feat: add captcha-backed forum security hardening

2026-03-17 16:06:28 +01:00
parent 980a15f66e
commit b3fc889452
40 changed files with 2849 additions and 108 deletions
--- a/app/Services/Security/CaptchaVerifier.php
+++ b/app/Services/Security/CaptchaVerifier.php
@@ -0,0 +1,71 @@
+<?php
+
+namespace App\Services\Security;
+
+use App\Services\Security\Captcha\CaptchaProviderInterface;
+use App\Services\Security\Captcha\HcaptchaCaptchaProvider;
+use App\Services\Security\Captcha\RecaptchaCaptchaProvider;
+use App\Services\Security\Captcha\TurnstileCaptchaProvider;
+
+class CaptchaVerifier
+{
+    public function __construct(
+        private readonly TurnstileCaptchaProvider $turnstileProvider,
+        private readonly RecaptchaCaptchaProvider $recaptchaProvider,
+        private readonly HcaptchaCaptchaProvider $hcaptchaProvider,
+    ) {
+    }
+
+    public function provider(): string
+    {
+        $configured = strtolower(trim((string) config('forum_bot_protection.captcha.provider', 'turnstile')));
+
+        return match ($configured) {
+            'recaptcha' => 'recaptcha',
+            'hcaptcha' => 'hcaptcha',
+            default => 'turnstile',
+        };
+    }
+
+    public function isEnabled(): bool
+    {
+        return $this->resolveProvider()->isEnabled();
+    }
+
+    public function inputName(): string
+    {
+        $configured = trim((string) config('forum_bot_protection.captcha.input', ''));
+
+        if ($configured !== '') {
+            return $configured;
+        }
+
+        return $this->resolveProvider()->inputName();
+    }
+
+    public function verify(string $token, ?string $ip = null): bool
+    {
+        return $this->resolveProvider()->verify($token, $ip);
+    }
+
+    public function frontendConfig(): array
+    {
+        $provider = $this->resolveProvider();
+
+        return [
+            'provider' => $provider->name(),
+            'siteKey' => $provider->isEnabled() ? $provider->siteKey() : '',
+            'inputName' => $this->inputName(),
+            'scriptUrl' => $provider->isEnabled() ? $provider->scriptUrl() : '',
+        ];
+    }
+
+    private function resolveProvider(): CaptchaProviderInterface
+    {
+        return match ($this->provider()) {
+            'recaptcha' => $this->recaptchaProvider,
+            'hcaptcha' => $this->hcaptchaProvider,
+            default => $this->turnstileProvider,
+        };
+    }
+}