From 559e32738307aed5ee6abc8ce3f7c7720ce6a0e0 Mon Sep 17 00:00:00 2001
From: Dominik Hebeler <dominik@suma-ev.de>
Date: Tue, 22 Dec 2020 20:50:56 +0100
Subject: [PATCH] added logging to fail2ban server

---
 app/Http/Controllers/HumanVerification.php | 24 ++++++++++++++++++++++
 app/Http/Middleware/HumanVerification.php  |  3 ++-
 config/metager/metager.php                 |  3 ++-
 3 files changed, 28 insertions(+), 2 deletions(-)

diff --git a/app/Http/Controllers/HumanVerification.php b/app/Http/Controllers/HumanVerification.php
index d304fc1b3..c9a352320 100644
--- a/app/Http/Controllers/HumanVerification.php
+++ b/app/Http/Controllers/HumanVerification.php
@@ -90,6 +90,30 @@ class HumanVerification extends Controller
 
     }
 
+    public static function logCaptcha(Request $request){
+        $fail2banEnabled = config("metager.metager.fail2ban_enabled");
+        if(empty($fail2banEnabled) || !$fail2banEnabled || !env("fail2banurl", false) || !env("fail2banuser") || !env("fail2banpassword")){
+            return;
+        }
+
+        // Submit fetch job to worker
+        $mission = [
+                "resulthash" => "captcha",
+                "url" => env("fail2banurl") . "/captcha/",
+                "useragent" => "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:81.0) Gecko/20100101 Firefox/81.0",
+                "username" => env("fail2banuser"),
+                "password" => env("fail2banpassword"),
+                "headers" => [
+                    "ip" => $request->ip()
+                ],
+                "cacheDuration" => 0,
+                "name" => "Captcha",
+            ];
+        $mission = json_encode($mission);
+        Redis::rpush(\App\MetaGer::FETCHQUEUE_KEY, $mission);
+
+    }
+
     public static function remove(Request $request)
     {
         if (!$request->has('mm')) {
diff --git a/app/Http/Middleware/HumanVerification.php b/app/Http/Middleware/HumanVerification.php
index 43997ee9e..47e06200c 100644
--- a/app/Http/Middleware/HumanVerification.php
+++ b/app/Http/Middleware/HumanVerification.php
@@ -46,7 +46,7 @@ class HumanVerification
              * If someone that uses a bot finds this out we
              * might have to change it at some point.
              */
-            if ($request->filled('appversion') || !env('BOT_PROTECTION', false) || app('App\Models\Key')->getStatus()) {
+            if (!env('BOT_PROTECTION', false) || app('App\Models\Key')->getStatus()) {
                 $update = false;
                 return $next($request);
             }
@@ -103,6 +103,7 @@ class HumanVerification
 
             # If the user is locked we will force a Captcha validation
             if ($user["locked"]) {
+                \App\Http\Controllers\HumanVerification::logCaptcha($request);
                 return redirect()->route('captcha', ["id" => $id, "uid" => $uid, "url" => url()->full()]);
             }
 
diff --git a/config/metager/metager.php b/config/metager/metager.php
index 8db1e8fe5..4e61c3d76 100644
--- a/config/metager/metager.php
+++ b/config/metager/metager.php
@@ -1,8 +1,9 @@
 <?php
 
 return [
-    "browserverification_enabled" => true,
+    "browserverification_enabled" => false,
     "browserverification_whitelist" => [
         "w3m\/",
     ],
+    "fail2ban_enabled" => true,
 ];
-- 
GitLab