...it turns out tokens can be quite long

1 files changed, 1 insertions, 1 deletions

diff --git a/src/api.js b/src/api.js
index eb6d726..f33aca4 100644
--- a/src/api.js
+++ b/src/api.js
@@ -36,7 +36,7 @@ const checkRateLimiting = (req, res, next) => {
 const checkCaptcha = (req, res, next) => {
     const token = String(req.get("X-CAPTCHA-TOKEN") || "");
 
-    if (!token.match(/^[a-zA-Z0-9-_]{30,60}$/)) {
+    if (!token.match(/^[a-zA-Z0-9-_]{20,800}$/)) {
         res.status(403).json({
             status: "error",
             error: "no token sent"