Merge branch 'api' into 'production'

Adds captcha for api Adds captcha for api See merge request !8

Merge branch 'api' into 'production'
Adds captcha for api Adds captcha for api See merge request !8
Evandro Jr
2 parents 29917cb1 26873359
Showing 4 changed files with 37 additions and 26 deletions Show diff stats
config/noosfero.yml.dist
lib/noosfero/api/helpers.rb
lib/noosfero/api/session.rb
test/unit/api/session_test.rb
@@ -11,14 +11,21 @@ development:
   max_upload_size: 5MB
   hours_until_user_activation_check: 72
   exclude_profile_identifier_pattern: index(\..*)?|home(\..*)?
-  api_recaptcha_site_key:      '6LdsWAcTAAAAAChTUUD6yu9fCDhdIZzNd7F53zf-'
-  api_recaptcha_private_key:   '6LdsWAcTAAAAAB6maB_HalVyCc4asDAxPxloIMvY'
-  api_recaptcha_verify_uri:    'https://www.google.com/recaptcha/api/siteverify'  
+#noosfero.com
+  api_recaptcha_site_key:       '6LdsWAcTAAAAAChTUUD6yu9fCDhdIZzNd7F53zf-'
+#noosfero.com
+  api_recaptcha_private_key:    '6LdsWAcTAAAAAB6maB_HalVyCc4asDAxPxloIMvY'
+  api_recaptcha_v1_verify_uri:  'https://www.google.com/recaptcha/api/verify'
+  api_recaptcha_v2_verify_uri:  'https://www.google.com/recaptcha/api/siteverify'
 test:
 production:
-  api_recaptcha_site_key:      '6LcLPAcTAAAAAKsd0bxY_TArhD_A7OL19SRCW7_i'
-  api_recaptcha_private_key:   '6LcLPAcTAAAAAE36SN1M2w1I7Hn8upwXYZ_YQZ5-'
-  api_recaptcha_verify_uri:    'https://www.google.com/recaptcha/api/siteverify'
+#dialoga
+  api_recaptcha_site_key:       '6LcLPAcTAAAAAKsd0bxY_TArhD_A7OL19SRCW7_i'
+#dialoga
+  api_recaptcha_private_key:    '6LcLPAcTAAAAAE36SN1M2w1I7Hn8upwXYZ_YQZ5-'
+  api_recaptcha_v1_verify_uri:  'https://www.google.com/recaptcha/api/verify'
+  api_recaptcha_v2_verify_uri:  'https://www.google.com/recaptcha/api/siteverify'
+
 \ No newline at end of file
@@ -114,7 +114,6 @@ module Noosfero
       end
       def verify_recaptcha_v2(remote_ip, g_recaptcha_response, private_key, api_recaptcha_verify_uri)
-        binding.pry
         verify_hash = {
             "secret"    => private_key,
             "remoteip"  => remote_ip,
@@ -125,7 +124,8 @@ module Noosfero
         https.use_ssl = true
         request = Net::HTTP::Post.new(uri.path)
         request.set_form_data(verify_hash)
-        JSON.parse(https.request(request).body)
+        captcha_result = JSON.parse(https.request(request).body)
+        captcha_result["success"] ? true : captcha_result
       end
       ##########################################
@@ -218,7 +218,6 @@ module Noosfero
       end
       def verify_recaptcha_v1(remote_ip, recaptcha_response_field, private_key, recaptcha_challenge_field, api_recaptcha_verify_uri)
-        binding.pry
         verify_hash = {
             "privatekey"  => private_key,
             "remoteip"    => remote_ip,
@@ -230,11 +229,8 @@ module Noosfero
         https.use_ssl = true
         request = Net::HTTP::Post.new(uri.path)
         request.set_form_data(verify_hash)
-        if https.request(request).body == "true\nsuccess"
-            captcha_result["success"]=true
-        else
-            captcha_result["success"]=false
-        end
+        body = https.request(request).body
+        body == "true\nsuccess" ? true : body
       end
     end
@@ -36,23 +36,28 @@ module Noosfero
         requires :password, type: String, desc: _("Password")
       end
       post "/register" do
-        binding.pry
         unique_attributes! User, [:email, :login]
         attrs = attributes_for_keys [:email, :login, :password] + environment.signup_person_fields
         attrs[:password_confirmation] = attrs[:password]
-
         remote_ip = (request.respond_to?(:remote_ip) && request.remote_ip) || (env && env['REMOTE_ADDR'])
         private_key = API.NOOSFERO_CONF['api_recaptcha_private_key']
-        api_recaptcha_verify_uri = API.NOOSFERO_CONF['api_recaptcha_verify_uri']
-
-#        "recaptcha_challenge_field" => "03AHJ_VutRW6eOgTKZyK-77J96k121W0fUHIEvThyCPtqG2FUPBWzidBOqptzk0poh_UkMNPxAd_m0CqUz1Dip-6uV_zlwlviaXXvymwCFXPaWuvvyUfZ3LvZy6M1CoPfbhOQZjTkf_VNjlVnCRuuJXmGy4MhhuJ8om1J_R2C_oIAfP3KbpmlqLXU5nLlE7WpW-h-OhRTQzupTo9UL-4-ZDRk1bMkCSEJnwYUomOboqFBEpJBv0iaOCaSnu9_UKObmWmpbQZSHxYK7",
-#            "recaptcha_response_field" => "1221"
-
-        #captcha_result = verify_recaptcha_v2(remote_ip, params['g-recaptcha-response'], private_key, api_recaptcha_verify_uri)
-        captcha_result = verify_recaptcha_v1(remote_ip, params['recaptcha_response_field'], private_key, params['recaptcha_challenge_field'], api_recaptcha_verify_uri)
-        binding.pry
-        user = User.new(attrs)  
-        if captcha_result["success"] and user.save
+        api_recaptcha_verify_uri = API.NOOSFERO_CONF['api_recaptcha_v1_verify_uri']
+        # TODO: FIX THAT
+        # TEST WILL NOT STUB WITHOUT Noosfero::API::APIHelpers
+        # Leave with the full namespace otherwise the stub for the test will fail
+        begin
+          # This will run from test
+          captcha_result = Noosfero::API::APIHelpers.verify_recaptcha_v1(remote_ip, params['recaptcha_response_field'], private_key, params['recaptcha_challenge_field'], api_recaptcha_verify_uri)
+        rescue NoMethodError
+          # Normal execution
+          captcha_result = verify_recaptcha_v1(remote_ip, params['recaptcha_response_field'], private_key, params['recaptcha_challenge_field'], api_recaptcha_verify_uri)
+        end
+        unless  captcha_result === true
+          render_api_error!(_('Please solve the test in order to register.'), 400)
+          return
+        end
+        user = User.new(attrs)
+        if  user.save
           user.activate
           user.generate_private_token!
           present user, :with => Entities::UserLogin
 require File.dirname(__FILE__) + '/test_helper'
+require "#{Rails.root}/lib/noosfero/api/helpers.rb"
+include Noosfero::API::APIHelpers
 class SessionTest < ActiveSupport::TestCase
   def setup
     login_api
+    Noosfero::API::APIHelpers.stubs(:verify_recaptcha_v1).returns(true)
   end
   should 'generate private token when login' do