first commit

controllers/front/verify.php

@@ -0,0 +1,30 @@
+<?php
+use PrestaShop\PrestaShop\Core\Crypto\PhpEncryption;
+
+class BotLimiterVerifyModuleFrontController extends ModuleFrontController
+{
+    public function initContent()
+    {
+        parent::initContent(); // This initializes the Standard PS Cookie
+
+        $ip = $_SERVER['REMOTE_ADDR'];
+        $return_url = urldecode(Tools::getValue('return_url'));
+
+        // Sanity check on return URL to prevent open redirect vulnerabilities
+        if (strpos($return_url, '/') !== 0) {
+            $return_url = Context::getContext()->shop->getBaseURL(true);
+        }
+
+        // Generate Encrypted Token
+        // Using IP ensures the token cannot be generated on one machine and used on another
+        $encryption = new PhpEncryption(_NEW_COOKIE_KEY_);
+        $token = $encryption->encrypt($ip);
+
+        $this->context->smarty->assign([
+            'return_url' => $return_url,
+            'bot_token' => $token,
+        ]);
+
+        $this->setTemplate('module:botlimiter/views/templates/front/verify.tpl');
+    }
+}