Up captcha timer to 60 secs again, save used captchas in cachex

config/config.exs

@@ -12,7 +12,7 @@
 
 config :pleroma, Pleroma.Captcha,
   enabled: false,
-  seconds_valid: 20,
+  seconds_valid: 60,
   method: Pleroma.Captcha.Kocaptcha
 
 config :pleroma, Pleroma.Captcha.Kocaptcha, endpoint: "https://captcha.kotobank.ch"

lib/pleroma/application.ex

@@ -25,6 +25,16 @@ def start(_type, _args) do
         supervisor(Pleroma.Repo, []),
         worker(Pleroma.Emoji, []),
         worker(Pleroma.Captcha, []),
+        worker(
+          Cachex,
+          [
+            :used_captcha_cache,
+            [
+              ttl_interval: :timer.seconds(60 * 2)
+            ]
+          ],
+          id: :cachex_used_captcha_cache
+        ),
         worker(
           Cachex,
           [

lib/pleroma/captcha/captcha.ex

@@ -80,9 +80,24 @@ def handle_call({:validate, token, captcha, answer_data}, _from, state) do
     result =
       with {:ok, data} <- MessageEncryptor.decrypt(answer_data, secret, sign_secret),
            %{at: at, answer_data: answer_md5} <- :erlang.binary_to_term(data) do
-        if DateTime.after?(at, valid_if_after),
-          do: method().validate(token, captcha, answer_md5),
-          else: {:error, "CAPTCHA expired"}
+        try do
+          if DateTime.before?(at, valid_if_after), do: throw({:error, "CAPTCHA expired"})
+
+          if not is_nil(Cachex.get!(:used_captcha_cache, token)),
+            do: throw({:error, "CAPTCHA already used"})
+
+          res = method().validate(token, captcha, answer_md5)
+          # Throw if an error occurs
+          if res != :ok, do: throw(res)
+
+          # Mark this captcha as used
+          {:ok, _} =
+            Cachex.put(:used_captcha_cache, token, true, ttl: :timer.seconds(seconds_valid))
+
+          :ok
+        catch
+          :throw, e -> e
+        end
       else
         _ -> {:error, "Invalid answer data"}
       end