You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Verifies cap-token from registration requests using the configured
Cap service when CAP_INSTANCE_URI and CAP_SECRET are set; otherwise
falls back to a no-op implementation.
Due to problems with bots making spam registrations the `/register` endpoint can be configured to require a
71
+
[proof-of-work](https://en.wikipedia.org/wiki/Proof_of_work) to be provided by the client using the self-hostable
72
+
CAPTCHA tool [Cap](https://trycap.dev/). This is only enabled/required if **both** `CAP_INSTANCE_URI` and `CAP_SECRET`
73
+
are set.
74
+
68
75
Note that the fields `email` and `extra` are not shown in the public `GET /visitors` listing, but are intended only
69
76
for the party organizers.
70
77
@@ -81,6 +88,27 @@ content-length: 0
81
88
date: Sat, 10 Jun 2023 19:17:23 GMT
82
89
```
83
90
91
+
#### With proof-of-work
92
+
93
+
See the [Cap Quickstart](https://trycap.dev/guide/) for detailed information about how to add the Cap widget to your
94
+
frontend.
95
+
96
+
The `CAP_INSTANCE_URI` should point to the actual verification endpoint, like
97
+
`https://<your-instance>/<site-key>/siteverify`. `CAP_SECRET` is your generated secret key, like `sk-xxx`.
98
+
99
+
```sh
100
+
curl -i -H 'Content-Type: application/json' \
101
+
-X POST \
102
+
-d '{"nick":"Lorem","group":"Ipsum","email":"lorem@example.com","extra":"Allergic to metaballs","cap-token":"fb69400c43:1ab132ceaeb7be79:d33ea92570f08527ba917c8ba24cc3"}' \
103
+
http://localhost:3000/register
104
+
```
105
+
106
+
```
107
+
HTTP/1.1 201 Created
108
+
content-length: 0
109
+
date: Sat, 10 Jun 2023 19:17:23 GMT
110
+
```
111
+
84
112
### Fetching full visitor data
85
113
86
114
This is only available for organizers, authorized by API_KEY.
0 commit comments