zydronium/neocities
1
0
Fork 0
mirror of https://github.com/neocities/neocities.git synced 2025-04-24 17:22:35 +02:00
Code Issues Projects Releases Packages Wiki Activity

implement new recaptcha

Browse source
This commit is contained in:
Kyle Drake 2014-12-15 12:25:08 -08:00
parent 8630e5d431
commit 010a1dd994
3 changed files with 51 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
app/create.rb
View file

@ -1,9 +1,32 @@
def new_recaptcha_valid?
return session[:captcha_valid] = true if ENV['RACK_ENV'] == 'test'
resp = Net::HTTP.get URI(
'https://www.google.com/recaptcha/api/siteverify?'+
Rack::Utils.build_query(
secret: $config['recaptcha_private_key'],
response: params[:'g-recaptcha-response']
)
)
if JSON.parse(resp)['success'] == true
session[:captcha_valid] = true
true
else
false
end
end
post '/create_validate_all' do post '/create_validate_all' do
content_type :json content_type :json
fields = params.select {|p| p.match /^username$|^password$|^email$|^new_tags_string$/} fields = params.select {|p| p.match /^username$|^password$|^email$|^new_tags_string$/}
site = Site.new fields site = Site.new fields
return [].to_json if site.valid?
if site.valid?
return [].to_json if new_recaptcha_valid?
return [['captcha', 'Please complete the captcha.']].to_json
end
site.errors.collect {|e| [e.first, e.last.first]}.to_json site.errors.collect {|e| [e.first, e.last.first]}.to_json
end end
@ -39,25 +62,20 @@ post '/create' do
ip: request.ip ip: request.ip
) )
black_box_answered = BlackBox.valid? params[:blackbox_answer], request.ip if session[:captcha_valid] != true
question_answered_correctly = params[:question_answer] == session[:question_answer] flash[:error] = 'The captcha was not valid, please try again.'
return {result: 'error'}.to_json
if !question_answered_correctly
question_first_number, question_last_number = generate_question
return {
result: 'bad_answer',
question_first_number: question_first_number,
question_last_number: question_last_number
}.to_json
end end
if !black_box_answered || !@site.valid? || Site.ip_create_limit?(request.ip) if !@site.valid? || Site.ip_create_limit?(request.ip)
flash[:error] = 'There was an unknown error, please try again.' flash[:error] = 'There was an unknown error, please try again.'
return {result: 'error'}.to_json return {result: 'error'}.to_json
end end
@site.save @site.save
session[:captcha_valid] = nil
EmailWorker.perform_async({ EmailWorker.perform_async({
from: 'web@neocities.org', from: 'web@neocities.org',
reply_to: 'contact@neocities.org', reply_to: 'contact@neocities.org',

1
tests/acceptance/signup_tests.rb
View file

@ -8,7 +8,6 @@ describe 'signup' do
fill_in 'username', with: @site[:username] fill_in 'username', with: @site[:username]
fill_in 'password', with: @site[:password] fill_in 'password', with: @site[:password]
fill_in 'email', with: @site[:email] fill_in 'email', with: @site[:email]
fill_in 'question_answer', with: 2
end end
def click_signup_button def click_signup_button

35
views/index.erb
View file

@ -37,6 +37,7 @@
<![endif]--> <![endif]-->
<script src="/js/jquery-1.11.0.min.js"></script> <script src="/js/jquery-1.11.0.min.js"></script>
<script src='https://www.google.com/recaptcha/api.js'></script>
</head> </head>
<body class="hp"><a id="new"></a> <body class="hp"><a id="new"></a>
@ -116,9 +117,9 @@
<div class="header-Outro"> <div class="header-Outro">
<div class="row header-Content content"> <div class="row header-Content content">
<div class="col intro"> <div class="col intro">
<h2 class="section-header">Create your own free web site.</h2> <h2 class="section-header">Create your own free web site, and discover new ones.</h2>
<p class="intro-text"> <p class="intro-text">
Neocities is a community of <a href="/browse"><%= @sites_count.to_s.reverse.gsub(/...(?=.)/,'\&,').reverse %> sites</a> that are bringing back the lost individual creativity of the web by giving everyone in the world a free web site. Anyone can make a site—only your imagination is required. Join us! Neocities is a community of <a href="/browse"><%= @sites_count.to_s.reverse.gsub(/...(?=.)/,'\&,').reverse %> sites</a> that are bringing back the lost individual creativity of the web by giving everyone in the world free web space. Anyone can make a site—only your imagination is required. Join us!
</p> </p>
<ul class="intro-List"> <ul class="intro-List">
<li class="intro-Social"> <li class="intro-Social">
@ -155,7 +156,6 @@
<% else %> <% else %>
<form id="createSiteForm" class="signup-Form" onsubmit="return false"> <form id="createSiteForm" class="signup-Form" onsubmit="return false">
<input type="hidden" name="csrf_token" value="<%= csrf_token %>"> <input type="hidden" name="csrf_token" value="<%= csrf_token %>">
<input type="hidden" name="blackbox_answer" value="">
<fieldset class="content"> <fieldset class="content">
<h2 class="gamma">Sign up for free</h2> <h2 class="gamma">Sign up for free</h2>
<hr /> <hr />
@ -180,14 +180,16 @@
</div> </div>
<div class="col col-50" style="padding-left:0;"> <div class="col col-50" style="padding-left:0;">
<label for="question_answer-input"><%= @question_first_number %> + <%= @question_last_number %> =</label> <label for="g-recaptcha">Confirm you are human</label>
<input type="text" class="input-Area" name="question_answer" placeholder="" data-placement="left" data-trigger="manual" autocapitalize="off" autocorrect="off" autocomplete="off" maxlength="2" style="width: 50%;" /> <div id="captcha-input" class="g-recaptcha" data-sitekey="<%= $config['recaptcha_public_key'] %>" data-theme="dark" data-placement="left" data-trigger="manual"></div>
</div> </div>
<div class="col col-50"> <div class="col col-50">
<div style="margin-top: 15px">
<input type="submit" value="Create My Site" class="btn-Action float-Right" /> <input type="submit" value="Create My Site" class="btn-Action float-Right" />
</div> </div>
</div> </div>
</div>
</fieldset> </fieldset>
</form> </form>
@ -379,35 +381,28 @@
<script> <script>
$('#createSiteForm').on('submit', function(obj) { $('#createSiteForm').on('submit', function(obj) {
$("input[name=blackbox_answer]").val("<%= @blackbox_question %>")
$.post('/create_validate_all', $(obj.target).serialize(), function(errors) { $.post('/create_validate_all', $(obj.target).serialize(), function(errors) {
if(errors.length == 0) { if(errors.length == 0) {
$.post('/create', $('#createSiteForm').serialize(), function(res) { $.post('/create', $('#createSiteForm').serialize(), function(res) {
if(res.result == 'ok')
location.reload() location.reload()
else if(res.result == 'bad_answer') {
$('label[for=question_answer-input]').text(res.question_first_number+' + '+res.question_last_number+' = ')
var input = $('input[name=question_answer]')
input.attr('data-original-title', 'Please answer the question correctly.')
input.tooltip('show')
} else {
location.reload()
}
}) })
} } else {
for(var i=0; i<errors.length;i++) { for(var i=0; i<errors.length;i++) {
if(errors[i][0] == 'captcha') {
var captchaDiv = $('#captcha-input')
captchaDiv.attr('data-original-title', errors[i][1])
captchaDiv.tooltip('show')
} else {
var ele = $('input[name='+errors[i][0]+']') var ele = $('input[name='+errors[i][0]+']')
ele.attr('data-original-title', errors[i][1]) ele.attr('data-original-title', errors[i][1])
ele.tooltip('show') ele.tooltip('show')
} }
}
}
}) })
}) })
$('input[type=text],input[type=password]').on('change focusout', function(obj) { $('input[type=text],input[type=password]').on('change focusout', function(obj) {
if(obj.target.name == 'question_answer')
return
$.post('/create_validate', {field: obj.target.name, value: obj.target.value, csrf_token: '<%= csrf_token %>'}, function(res) { $.post('/create_validate', {field: obj.target.name, value: obj.target.value, csrf_token: '<%= csrf_token %>'}, function(res) {
if(res.result == 'ok') { if(res.result == 'ok') {
return $(obj.target).tooltip('hide') return $(obj.target).tooltip('hide')