From dae2466487961a169d40031331261bf8faa04b30 Mon Sep 17 00:00:00 2001
From: Kyle Drake <kyle@kyledrake.net>
Date: Wed, 21 Feb 2018 09:29:00 -0800
Subject: [PATCH] switch to captcha v2 api

---
 Gemfile           |  1 -
 Gemfile.lock      |  5 +----
 app.rb            |  2 --
 app/contact.rb    |  2 +-
 app/create.rb     | 20 +-------------------
 app_helpers.rb    | 18 ++++++++++++++++++
 views/contact.erb | 11 ++++-------
 views/dmca.erb    | 11 ++++-------
 views/layout.erb  |  4 ----
 9 files changed, 29 insertions(+), 45 deletions(-)

diff --git a/Gemfile b/Gemfile
index b5bfabd0..80ec91b6 100644
--- a/Gemfile
+++ b/Gemfile
@@ -8,7 +8,6 @@ gem 'bcrypt'
 gem 'sinatra-flash',      require: 'sinatra/flash'
 gem 'sinatra-xsendfile',  require: 'sinatra/xsendfile'
 gem 'puma',               require: nil
-gem 'rack-recaptcha',     require: 'rack/recaptcha'
 gem 'rmagick',            require: nil
 gem 'sidekiq', '~> 4.1.2'
 gem 'mail'
diff --git a/Gemfile.lock b/Gemfile.lock
index 40a1a598..2b83e576 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -180,8 +180,6 @@ GEM
       rack (>= 0.4)
     rack-protection (2.0.0)
       rack
-    rack-recaptcha (0.6.6)
-      json
     rack-test (0.8.2)
       rack (>= 1.0, < 3)
     rack_session_access (0.1.1)
@@ -331,7 +329,6 @@ DEPENDENCIES
   pry-byebug
   puma
   rack-cache
-  rack-recaptcha
   rack-test
   rack_session_access
   rake
@@ -363,4 +360,4 @@ DEPENDENCIES
   zipruby
 
 BUNDLED WITH
-   1.16.0
+   1.16.1
diff --git a/app.rb b/app.rb
index 52accc05..c0550b00 100644
--- a/app.rb
+++ b/app.rb
@@ -9,9 +9,7 @@ use Rack::Session::Cookie, key:          'neocities',
                            same_site: :lax,
                            secure: ENV['RACK_ENV'] == 'production'
 
-use Rack::Recaptcha, public_key: $config['recaptcha_public_key'], private_key: $config['recaptcha_private_key']
 use Rack::TempfileReaper
-helpers Rack::Recaptcha::Helpers
 
 helpers do
   def site_change_file_display_class(filename)
diff --git a/app/contact.rb b/app/contact.rb
index 38920d4b..16de1e5a 100644
--- a/app/contact.rb
+++ b/app/contact.rb
@@ -40,7 +40,7 @@ post '/contact' do
       no_footer: true
     })
 
-    flash[:success] = 'Your contact has been sent.'
+    flash[:success] = 'Your contact message has been sent.'
     redirect '/'
   end
 end
diff --git a/app/create.rb b/app/create.rb
index 9829955b..9609d557 100644
--- a/app/create.rb
+++ b/app/create.rb
@@ -1,21 +1,3 @@
-def new_recaptcha_valid?
-  return true if ENV['RACK_ENV'] == 'test' || ENV['TRAVIS']
-  return false unless params[:'g-recaptcha-response']
-  resp = Net::HTTP.get URI(
-    'https://www.google.com/recaptcha/api/siteverify?'+
-    Rack::Utils.build_query(
-      secret: $config['recaptcha_private_key'],
-      response: params[:'g-recaptcha-response']
-    )
-  )
-
-  if JSON.parse(resp)['success'] == true
-    true
-  else
-    false
-  end
-end
-
 CREATE_MATCH_REGEX = /^username$|^password$|^email$|^new_tags_string$|^is_education$/
 
 def education_whitelisted?
@@ -82,7 +64,7 @@ post '/create' do
   if education_whitelisted?
     @site.email_confirmed = true
   else
-    if !new_recaptcha_valid?
+    if !recaptcha_valid?
       flash[:error] = 'The captcha was not valid, please try again.'
       return {result: 'error'}.to_json
     end
diff --git a/app_helpers.rb b/app_helpers.rb
index 87a76e06..0327f3e9 100644
--- a/app_helpers.rb
+++ b/app_helpers.rb
@@ -122,3 +122,21 @@ end
 def flash_display(opts={})
   erb :'_flash', layout: false, locals: {opts: opts}
 end
+
+def recaptcha_valid?
+  return true if ENV['RACK_ENV'] == 'test' || ENV['TRAVIS']
+  return false unless params[:'g-recaptcha-response']
+  resp = Net::HTTP.get URI(
+    'https://www.google.com/recaptcha/api/siteverify?'+
+    Rack::Utils.build_query(
+      secret: $config['recaptcha_private_key'],
+      response: params[:'g-recaptcha-response']
+    )
+  )
+
+  if JSON.parse(resp)['success'] == true
+    true
+  else
+    false
+  end
+end
diff --git a/views/contact.erb b/views/contact.erb
index 4256a901..90850b00 100644
--- a/views/contact.erb
+++ b/views/contact.erb
@@ -1,8 +1,4 @@
-<script>
-  var RecaptchaOptions = {
-    theme : 'clean'
-  };
-</script>
+<script src='https://www.google.com/recaptcha/api.js'></script>
 
 <div class="header-Outro">
   <div class="row content single-Col">
@@ -227,8 +223,9 @@
       <textarea name="body" id="your_comments" class="col-75" rows="10"><%= params[:body] %></textarea>
 
       <label>Fill out the captcha so we know you’re not a robot:</label>
-      <div class="recaptcha">
-        <%== recaptcha_tag :challenge, ssl: request.ssl? %>
+      <div id="captcha-input" class="g-recaptcha"
+           data-sitekey="<%= $config['recaptcha_public_key'] %>"
+           data-theme="light" data-placement="left" data-trigger="manual">
       </div>
 
       <input class="btn-Action" type="submit" value="Send">
diff --git a/views/dmca.erb b/views/dmca.erb
index 3a2c3174..ae9d6838 100644
--- a/views/dmca.erb
+++ b/views/dmca.erb
@@ -1,8 +1,4 @@
-<script>
-  var RecaptchaOptions = {
-    theme : 'clean'
-  };
-</script>
+<script src='https://www.google.com/recaptcha/api.js'></script>
 
 <div class="header-Outro">
   <div class="row content single-Col">
@@ -51,8 +47,9 @@
       <textarea name="body" id="your_comments" class="col-80" rows="10"><%= params[:body] %></textarea>
 
       <label>Fill out the captcha so we know you’re not a robot:</label>
-      <div class="recaptcha">
-        <%== recaptcha_tag :challenge, ssl: request.ssl? %>
+      <div id="captcha-input" class="g-recaptcha"
+           data-sitekey="<%= $config['recaptcha_public_key'] %>"
+           data-theme="light" data-placement="left" data-trigger="manual">
       </div>
 
       <input class="btn-Action" type="submit" value="Send">
diff --git a/views/layout.erb b/views/layout.erb
index 4979c01c..e46d1924 100644
--- a/views/layout.erb
+++ b/views/layout.erb
@@ -38,10 +38,6 @@
       <script type="text/javascript" src="/js/html5.min.js"></script>
     <![endif]-->
 
-    <script>
-      var RecaptchaOptions = {theme: 'clean'}
-    </script>
-
     <script src="/js/jquery-1.11.0.min.js"></script>
 
     <script src="/js/highlight.pack.js"></script>