render('message', { |
|
|
|
'title': 'Forbidden', |
|
|
|
'title': 'Forbidden', |
|
|
|
'message': 'Incorrect captcha' |
|
|
|
'message': 'Incorrect captcha' |
|
|
|