From dad10fc5328db8de1f5382f2460c6b95614d5320 Mon Sep 17 00:00:00 2001
From: Nima8FT <nima_8ak@yahoo.com>
Date: Wed, 23 Apr 2025 20:03:31 +0330
Subject: [PATCH] implement captcha system

---
 .../app/Http/Controllers/Auth/LoginController.php  | 14 ++++++++++++++
 .../Manually/app/Http/Requests/LoginRequest.php    |  1 +
 .../Manually/resources/views/auth/login.blade.php  |  1 +
 .../Manually/resources/views/layouts/app.blade.php |  1 +
 4 files changed, 17 insertions(+)

diff --git a/Web-Application/Manually/app/Http/Controllers/Auth/LoginController.php b/Web-Application/Manually/app/Http/Controllers/Auth/LoginController.php
index 99d31e7..1433550 100644
--- a/Web-Application/Manually/app/Http/Controllers/Auth/LoginController.php
+++ b/Web-Application/Manually/app/Http/Controllers/Auth/LoginController.php
@@ -8,6 +8,7 @@ use App\Models\DeviceSession;
 use App\Http\Requests\LoginRequest;
 use App\Http\Controllers\Controller;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Http;
 
 class LoginController extends Controller
 {
@@ -23,6 +24,19 @@ class LoginController extends Controller
 
             $remember = $request->has('remember');
 
+            //captcha
+            $response = Http::asForm()->post('https://hcaptcha.com/siteverify', [
+                'secret' => 'ES_f05ab02ddc424bbabca7e82b79f1c09f',
+                'response' => $request->input('h-captcha-response'),
+                'remoteip' => $request->ip(),
+            ]);
+
+            $verification = $response->json();
+
+            if (!isset($verification['success']) || $verification['success'] !== true) {
+                return back()->withErrors(['error' => 'captcha is not correct']);
+            }
+
             if (!Auth::attempt($credentials, $remember)) {
                 return back()->withErrors([
                     'email' => 'The provided credentials do not match our records.',
diff --git a/Web-Application/Manually/app/Http/Requests/LoginRequest.php b/Web-Application/Manually/app/Http/Requests/LoginRequest.php
index ad4628f..07b0c5f 100644
--- a/Web-Application/Manually/app/Http/Requests/LoginRequest.php
+++ b/Web-Application/Manually/app/Http/Requests/LoginRequest.php
@@ -24,6 +24,7 @@ class LoginRequest extends FormRequest
         return [
             'email' => 'required|email',
             'password' => 'required|min:8',
+            'h-captcha-response' => 'required',
         ];
     }
 }
diff --git a/Web-Application/Manually/resources/views/auth/login.blade.php b/Web-Application/Manually/resources/views/auth/login.blade.php
index dd57268..ae952e6 100644
--- a/Web-Application/Manually/resources/views/auth/login.blade.php
+++ b/Web-Application/Manually/resources/views/auth/login.blade.php
@@ -45,6 +45,7 @@
                     {{ $message }}
                     @enderror
                 </p>
+                {{-- captcha scction --}}
                 <div class="mt-8">
                     <button type="submit"
                         class="border border-[#e0e1dd] font-medium w-full p-2 rounded-md bg-[#e0e1dd] cursor-pointer hover:opacity-85 transition duration-300 ease-in-out text-black">Login</button>
diff --git a/Web-Application/Manually/resources/views/layouts/app.blade.php b/Web-Application/Manually/resources/views/layouts/app.blade.php
index 050a31e..956cc5a 100644
--- a/Web-Application/Manually/resources/views/layouts/app.blade.php
+++ b/Web-Application/Manually/resources/views/layouts/app.blade.php
@@ -11,6 +11,7 @@
 
 <body>
     @yield('content')
+    <script src="https://js.hcaptcha.com/1/api.js" async defer></script>
 </body>
 
 </html>
\ No newline at end of file