zydronium/neocities
1
0
Fork 0
mirror of https://github.com/neocities/neocities.git synced 2025-04-24 17:22:35 +02:00
Code Issues Projects Releases Packages Wiki Activity

replace recaptch with hcaptcha

Browse source
This commit is contained in:
Kyle Drake 2021-12-03 12:04:00 -06:00
parent 6d87c80df1
commit bc0addb27b
14 changed files with 46 additions and 63 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Gemfile
View file

@ -81,5 +81,5 @@ group :test do
gem 'mock_redis'
gem 'simplecov', require: nil
gem 'm'
gem 'apparition'
gem 'apparition', github: 'twalpole/apparition', ref: 'ca86be4d54af835d531dbcd2b86e7b2c77f85f34'
end

28
Gemfile.lock
View file

@ -10,6 +10,15 @@ GIT
rack (>= 1.6)
uuidtools (~> 2.1.1)
GIT
remote: https://github.com/twalpole/apparition.git
revision: ca86be4d54af835d531dbcd2b86e7b2c77f85f34
ref: ca86be4d54af835d531dbcd2b86e7b2c77f85f34
specs:
apparition (0.6.0)
capybara (~> 3.13, < 4)
websocket-driver (>= 0.6.5)
GEM
remote: https://rubygems.org/
specs:
@ -26,20 +35,18 @@ GEM
annoy (0.5.6)
highline (>= 1.5.0)
ansi (1.5.0)
apparition (0.5.0)
capybara (~> 3.13, < 4)
websocket-driver (>= 0.6.5)
base32 (0.3.2)
bcrypt (3.1.13)
builder (3.2.3)
byebug (11.0.1)
capybara (3.32.2)
capybara (3.36.0)
addressable
matrix
mini_mime (>= 0.1.3)
nokogiri (~> 1.8)
rack (>= 1.6.0)
rack-test (>= 0.6.3)
regexp_parser (~> 1.5)
regexp_parser (>= 1.5, < 3.0)
xpath (~> 3.2)
certified (1.0.0)
climate_control (0.2.0)
@ -128,13 +135,14 @@ GEM
ffi (>= 0.6.3)
mail (2.7.1)
mini_mime (>= 0.1.1)
matrix (0.4.2)
maxmind-db (1.0.0)
metaclass (0.0.4)
method_source (0.9.2)
mime-types (3.3)
mime-types-data (~> 3.2015)
mime-types-data (3.2019.0904)
mini_mime (1.0.2)
mini_mime (1.1.2)
mini_portile2 (2.5.3)
minitest (5.11.3)
minitest-reporters (1.3.8)
@ -178,7 +186,7 @@ GEM
public_suffix (4.0.6)
puma (5.5.1)
nio4r (~> 2.0)
racc (1.5.2)
racc (1.6.0)
rack (2.2.3)
rack-cache (1.9.0)
rack (>= 0.4)
@ -196,7 +204,7 @@ GEM
redis (3.3.5)
redis-namespace (1.6.0)
redis (>= 3.0.4)
regexp_parser (1.7.1)
regexp_parser (2.1.1)
rest-client (2.1.0)
http-accept (>= 1.7.0, < 2.0)
http-cookie (>= 1.0.2, < 2.0)
@ -278,7 +286,7 @@ GEM
addressable (>= 2.3.6)
crack (>= 0.3.2)
hashdiff
websocket-driver (0.7.2)
websocket-driver (0.7.5)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.5)
will_paginate (3.1.8)
@ -296,7 +304,7 @@ DEPENDENCIES
acme-client (~> 2.0.0)
activesupport
addressable (>= 2.8.0)
apparition
apparition!
base32
bcrypt
capybara

4
app.rb
View file

@ -25,7 +25,7 @@ helpers do
def hcaptcha_input
%{
<script src="https://hcaptcha.com/1/api.js" async defer></script>
<div class="h-captcha" data-sitekey="#{$config['hcaptcha_site_key']}"></div>
<div id="captcha_input" class="h-captcha" data-sitekey="#{$config['hcaptcha_site_key']}"></div>
}
end
end
@ -89,7 +89,7 @@ after do
end
#after do
#response.headers['Content-Security-Policy'] = %{block-all-mixed-content; default-src 'self'; connect-src 'self' https://api.stripe.com; frame-src https://www.google.com/recaptcha/ https://js.stripe.com; script-src 'self' 'unsafe-inline' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://js.stripe.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: }
#response.headers['Content-Security-Policy'] = %{block-all-mixed-content; default-src 'self'; connect-src 'self' https://api.stripe.com https://assets.hcaptcha.com; frame-src https://assets.hcaptcha.com https://js.stripe.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://hcaptcha.com https://assets.hcaptcha.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: }
#end
not_found do

9
app/create.rb
View file

@ -12,11 +12,12 @@ post '/create_validate_all' do
site = Site.new fields
if site.valid?
return [].to_json if education_whitelisted? || params[:'g-recaptcha-response'] || self.class.test?
return [['captcha', 'Please complete the captcha.']].to_json
return [].to_json if education_whitelisted?
end
site.errors.collect {|e| [e.first, e.last.first]}.to_json
resp = site.errors.collect {|e| [e.first, e.last.first]}
resp << ['captcha', 'Please complete the captcha.'] if params[:'h-captcha-response'].empty? && !self.class.test?
resp.to_json
end
post '/create_validate' do
@ -65,7 +66,7 @@ post '/create' do
if education_whitelisted?
@site.email_confirmed = true
else
if !recaptcha_valid?
if !hcaptcha_valid?
flash[:error] = 'The captcha was not valid, please try again.'
return {result: 'error'}.to_json
end

18
app_helpers.rb
View file

@ -118,24 +118,6 @@ def flash_display(opts={})
erb :'_flash', layout: false, locals: {opts: opts}
end
def recaptcha_valid?
return true if ENV['RACK_ENV'] == 'test' || ENV['TRAVIS']
return false unless params[:'g-recaptcha-response']
resp = Net::HTTP.get URI(
'https://www.google.com/recaptcha/api/siteverify?'+
Rack::Utils.build_query(
secret: $config['recaptcha_private_key'],
response: params[:'g-recaptcha-response']
)
)
if JSON.parse(resp)['success'] == true
true
else
false
end
end
def hcaptcha_valid?
return true if ENV['RACK_ENV'] == 'test' || ENV['TRAVIS']
return false unless params[:'h-captcha-response']

10
config.yml.template
View file

@ -3,10 +3,8 @@ development:
database_pool: 1
redis_url: "redis://localhost"
session_secret: "SECRET GOES HERE"
recaptcha_public_key: "6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI"
recaptcha_private_key: "6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe"
hcaptcha_site_key: sitekey
hcaptcha_secret_key: secret
hcaptcha_site_key: "10000000-ffff-ffff-ffff-000000000001"
hcaptcha_secret_key: "0x0000000000000000000000000000000000000000"
sidekiq_user: "ENTER USER HERE"
sidekiq_pass: "ENTER PASS HERE"
stripe_publishable_key: "ENTER KEY HERE"
@ -32,8 +30,8 @@ test:
database: 'postgres://localhost/neocities_test'
database_pool: 1
session_secret: "SECRET GOES HERE"
recaptcha_public_key: "ENTER PUBLIC KEY HERE"
recaptcha_private_key: "ENTER PRIVATE KEY HERE"
hcaptcha_site_key: "10000000-ffff-ffff-ffff-000000000001"
hcaptcha_secret_key: "0x0000000000000000000000000000000000000000"
sidekiq_user: "ENTER USER HERE"
sidekiq_pass: "ENTER PASS HERE"
stripe_publishable_key: "ENTER KEY HERE"

6
config.yml.travis
View file

@ -1,8 +1,6 @@
database: 'postgres://postgres@localhost/travis_ci_test'
database_pool: 1
session_secret: 's3cr3t'
recaptcha_public_key: '1234'
recaptcha_private_key: '5678'
email_unsubscribe_token: "somethingrandomderrrrp"
paypal_api_username: derp
paypal_api_password: ing
@ -21,5 +19,5 @@ screenshot_urls:
cache_control_ips:
- 1.2.3.4
- 4.5.6.7
hcaptcha_site_key: sitekey
hcaptcha_secret_key: secret
hcaptcha_site_key: "10000000-ffff-ffff-ffff-000000000001"
hcaptcha_secret_key: "0x0000000000000000000000000000000000000000"

5
sass/_project-sass/_project-Main.scss
View file

@ -2288,3 +2288,8 @@ pre, code {
position: fixed!important;
top: 105px!important;
}
.h-captcha iframe {
width: 90% !important;
border-radius: 10px;
}

6
sass/_tidy.scss
View file

@ -34,9 +34,3 @@ textarea {
input[type=submit] {
margin-top: 10px;
}
.recaptcha {
background: #fff;
width: 440px;
overflow: auto;
}

4
tests/acceptance/password_reset_tests.rb
View file

@ -73,13 +73,13 @@ describe '/password_reset' do
visit "/password_reset_confirm?#{Rack::Utils.build_query username: @site.username, token: @site.reload.password_reset_token}"
page.current_url.must_match /.+\/settings$/
page.current_url.must_match /.+\/settings#password/
fill_in 'new_password', with: 'n3wp4s$'
fill_in 'new_password_confirm', with: 'n3wp4s$'
click_button 'Change Password'
page.current_url.must_match /.+\/settings$/
page.current_url.must_match /.+\/settings#password/
page.must_have_content 'Successfully changed password'
Site.valid_login?(@site.username, 'n3wp4s$').must_equal true
page.get_rack_session['id'].must_equal @site.id

3
views/_index_signup_script.erb
View file

@ -15,8 +15,9 @@
} else {
for(var i=0; i<errors.length;i++) {
if(errors[i][0] == 'captcha') {
var captchaDiv = $('#captcha-input')
var captchaDiv = $('#captcha_input')
captchaDiv.attr('data-original-title', errors[i][1])
captchaDiv.attr('data-placement', 'left')
captchaDiv.tooltip('show')
} else {
var ele = $('input[name='+errors[i][0]+']')

2
views/dmca.erb
View file

@ -1,5 +1,3 @@
<script src='https://www.google.com/recaptcha/api.js'></script>
<div class="header-Outro">
<div class="row content single-Col">
<h1>DMCA Takedown Contact</h1>

11
views/index.erb
View file

@ -53,7 +53,7 @@
<div class="col intro">
<h2 class="section-header">Create your own free website.<br>Unlimited creativity, zero ads.</h2>
<p class="intro-text">
Neocities is a social network of <a href="/browse"><%= @sites_count.to_s.reverse.gsub(/...(?=.)/,'\&,').reverse %> web sites</a> that are bringing back the lost individual creativity of the web. We offer free static web hosting and tools that allow you to create your own web site. Join us!
Neocities is a social network of <a href="/browse"><%= @sites_count.to_s.reverse.gsub(/...(?=.)/,'\&,').reverse %> web sites</a> that are bringing back the lost individual creativity of the web. We offer free static web hosting and tools that allow you to create your own web site. Join us!
</p>
<ul class="intro-List">
<li class="intro-Tools">
@ -61,6 +61,7 @@
<h3 class="delta">Powerful features to help you build</h3>
<p class="base">
Weve made it easy to build your web site and explore other sites. Neocities features an in-browser HTML editor, a <a href="/cli">command line tool</a>, custom domain support, fast site performance, easy file uploading, RSS feeds, folder support, and so much more.
</p>
</li>
<li class="intro-Social">
@ -126,14 +127,11 @@
autocorrect="off" autocomplete="off" />
</div>
<div class="col col-50" style="padding-left:0;">
<div class="col col-50" style="padding-left:0">
<label>
Confirm you are human
</label>
<div id="captcha-input" class="g-recaptcha"
data-sitekey="<%= $config['recaptcha_public_key'] %>"
data-theme="dark" data-placement="left" data-trigger="manual">
</div>
<%== hcaptcha_input %>
</div>
<div class="col col-50">
@ -142,6 +140,7 @@
</div>
</div>
</div>
</fieldset>
</form>

1
views/index_layout.erb
View file

@ -37,7 +37,6 @@
<![endif]-->
<script src="/js/jquery-1.11.0.min.js"></script>
<script src='https://www.google.com/recaptcha/api.js'></script>
</head>
<%== yield %>