testing hcaptcha for contact form

2025-04-24 17:22:35 +02:00 · 2020-11-25 18:54:04 -06:00 · 2020-11-25 18:54:04 -06:00 · 79cdd06b19
commit 79cdd06b19
parent a2a46d406e
8 changed files with 20 additions and 4 deletions
--- a/1
+++ b/1
@ -53,6 +53,7 @@ gem 'activesupport'
 gem 'facter', require: nil
 gem 'maxmind-db'
 gem 'json', '>= 2.3.0'
+gem 'hcaptcha'

 group :development, :test do
  gem 'pry'
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -84,6 +84,8 @@ GEM
    geoip (1.6.4)
    hashdiff (1.0.0)
    hashie (3.6.0)
+    hcaptcha (7.0.1)
+      json
    highline (2.0.2)
    hiredis (0.6.3)
    hoe (3.22.1)
@ -308,6 +310,7 @@ DEPENDENCIES
  filesize
  gandi
  geoip
+  hcaptcha
  hiredis
  hoe
  htmlentities
--- a/app.rb
+++ b/app.rb
@ -11,6 +11,8 @@ use Rack::Session::Cookie, key:          'neocities',

 use Rack::TempfileReaper

+include Hcaptcha::Adapters::ControllerMethods
+
 helpers do
  def site_change_file_display_class(filename)
    return 'html' if filename.match(Site::HTML_REGEX)
@ -21,6 +23,8 @@ helpers do
  def csrf_token_input_html
    %{<input name="csrf_token" type="hidden" value="#{csrf_token}">}
  end
+
+  include Hcaptcha::Adapters::ViewMethods
 end

 set :protection, :frame_options => "DENY"
--- a/app/contact.rb
+++ b/app/contact.rb
@ -9,7 +9,7 @@ post '/contact' do
    @errors << 'Please fill out all fields'
  end

-  if !recaptcha_valid?
+  unless verify_hcaptcha
    @errors << 'Captcha was not filled out (or was filled out incorrectly)'
  end

--- a/config.yml.template
+++ b/config.yml.template
@ -5,6 +5,8 @@ development:
  session_secret: "SECRET GOES HERE"
  recaptcha_public_key: "6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI"
  recaptcha_private_key: "6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe"
+  hcaptcha_site_key: sitekey
+  hcaptcha_secret_key: secret
  sidekiq_user: "ENTER USER HERE"
  sidekiq_pass: "ENTER PASS HERE"
  stripe_publishable_key: "ENTER KEY HERE"
--- a/config.yml.travis
+++ b/config.yml.travis
@ -21,3 +21,5 @@ screenshot_urls:
 cache_control_ips:
  - 1.2.3.4
  - 4.5.6.7
+hcaptcha_site_key: sitekey
+hcaptcha_secret_key: secret
--- a/environment.rb
+++ b/environment.rb
@ -163,3 +163,8 @@ $gandi = Gandi::Session.new $config['gandi_api_key'], gandi_opts
 $image_optim = ImageOptim.new pngout: false, svgo: false

 Money.locale_backend = nil
+
+Hcaptcha.configure do |config|
+  config.site_key   = $config['hcaptcha_site_key']
+  config.secret_key = $config['hcaptcha_secret_key']
+end
--- a/views/contact.erb
+++ b/views/contact.erb
@ -253,9 +253,8 @@
      <textarea name="body" id="your_comments" class="col-75" rows="10"><%= params[:body] %></textarea>

      <label>Fill out the captcha so we know you’re not a robot:</label>
-      <div id="captcha-input" class="g-recaptcha"
-           data-sitekey="<%= $config['recaptcha_public_key'] %>"
-           data-theme="light" data-placement="left" data-trigger="manual">
+      <div id="captcha-input" class="g-recaptcha">
+        <%== hcaptcha_tags %>
      </div>

      <input class="btn-Action" type="submit" value="Send">