From 12de24a0c0c2701a21305149ac22fd39aa60106e Mon Sep 17 00:00:00 2001
From: Lorenz Hohermuth <lofloho@proton.me>
Date: Fri, 6 Jun 2025 16:35:20 +0200
Subject: [PATCH] added captcha to backend

---
 .../controller/RecaptchaController.java       | 19 ++++++++++++
 .../tresorbackend/model/RecaptchaRequest.java |  9 ++++++
 .../service/RecaptchaService.java             | 30 +++++++++++++++++++
 .../src/main/resources/application.properties |  4 ++-
 4 files changed, 61 insertions(+), 1 deletion(-)
 create mode 100644 183_12_1_tresorbackend_rupe-master/src/main/java/ch/bbw/pr/tresorbackend/model/RecaptchaRequest.java
 create mode 100644 183_12_1_tresorbackend_rupe-master/src/main/java/ch/bbw/pr/tresorbackend/service/RecaptchaService.java

diff --git a/183_12_1_tresorbackend_rupe-master/src/main/java/ch/bbw/pr/tresorbackend/controller/RecaptchaController.java b/183_12_1_tresorbackend_rupe-master/src/main/java/ch/bbw/pr/tresorbackend/controller/RecaptchaController.java
index 4e84d0e..0648d2a 100644
--- a/183_12_1_tresorbackend_rupe-master/src/main/java/ch/bbw/pr/tresorbackend/controller/RecaptchaController.java
+++ b/183_12_1_tresorbackend_rupe-master/src/main/java/ch/bbw/pr/tresorbackend/controller/RecaptchaController.java
@@ -1,4 +1,23 @@
 package ch.bbw.pr.tresorbackend.controller;
 
+import ch.bbw.pr.tresorbackend.model.RecaptchaRequest;
+import ch.bbw.pr.tresorbackend.service.RecaptchaService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.Map;
+
+@RestController
+@RequestMapping("/api")
+@CrossOrigin(origins = "*") // allow from React
 public class RecaptchaController {
+
+    @Autowired
+    private RecaptchaService recaptchaService;
+
+    @PostMapping("/verify-recaptcha")
+    public Map<String, Object> verifyCaptcha(@RequestBody RecaptchaRequest request) {
+        boolean success = recaptchaService.verifyToken(request.getRecaptchaToken());
+        return Map.of("success", success);
+    }
 }
diff --git a/183_12_1_tresorbackend_rupe-master/src/main/java/ch/bbw/pr/tresorbackend/model/RecaptchaRequest.java b/183_12_1_tresorbackend_rupe-master/src/main/java/ch/bbw/pr/tresorbackend/model/RecaptchaRequest.java
new file mode 100644
index 0000000..6d03780
--- /dev/null
+++ b/183_12_1_tresorbackend_rupe-master/src/main/java/ch/bbw/pr/tresorbackend/model/RecaptchaRequest.java
@@ -0,0 +1,9 @@
+package ch.bbw.pr.tresorbackend.model;
+
+public class RecaptchaRequest {
+    private String recaptchaToken;
+
+    public String getRecaptchaToken() {
+        return recaptchaToken;
+    }
+}
diff --git a/183_12_1_tresorbackend_rupe-master/src/main/java/ch/bbw/pr/tresorbackend/service/RecaptchaService.java b/183_12_1_tresorbackend_rupe-master/src/main/java/ch/bbw/pr/tresorbackend/service/RecaptchaService.java
new file mode 100644
index 0000000..4ba0626
--- /dev/null
+++ b/183_12_1_tresorbackend_rupe-master/src/main/java/ch/bbw/pr/tresorbackend/service/RecaptchaService.java
@@ -0,0 +1,30 @@
+package ch.bbw.pr.tresorbackend.service;
+
+import org.springframework.stereotype.Service;
+import org.springframework.web.client.RestTemplate;
+import org.springframework.beans.factory.annotation.Value;
+
+import java.util.Map;
+
+@Service
+public class RecaptchaService {
+
+    @Value("${google.recaptcha.secret}")
+    private String recaptchaSecret;
+
+    private static final String VERIFY_URL = "https://www.google.com/recaptcha/api/siteverify";
+
+    public boolean verifyToken(String token) {
+        RestTemplate restTemplate = new RestTemplate();
+        Map<String, String> body = Map.of(
+                "secret", recaptchaSecret,
+                "response", token
+        );
+
+        String url = VERIFY_URL + "?secret=" + recaptchaSecret + "&response=" + token;
+
+        Map<String, Object> response = restTemplate.postForObject(url, null, Map.class);
+
+        return (Boolean) response.get("success");
+    }
+}
diff --git a/183_12_1_tresorbackend_rupe-master/src/main/resources/application.properties b/183_12_1_tresorbackend_rupe-master/src/main/resources/application.properties
index bf97cfd..eea7a04 100644
--- a/183_12_1_tresorbackend_rupe-master/src/main/resources/application.properties
+++ b/183_12_1_tresorbackend_rupe-master/src/main/resources/application.properties
@@ -10,4 +10,6 @@ spring.jpa.hibernate.ddl-auto=update
 
 CROSS_ORIGIN=http://localhost:3000
 
-pepper=VfQqM
\ No newline at end of file
+pepper=VfQqM
+
+google.recaptcha.secret=6LdJj1crAAAAACpj8Vw_b7xUEcHJdNJRU_T7aCvf
\ No newline at end of file