*

src/Masuit.MyBlogs.Core/Controllers/FirewallController.cs

@@ -101,24 +101,27 @@ public class FirewallController : Controller
     public async Task<ActionResult> CloudflareTurnstileHandler()
     {
         var form = await Request.ReadFormAsync();
-        var token = form["cf-turnstile-response"][0];
-        const string url = "https://challenges.cloudflare.com/turnstile/v0/siteverify";
-        using var encodedContent = new FormUrlEncodedContent(new List<KeyValuePair<string, string>>
+        if (form.ContainsKey("cf-turnstile-response"))
         {
-            new("secret",CommonHelper.SystemSettings["TurnstileSecretKey"]),
-            new("response",token),
-            new("remoteip",HttpContext.Connection.RemoteIpAddress.ToString()),
-        });
-        var resp = await _httpClient.PostAsync(url, encodedContent);
-        var result = await resp.Content.ReadFromJsonAsync<TurnstileResult>();
-        if (result.Success)
-        {
-            HttpContext.Session.Set("js-challenge", 1);
-            Response.Cookies.Append(SessionKey.ChallengeBypass, DateTime.Now.AddSeconds(new Random().Next(60, 86400)).ToString("yyyy-MM-dd HH:mm:ss").AESEncrypt(AppConfig.BaiduAK), new CookieOptions()
+            var token = form["cf-turnstile-response"][0];
+            const string url = "https://challenges.cloudflare.com/turnstile/v0/siteverify";
+            using var encodedContent = new FormUrlEncodedContent(new List<KeyValuePair<string, string>>
             {
-                SameSite = SameSiteMode.Lax,
-                Expires = DateTime.Now.AddDays(1)
+                new("secret",CommonHelper.SystemSettings["TurnstileSecretKey"]),
+                new("response",token),
+                new("remoteip",HttpContext.Connection.RemoteIpAddress.ToString()),
             });
+            var resp = await _httpClient.PostAsync(url, encodedContent);
+            var result = await resp.Content.ReadFromJsonAsync<TurnstileResult>();
+            if (result.Success)
+            {
+                HttpContext.Session.Set("js-challenge", 1);
+                Response.Cookies.Append(SessionKey.ChallengeBypass, DateTime.Now.AddSeconds(new Random().Next(60, 86400)).ToString("yyyy-MM-dd HH:mm:ss").AESEncrypt(AppConfig.BaiduAK), new CookieOptions()
+                {
+                    SameSite = SameSiteMode.Lax,
+                    Expires = DateTime.Now.AddDays(1)
+                });
+            }
         }
 
         return Redirect(Request.Headers[HeaderNames.Referer]);

src/Masuit.MyBlogs.Core/Views/Shared/CloudflareTurnstileChallenge.cshtml

@@ -33,7 +33,7 @@
     <form asp-controller="Firewall" asp-action="CloudflareTurnstileHandler" method="post">
         @Html.AntiForgeryToken()
         <div class="cf-turnstile" data-sitekey="@CommonHelper.SystemSettings["TurnstileClientKey"]" data-theme="light"></div>
-        <button class="btn btn-lg btn-primary" type="submit">点击进入网站</button>
+        <button id="btn" class="btn btn-lg btn-primary" type="submit" style="display: none">点击进入网站</button>
     </form>
 @Html.Raw(CommonHelper.SystemSettings["Scripts"])
 </body>
@@ -43,6 +43,7 @@
         const interval = setInterval(function() {
             if ($("input[name=cf-turnstile-response]").val().length) {
                 clearInterval(interval);
+                $("#btn").show();
                 $("form").submit();
             }
         },2000);