1 files changed, 28 insertions, 11 deletions

diff --git a/src/invidious.cr b/src/invidious.cr
index 43d2ce72..d5be4ba1 100644
--- a/src/invidious.cr
+++ b/src/invidious.cr
@@ -24,6 +24,7 @@ require "sqlite3"
 require "xml"
 require "yaml"
 require "zip"
+require "protodec/utils"
 require "./invidious/helpers/*"
 require "./invidious/*"
 
@@ -1391,8 +1392,7 @@ get "/login" do |env|
   captcha_type ||= "image"
 
   tfa = env.params.query["tfa"]?
-  tfa ||= false
-  prompt = ""
+  prompt = nil
 
   templated "login"
 end
@@ -1445,7 +1445,7 @@ post "/login" do |env|
 
       headers["Content-Type"] = "application/x-www-form-urlencoded;charset=utf-8"
       headers["Google-Accounts-XSRF"] = "1"
-      headers["User-Agent"] = "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.75 Safari/537.36"
+      headers["User-Agent"] = random_user_agent
 
       response = client.post("/_/signin/sl/lookup", headers, login_req(lookup_req))
       lookup_results = JSON.parse(response.body[5..-1])
@@ -1454,10 +1454,17 @@ post "/login" do |env|
 
       user_hash = lookup_results[0][2]
 
+      if token = env.params.body["token"]?
+        answer = env.params.body["answer"]?
+        captcha = {token, answer}
+      else
+        captcha = nil
+      end
+
       challenge_req = {
         user_hash, nil, 1, nil,
         {1, nil, nil, nil,
-         {password, nil, true},
+         {password, captcha, true},
         },
         {nil, nil,
          {2, 1, nil, 1,
@@ -1485,11 +1492,14 @@ post "/login" do |env|
         next templated "error"
       end
 
-      # TODO: Handle Google's CAPTCHA
-      if captcha = challenge_results[0][-1]?.try &.[-1]?.try &.as_h?.try &.["5001"]?.try &.[-1].as_a?
-        error_message = "Unhandled CAPTCHA. Please try again later."
-        env.response.status_code = 401
-        next templated "error"
+      if token = challenge_results[0][-1]?.try &.[-1]?.try &.as_h?.try &.["5001"]?.try &.[-1].as_a?.try &.[-1].as_s
+        account_type = "google"
+        captcha_type = "image"
+        prompt = nil
+        tfa = tfa_code
+        captcha = {tokens: [token], question: ""}
+
+        next templated "login"
       end
 
       if challenge_results[0][-1]?.try &.[5] == "INCORRECT_ANSWER_ENTERED"
@@ -1548,7 +1558,7 @@ post "/login" do |env|
             prompt = "Google verification code"
           end
 
-          tfa = true
+          tfa = nil
           captcha = nil
           next templated "login"
         end
@@ -5447,7 +5457,7 @@ get "/videoplayback" do |env|
 
   client = make_client(URI.parse(host), region)
 
-  response = HTTP::Client::Response.new(403)
+  response = HTTP::Client::Response.new(500)
   5.times do
     begin
       response = client.head(url, headers)
@@ -5771,6 +5781,13 @@ get "/vi/:id/:name" do |env|
   end
 end
 
+get "/Captcha" do |env|
+  client = make_client(LOGIN_URL)
+  response = client.get(env.request.resource)
+  env.response.headers["Content-Type"] = response.headers["Content-Type"]
+  response.body
+end
+
 # Undocumented, creates anonymous playlist with specified 'video_ids', max 50 videos
 get "/watch_videos" do |env|
   response = YT_POOL.client &.get(env.request.resource)