Disable login captcha if backend has no captcha secret (#5288)

* Add /_internal/globals route * Don't show login captcha if backend claims it's disabled * try to re-add tombi * typos * Assume captcha enabled if globals route is unreachable * Prepare frontend fixes
2026-02-04 18:08:14 +00:00
parent 323090966b
commit 3f5e3b1d8b
7 changed files with 94 additions and 16 deletions
--- a/apps/frontend/src/pages/auth/reset-password.vue
+++ b/apps/frontend/src/pages/auth/reset-password.vue
@@ -22,9 +22,13 @@
 					/>
 				</div>

-				<HCaptcha ref="captcha" v-model="token" />
+				<HCaptcha v-if="globals?.captcha_enabled" ref="captcha" v-model="token" />

-				<button class="btn btn-primary centered-btn" :disabled="!token" @click="recovery">
+				<button
+					class="btn btn-primary centered-btn"
+					:disabled="globals?.captcha_enabled ? !token : false"
+					@click="recovery"
+				>
 					<SendIcon /> {{ formatMessage(methodChoiceMessages.action) }}
 				</button>
 			</template>
@@ -158,6 +162,15 @@ if (route.query.flow) {

 const captcha = ref()

+const { data: globals } = await useAsyncData('auth-globals', async () => {
+	try {
+		return await useBaseFetch('globals', { internal: true })
+	} catch (err) {
+		console.error('Error fetching globals:', err)
+		return { captcha_enabled: true }
+	}
+})
+
 const email = ref('')
 const token = ref('')

--- a/apps/frontend/src/pages/auth/sign-in.vue
+++ b/apps/frontend/src/pages/auth/sign-in.vue
@@ -89,11 +89,11 @@
 					/>
 				</div>

-				<HCaptcha ref="captcha" v-model="token" />
+				<HCaptcha v-if="globals?.captcha_enabled" ref="captcha" v-model="token" />

 				<button
 					class="btn btn-primary continue-btn centered-btn"
-					:disabled="!token"
+					:disabled="globals?.captcha_enabled ? !token : false"
 					@click="beginPasswordSignIn()"
 				>
 					{{ formatMessage(commonMessages.signInButton) }} <RightArrowIcon />
@@ -210,6 +210,15 @@ if (auth.value.user) {

 const captcha = ref()

+const { data: globals } = await useAsyncData('auth-globals', async () => {
+	try {
+		return await useBaseFetch('globals', { internal: true })
+	} catch (err) {
+		console.error('Error fetching globals:', err)
+		return { captcha_enabled: true }
+	}
+})
+
 const email = ref('')
 const password = ref('')
 const token = ref('')
--- a/apps/frontend/src/pages/auth/sign-up.vue
+++ b/apps/frontend/src/pages/auth/sign-up.vue
@@ -108,11 +108,11 @@
 				</IntlFormatted>
 			</p>

-			<HCaptcha ref="captcha" v-model="token" />
+			<HCaptcha v-if="globals?.captcha_enabled" ref="captcha" v-model="token" />

 			<button
 				class="btn btn-primary continue-btn centered-btn"
-				:disabled="!token"
+				:disabled="globals?.captcha_enabled ? !token : false"
 				@click="createAccount"
 			>
 				{{ formatMessage(messages.createAccountButton) }} <RightArrowIcon />
@@ -209,6 +209,15 @@ if (auth.value.user) {

 const captcha = ref()

+const { data: globals } = await useAsyncData('auth-globals', async () => {
+	try {
+		return await useBaseFetch('globals', { internal: true })
+	} catch (err) {
+		console.error('Error fetching globals:', err)
+		return { captcha_enabled: true }
+	}
+})
+
 const email = ref('')
 const username = ref('')
 const password = ref('')