From 4dcf2b08e598703bff9c746b3081674b261c259d Mon Sep 17 00:00:00 2001
From: syeopite <syeopite@syeopite.dev>
Date: Thu, 27 Jul 2023 11:46:16 -0700
Subject: [PATCH] Fix text captcha validation

---
 src/invidious/routes/login.cr | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/src/invidious/routes/login.cr b/src/invidious/routes/login.cr
index c9bece1e..d04eddca 100644
--- a/src/invidious/routes/login.cr
+++ b/src/invidious/routes/login.cr
@@ -215,15 +215,27 @@ module Invidious::Routes::Login
         return error_template(400, "Erroneous CAPTCHA")
       end
 
+      # Text Captcha Validation
+      # There's a possibility that there could be multiple tokens and therefore we'd need to
+      # check them all and only error once we've made sure that none of them passes the check.
       found_valid_captcha = false
+      error_exception = Exception.new
+
       tokens.each do |tok|
         begin
           validate_request(tok, answer, env.request, HMAC_KEY, locale)
           found_valid_captcha = true
+
+          break
         rescue ex
-          return error_template(400, "Erroneous CAPTCHA")
+          error_exception = ex
         end
       end
+
+      # Error when validation fail
+      if !found_valid_captcha
+        return error_template(400, "Erroneous CAPTCHA")
+      end
     end
 
     self.register_user(env, email, password)