From 79cdd06b190990810913bb0e9463087456e6887f Mon Sep 17 00:00:00 2001
From: Kyle Drake <kyle@kyledrake.net>
Date: Wed, 25 Nov 2020 18:54:04 -0600
Subject: [PATCH] testing hcaptcha for contact form

---
 Gemfile             | 1 +
 Gemfile.lock        | 3 +++
 app.rb              | 4 ++++
 app/contact.rb      | 2 +-
 config.yml.template | 2 ++
 config.yml.travis   | 2 ++
 environment.rb      | 5 +++++
 views/contact.erb   | 5 ++---
 8 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/Gemfile b/Gemfile
index 95f14649..1e1de60e 100644
--- a/Gemfile
+++ b/Gemfile
@@ -53,6 +53,7 @@ gem 'activesupport'
 gem 'facter', require: nil
 gem 'maxmind-db'
 gem 'json', '>= 2.3.0'
+gem 'hcaptcha'
 
 group :development, :test do
   gem 'pry'
diff --git a/Gemfile.lock b/Gemfile.lock
index 6d14330e..76297558 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -84,6 +84,8 @@ GEM
     geoip (1.6.4)
     hashdiff (1.0.0)
     hashie (3.6.0)
+    hcaptcha (7.0.1)
+      json
     highline (2.0.2)
     hiredis (0.6.3)
     hoe (3.22.1)
@@ -308,6 +310,7 @@ DEPENDENCIES
   filesize
   gandi
   geoip
+  hcaptcha
   hiredis
   hoe
   htmlentities
diff --git a/app.rb b/app.rb
index c0550b00..c228217d 100644
--- a/app.rb
+++ b/app.rb
@@ -11,6 +11,8 @@ use Rack::Session::Cookie, key:          'neocities',
 
 use Rack::TempfileReaper
 
+include Hcaptcha::Adapters::ControllerMethods
+
 helpers do
   def site_change_file_display_class(filename)
     return 'html' if filename.match(Site::HTML_REGEX)
@@ -21,6 +23,8 @@ helpers do
   def csrf_token_input_html
     %{<input name="csrf_token" type="hidden" value="#{csrf_token}">}
   end
+
+  include Hcaptcha::Adapters::ViewMethods
 end
 
 set :protection, :frame_options => "DENY"
diff --git a/app/contact.rb b/app/contact.rb
index 16de1e5a..d489d522 100644
--- a/app/contact.rb
+++ b/app/contact.rb
@@ -9,7 +9,7 @@ post '/contact' do
     @errors << 'Please fill out all fields'
   end
 
-  if !recaptcha_valid?
+  unless verify_hcaptcha
     @errors << 'Captcha was not filled out (or was filled out incorrectly)'
   end
 
diff --git a/config.yml.template b/config.yml.template
index f9fa4ad9..6b8551a5 100644
--- a/config.yml.template
+++ b/config.yml.template
@@ -5,6 +5,8 @@ development:
   session_secret: "SECRET GOES HERE"
   recaptcha_public_key: "6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI"
   recaptcha_private_key: "6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe"
+  hcaptcha_site_key: sitekey
+  hcaptcha_secret_key: secret
   sidekiq_user: "ENTER USER HERE"
   sidekiq_pass: "ENTER PASS HERE"
   stripe_publishable_key: "ENTER KEY HERE"
diff --git a/config.yml.travis b/config.yml.travis
index b3826b9d..173757c3 100644
--- a/config.yml.travis
+++ b/config.yml.travis
@@ -21,3 +21,5 @@ screenshot_urls:
 cache_control_ips:
   - 1.2.3.4
   - 4.5.6.7
+hcaptcha_site_key: sitekey
+hcaptcha_secret_key: secret
\ No newline at end of file
diff --git a/environment.rb b/environment.rb
index 0ee48d29..94c05e1c 100644
--- a/environment.rb
+++ b/environment.rb
@@ -163,3 +163,8 @@ $gandi = Gandi::Session.new $config['gandi_api_key'], gandi_opts
 $image_optim = ImageOptim.new pngout: false, svgo: false
 
 Money.locale_backend = nil
+
+Hcaptcha.configure do |config|
+  config.site_key   = $config['hcaptcha_site_key']
+  config.secret_key = $config['hcaptcha_secret_key']
+end
\ No newline at end of file
diff --git a/views/contact.erb b/views/contact.erb
index f8b64c40..e6eb84ad 100644
--- a/views/contact.erb
+++ b/views/contact.erb
@@ -253,9 +253,8 @@
       <textarea name="body" id="your_comments" class="col-75" rows="10"><%= params[:body] %></textarea>
 
       <label>Fill out the captcha so we know you’re not a robot:</label>
-      <div id="captcha-input" class="g-recaptcha"
-           data-sitekey="<%= $config['recaptcha_public_key'] %>"
-           data-theme="light" data-placement="left" data-trigger="manual">
+      <div id="captcha-input" class="g-recaptcha">
+        <%== hcaptcha_tags %>
       </div>
 
       <input class="btn-Action" type="submit" value="Send">