From be8c7114685feaef58b4fd3f0d5145706c0c2d6e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Witold=20Wis=CC=81niewski?=
 <witold.wisniewski@escolasoft.com>
Date: Thu, 8 Jan 2026 13:09:57 +0100
Subject: [PATCH] Fixed recaptcha check

---
 .../GoogleRecaptchaV3CaptchaProvider.php      |  8 ++-
 tests/Unit/CaptchaServiceTest.php             | 67 +++++++++++++++++++
 2 files changed, 74 insertions(+), 1 deletion(-)
 create mode 100644 tests/Unit/CaptchaServiceTest.php

diff --git a/src/Domain/Captcha/GoogleRecaptchaV3CaptchaProvider.php b/src/Domain/Captcha/GoogleRecaptchaV3CaptchaProvider.php
index 27a51c8cc..675ccb643 100644
--- a/src/Domain/Captcha/GoogleRecaptchaV3CaptchaProvider.php
+++ b/src/Domain/Captcha/GoogleRecaptchaV3CaptchaProvider.php
@@ -49,8 +49,14 @@ public function validate_token(string $captcha_token, string $validated_action):
             return false;
         }
 
+        /** @var string|float $min_Score */
         $min_Score = $this->settingsService->getSetting('google_recaptcha_min_score')->value;
+        $min_Score = is_string($min_Score) ? (float) str_replace(',', '.', trim($min_Score)) : $min_Score;
 
-        return !($score < $min_Score);
+        if ($min_Score <= 0) {
+            $min_Score = 0.1;
+        }
+
+        return (float) $score >= $min_Score;
     }
 }
diff --git a/tests/Unit/CaptchaServiceTest.php b/tests/Unit/CaptchaServiceTest.php
new file mode 100644
index 000000000..f18c200a0
--- /dev/null
+++ b/tests/Unit/CaptchaServiceTest.php
@@ -0,0 +1,67 @@
+<?php
+
+namespace Tests\Unit;
+
+use Domain\Captcha\GoogleRecaptchaV3CaptchaProvider;
+use Domain\Setting\Models\Setting;
+use Illuminate\Support\Facades\App;
+use Illuminate\Support\Facades\Config;
+use Illuminate\Support\Facades\Http;
+use Tests\TestCase;
+
+class CaptchaServiceTest extends TestCase
+{
+    public function setUp(): void
+    {
+        parent::setUp();
+    }
+
+    /**
+     * @dataProvider captchaDataProvider
+     */
+    public function testValidateTokenLogic(
+        float $google_score,
+        string $db_min_score,
+        bool $expected_result
+    ): void {
+        Config::set('captcha.google_recaptcha_url', 'www.google.com/recaptcha/api/siteverify');
+        Config::set('captcha.google_recaptcha_secret', 'secret');
+
+        Setting::query()->where('name', 'google_recaptcha_min_score')
+            ->firstOrCreate([
+            'name' => 'google_recaptcha_min_score',
+            'value' => $db_min_score,
+                'public' => false,
+        ]);
+
+        Http::fake([
+            'www.google.com/recaptcha/api/siteverify' => Http::response([
+                'success' => true,
+                'action' => 'login',
+                'score' => $google_score,
+            ], 200),
+        ]);
+
+        /** @var GoogleRecaptchaV3CaptchaProvider $captchaProvider */
+        $captchaProvider = App::make(GoogleRecaptchaV3CaptchaProvider::class);
+
+        $result = $captchaProvider->validate_token('test-token', 'login');
+
+        $this->assertEquals($expected_result, $result);
+    }
+
+    public static function captchaDataProvider(): array
+    {
+        return [
+            ['google_score' => 0.9, 'db_min_score' => '0.5', 'expected' => true],
+            ['google_score' => 0.1, 'db_min_score' => '0.5', 'expected' => false],
+            ['google_score' => 0.5, 'db_min_score' => '0.5', 'expected' => true],
+
+            ['google_score' => 0.3, 'db_min_score' => '0,5', 'expected' => false],
+
+            ['google_score' => 0.0, 'db_min_score' => '',    'expected' => false],
+            // Default value is 0.1
+            ['google_score' => 0.2, 'db_min_score' => '',    'expected' => true],
+        ];
+    }
+}