From afbd3b2fc4834a0f03236b550892e0f1d96b54c3 Mon Sep 17 00:00:00 2001 From: Erik Johnston Date: Thu, 28 May 2015 18:05:00 +0100 Subject: [PATCH] SYN-395: Fix CAPTCHA, don't double decode json --- synapse/handlers/auth.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py index 4e2e50345e..0cc28248a9 100644 --- a/synapse/handlers/auth.py +++ b/synapse/handlers/auth.py @@ -187,7 +187,7 @@ class AuthHandler(BaseHandler): # each request try: client = SimpleHttpClient(self.hs) - data = yield client.post_urlencoded_get_json( + resp_body = yield client.post_urlencoded_get_json( "https://www.google.com/recaptcha/api/siteverify", args={ 'secret': self.hs.config.recaptcha_private_key, @@ -198,7 +198,8 @@ class AuthHandler(BaseHandler): except PartialDownloadError as pde: # Twisted is silly data = pde.response - resp_body = simplejson.loads(data) + resp_body = simplejson.loads(data) + if 'success' in resp_body and resp_body['success']: defer.returnValue(True) raise LoginError(401, "", errcode=Codes.UNAUTHORIZED)