From e34d064a079b84c4be6f6fa8aaf57c195f1c07c1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Bidoul?= <stephane.bidoul@acsone.eu>
Date: Fri, 2 Dec 2022 10:17:46 +0100
Subject: [PATCH] Make the recaptcha minimum acceptable score configurable

---
 lib/locomotive/steam/services/recaptcha_service.rb | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/lib/locomotive/steam/services/recaptcha_service.rb b/lib/locomotive/steam/services/recaptcha_service.rb
index fd3ed68a..e65185d0 100644
--- a/lib/locomotive/steam/services/recaptcha_service.rb
+++ b/lib/locomotive/steam/services/recaptcha_service.rb
@@ -7,13 +7,15 @@ module Steam
     class RecaptchaService
 
       GOOGLE_API_URL = 'https://www.google.com/recaptcha/api/siteverify'.freeze
+      MIN_SCORE = 0.2
 
       def initialize(site, request)
         attributes = site.metafields.values.reduce({}, :merge).with_indifferent_access
 
-        @api      = attributes[:recaptcha_api_url] || GOOGLE_API_URL
-        @secret   = attributes[:recaptcha_secret]
-        @ip       = request.ip
+        @api       = attributes[:recaptcha_api_url] || GOOGLE_API_URL
+        @secret    = attributes[:recaptcha_secret]
+        @ip        = request.ip
+        @min_score = attributes[:recaptcha_min_score] || MIN_SCORE
       end
 
       def verify(response_code)
@@ -26,6 +28,8 @@ def verify(response_code)
           remoteip: @ip
         }})
 
+        return false if _response.parsed_response['score'] < MIN_SCORE
+
         _response.parsed_response['success']
       end