diff --git a/server.py b/server.py index baf2477..0e46977 100644 --- a/server.py +++ b/server.py @@ -81,7 +81,7 @@ def create_email(to_email, identifier, text, all_attachments, reference=''): subject = f'Secure Form Submission {identifier}' if reference: subject = f'{reference} {subject}' - + message = Mail( from_email=FROMEMAIL, to_emails=to_email, @@ -108,15 +108,21 @@ def validate_recaptcha(recaptcha_response): Validates the ReCaptcha response. """ try: + if not recaptcha_response: + logging.error('No ReCaptcha response provided.') + raise ValueError('ReCaptcha verification failed: No response provided.') + + # Perform the verification if not recaptcha.verify(response=recaptcha_response): logging.error('ReCaptcha verification failed for response: %s', recaptcha_response) - raise ValueError('Error: ReCaptcha verification failed!') - else: - logging.info('ReCaptcha verification succeeded') + raise ValueError('ReCaptcha verification failed.') + + logging.info('ReCaptcha verification succeeded for response: %s', recaptcha_response) except Exception as e: - logging.error('ReCaptcha validation encountered an error: %s', str(e)) + logging.error('Error during ReCaptcha validation: %s', str(e)) raise + def send_email(message): """ Sends the email using SendGrid and logs detailed information for debugging. @@ -163,6 +169,7 @@ def send_email(message): def index(): return render_template('index.html', notice='', hascaptcha=not Config.DEBUG_MODE, attachments_number=Config.NUMBER_OF_ATTACHMENTS, recaptcha_sitekey=RECAPTCHASITEKEY) + @app.route('/submit-encrypted-data', methods=['POST']) @limiter.limit("5 per minute") def submit(): @@ -172,7 +179,11 @@ def submit(): # Validate ReCaptcha unless in debug mode if not Config.DEBUG_MODE: - validate_recaptcha(data['g-recaptcha-response']) + recaptcha_response = data.get('g-recaptcha-response', '') + try: + validate_recaptcha(recaptcha_response) + except ValueError as e: + return jsonify({'status': 'failure', 'message': str(e)}), 400 # Extract fields from JSON data message = data['message'] @@ -219,6 +230,7 @@ def submit(): logging.error(f"Internal error: {str(e)}") return jsonify({'status': 'failure', 'message': error_message}) + @app.errorhandler(413) def error413(e): return render_template('413.html'), 413