KP, was ich gemacht habe

2025-06-08 01:32:11 +02:00
Commit f9e5823eeb
--- a/v2_adminpanel/app.py
+++ b/v2_adminpanel/app.py
@@ -618,8 +618,9 @@ def login():
        password = request.form.get("password")
        captcha_response = request.form.get("g-recaptcha-response")
        
-        # CAPTCHA-Prüfung wenn nötig
-        if attempt_count >= CAPTCHA_AFTER_ATTEMPTS:
+        # CAPTCHA-Prüfung nur wenn Keys konfiguriert sind
+        recaptcha_site_key = os.getenv('RECAPTCHA_SITE_KEY')
+        if attempt_count >= CAPTCHA_AFTER_ATTEMPTS and recaptcha_site_key:
            if not captcha_response:
                # Timing-Attack Schutz
                elapsed = time.time() - start_time
@@ -630,7 +631,7 @@ def login():
                                     show_captcha=True,
                                     error_type="captcha",
                                     attempts_left=max(0, MAX_LOGIN_ATTEMPTS - attempt_count),
-                                     recaptcha_site_key=os.getenv('RECAPTCHA_SITE_KEY'))
+                                     recaptcha_site_key=recaptcha_site_key)
            
            # CAPTCHA validieren
            if not verify_recaptcha(captcha_response):
@@ -643,7 +644,7 @@ def login():
                                     show_captcha=True,
                                     error_type="captcha",
                                     attempts_left=max(0, MAX_LOGIN_ATTEMPTS - attempt_count),
-                                     recaptcha_site_key=os.getenv('RECAPTCHA_SITE_KEY'))
+                                     recaptcha_site_key=recaptcha_site_key)
        
        # Check gegen beide Admin-Accounts aus .env
        admin1_user = os.getenv("ADMIN1_USERNAME")
@@ -685,14 +686,14 @@ def login():
            
            return render_template("login.html", 
                                 error=error_message,
-                                 show_captcha=(new_attempt_count >= CAPTCHA_AFTER_ATTEMPTS),
+                                 show_captcha=(new_attempt_count >= CAPTCHA_AFTER_ATTEMPTS and os.getenv('RECAPTCHA_SITE_KEY')),
                                 error_type="failed",
                                 attempts_left=max(0, MAX_LOGIN_ATTEMPTS - new_attempt_count),
                                 recaptcha_site_key=os.getenv('RECAPTCHA_SITE_KEY'))
    
    # GET Request
    return render_template("login.html", 
-                         show_captcha=(attempt_count >= CAPTCHA_AFTER_ATTEMPTS),
+                         show_captcha=(attempt_count >= CAPTCHA_AFTER_ATTEMPTS and os.getenv('RECAPTCHA_SITE_KEY')),
                         attempts_left=max(0, MAX_LOGIN_ATTEMPTS - attempt_count),
                         recaptcha_site_key=os.getenv('RECAPTCHA_SITE_KEY'))