From 11b7bff48a20fa384782b9f2516b2dea4f035f6c Mon Sep 17 00:00:00 2001 From: Evandro Junior Date: Fri, 26 Jun 2015 19:37:04 -0300 Subject: [PATCH] captcha server side draft --- lib/noosfero/api/helpers.rb | 21 +++++++++++++++++++++ lib/noosfero/api/session.rb | 20 ++++++++++++-------- 2 files changed, 33 insertions(+), 8 deletions(-) diff --git a/lib/noosfero/api/helpers.rb b/lib/noosfero/api/helpers.rb index a5e3127..c4a6140 100644 --- a/lib/noosfero/api/helpers.rb +++ b/lib/noosfero/api/helpers.rb @@ -114,6 +114,7 @@ module Noosfero end def verify_recaptcha_v2(remote_ip, g_recaptcha_response, private_key, api_recaptcha_verify_uri) + binding.pry verify_hash = { "secret" => private_key, "remoteip" => remote_ip, @@ -216,6 +217,26 @@ module Noosfero begin_period..end_period end + def verify_recaptcha_v1(remote_ip, recaptcha_response_field, private_key, recaptcha_challenge_field, api_recaptcha_verify_uri) + binding.pry + verify_hash = { + "privatekey" => private_key, + "remoteip" => remote_ip, + "challenge" => recaptcha_challenge_field, + "response" => recaptcha_response_field + } + uri = URI(api_recaptcha_verify_uri) + https = Net::HTTP.new(uri.host, uri.port) + https.use_ssl = true + request = Net::HTTP::Post.new(uri.path) + request.set_form_data(verify_hash) + if https.request(request).body == "true\nsuccess" + captcha_result["success"]=true + else + captcha_result["success"]=false + end + end + end end end diff --git a/lib/noosfero/api/session.rb b/lib/noosfero/api/session.rb index 852f796..f35f2b1 100644 --- a/lib/noosfero/api/session.rb +++ b/lib/noosfero/api/session.rb @@ -36,19 +36,23 @@ module Noosfero requires :password, type: String, desc: _("Password") end post "/register" do + binding.pry unique_attributes! User, [:email, :login] attrs = attributes_for_keys [:email, :login, :password] attrs[:password_confirmation] = attrs[:password] - #Commented for stress tests - - # remote_ip = (request.respond_to?(:remote_ip) && request.remote_ip) || (env && env['REMOTE_ADDR']) - # private_key = API.NOOSFERO_CONF['api_recaptcha_private_key'] - # api_recaptcha_verify_uri = API.NOOSFERO_CONF['api_recaptcha_verify_uri'] - # captcha_result = verify_recaptcha_v2(remote_ip, params['g-recaptcha-response'], private_key, api_recaptcha_verify_uri) + remote_ip = (request.respond_to?(:remote_ip) && request.remote_ip) || (env && env['REMOTE_ADDR']) + private_key = API.NOOSFERO_CONF['api_recaptcha_private_key'] + api_recaptcha_verify_uri = API.NOOSFERO_CONF['api_recaptcha_verify_uri'] + +# "recaptcha_challenge_field" => "03AHJ_VutRW6eOgTKZyK-77J96k121W0fUHIEvThyCPtqG2FUPBWzidBOqptzk0poh_UkMNPxAd_m0CqUz1Dip-6uV_zlwlviaXXvymwCFXPaWuvvyUfZ3LvZy6M1CoPfbhOQZjTkf_VNjlVnCRuuJXmGy4MhhuJ8om1J_R2C_oIAfP3KbpmlqLXU5nLlE7WpW-h-OhRTQzupTo9UL-4-ZDRk1bMkCSEJnwYUomOboqFBEpJBv0iaOCaSnu9_UKObmWmpbQZSHxYK7", +# "recaptcha_response_field" => "1221" + + #captcha_result = verify_recaptcha_v2(remote_ip, params['g-recaptcha-response'], private_key, api_recaptcha_verify_uri) + captcha_result = verify_recaptcha_v1(remote_ip, params['recaptcha_response_field'], private_key, params['recaptcha_challenge_field'], api_recaptcha_verify_uri) + binding.pry user = User.new(attrs) -# if captcha_result["success"] and user.save - if user.save + if captcha_result["success"] and user.save user.activate user.generate_private_token! present user, :with => Entities::UserLogin -- libgit2 0.21.2