Changes

api/Services/RecaptchaVerifier.cs

@@ -18,7 +18,7 @@ namespace Api.Services
             _log = log;
         }
 
-        public async Task<CaptchaVerdictModel> VerifyAsync(string token, string? userIp, CancellationToken ct)
+        public async Task<CaptchaVerdictModel> VerifyAsync(string token, string? userIp, string? expectedAction, CancellationToken ct)
         {
             _log.LogDebug("Verifying captcha token for IP {Ip}", userIp ?? "unknown");
 
@@ -72,11 +72,12 @@ namespace Api.Services
             }
 
             // Optional strictness (usually v3): action/hostname checks
-            if (!string.IsNullOrWhiteSpace(_opt.ExpectedAction) &&
-                !string.Equals(_opt.ExpectedAction, data.action, StringComparison.Ordinal))
+            var actionToCheck = !string.IsNullOrWhiteSpace(expectedAction) ? expectedAction : _opt.ExpectedAction;
+            if (!string.IsNullOrWhiteSpace(actionToCheck) &&
+                !string.Equals(actionToCheck, data.action, StringComparison.Ordinal))
             {
                 _log.LogWarning("Captcha action mismatch. Expected={Expected}, Actual={Actual}, IP={Ip}",
-                    _opt.ExpectedAction, data.action, userIp ?? "unknown");
+                    actionToCheck, data.action, userIp ?? "unknown");
                 return new CaptchaVerdictModel(false, "Captcha action mismatch", data.score);
             }