Commit 80b8212d7a7406640ca9faa1a4af4e0926a0a572
1 parent
4b11c933
Exists in
theme-brasil-digital-from-staging
and in
9 other branches
Downgrade to captcha v1 server side
Showing
2 changed files
with
21 additions
and
20 deletions
Show diff stats
lib/noosfero/api/helpers.rb
| @@ -114,7 +114,6 @@ module Noosfero | @@ -114,7 +114,6 @@ module Noosfero | ||
| 114 | end | 114 | end |
| 115 | 115 | ||
| 116 | def verify_recaptcha_v2(remote_ip, g_recaptcha_response, private_key, api_recaptcha_verify_uri) | 116 | def verify_recaptcha_v2(remote_ip, g_recaptcha_response, private_key, api_recaptcha_verify_uri) |
| 117 | - binding.pry | ||
| 118 | verify_hash = { | 117 | verify_hash = { |
| 119 | "secret" => private_key, | 118 | "secret" => private_key, |
| 120 | "remoteip" => remote_ip, | 119 | "remoteip" => remote_ip, |
| @@ -125,7 +124,8 @@ module Noosfero | @@ -125,7 +124,8 @@ module Noosfero | ||
| 125 | https.use_ssl = true | 124 | https.use_ssl = true |
| 126 | request = Net::HTTP::Post.new(uri.path) | 125 | request = Net::HTTP::Post.new(uri.path) |
| 127 | request.set_form_data(verify_hash) | 126 | request.set_form_data(verify_hash) |
| 128 | - JSON.parse(https.request(request).body) | 127 | + captcha_result = JSON.parse(https.request(request).body) |
| 128 | + captcha_result["success"] ? true : captcha_result | ||
| 129 | end | 129 | end |
| 130 | 130 | ||
| 131 | ########################################## | 131 | ########################################## |
| @@ -218,7 +218,6 @@ module Noosfero | @@ -218,7 +218,6 @@ module Noosfero | ||
| 218 | end | 218 | end |
| 219 | 219 | ||
| 220 | def verify_recaptcha_v1(remote_ip, recaptcha_response_field, private_key, recaptcha_challenge_field, api_recaptcha_verify_uri) | 220 | def verify_recaptcha_v1(remote_ip, recaptcha_response_field, private_key, recaptcha_challenge_field, api_recaptcha_verify_uri) |
| 221 | - binding.pry | ||
| 222 | verify_hash = { | 221 | verify_hash = { |
| 223 | "privatekey" => private_key, | 222 | "privatekey" => private_key, |
| 224 | "remoteip" => remote_ip, | 223 | "remoteip" => remote_ip, |
| @@ -230,11 +229,8 @@ module Noosfero | @@ -230,11 +229,8 @@ module Noosfero | ||
| 230 | https.use_ssl = true | 229 | https.use_ssl = true |
| 231 | request = Net::HTTP::Post.new(uri.path) | 230 | request = Net::HTTP::Post.new(uri.path) |
| 232 | request.set_form_data(verify_hash) | 231 | request.set_form_data(verify_hash) |
| 233 | - if https.request(request).body == "true\nsuccess" | ||
| 234 | - captcha_result["success"]=true | ||
| 235 | - else | ||
| 236 | - captcha_result["success"]=false | ||
| 237 | - end | 232 | + body = https.request(request).body |
| 233 | + body == "true\nsuccess" ? true : body | ||
| 238 | end | 234 | end |
| 239 | 235 | ||
| 240 | end | 236 | end |
lib/noosfero/api/session.rb
| @@ -36,23 +36,28 @@ module Noosfero | @@ -36,23 +36,28 @@ module Noosfero | ||
| 36 | requires :password, type: String, desc: _("Password") | 36 | requires :password, type: String, desc: _("Password") |
| 37 | end | 37 | end |
| 38 | post "/register" do | 38 | post "/register" do |
| 39 | - binding.pry | ||
| 40 | unique_attributes! User, [:email, :login] | 39 | unique_attributes! User, [:email, :login] |
| 41 | attrs = attributes_for_keys [:email, :login, :password] | 40 | attrs = attributes_for_keys [:email, :login, :password] |
| 42 | attrs[:password_confirmation] = attrs[:password] | 41 | attrs[:password_confirmation] = attrs[:password] |
| 43 | - | ||
| 44 | remote_ip = (request.respond_to?(:remote_ip) && request.remote_ip) || (env && env['REMOTE_ADDR']) | 42 | remote_ip = (request.respond_to?(:remote_ip) && request.remote_ip) || (env && env['REMOTE_ADDR']) |
| 45 | private_key = API.NOOSFERO_CONF['api_recaptcha_private_key'] | 43 | private_key = API.NOOSFERO_CONF['api_recaptcha_private_key'] |
| 46 | - api_recaptcha_verify_uri = API.NOOSFERO_CONF['api_recaptcha_verify_uri'] | ||
| 47 | - | ||
| 48 | -# "recaptcha_challenge_field" => "03AHJ_VutRW6eOgTKZyK-77J96k121W0fUHIEvThyCPtqG2FUPBWzidBOqptzk0poh_UkMNPxAd_m0CqUz1Dip-6uV_zlwlviaXXvymwCFXPaWuvvyUfZ3LvZy6M1CoPfbhOQZjTkf_VNjlVnCRuuJXmGy4MhhuJ8om1J_R2C_oIAfP3KbpmlqLXU5nLlE7WpW-h-OhRTQzupTo9UL-4-ZDRk1bMkCSEJnwYUomOboqFBEpJBv0iaOCaSnu9_UKObmWmpbQZSHxYK7", | ||
| 49 | -# "recaptcha_response_field" => "1221" | ||
| 50 | - | ||
| 51 | - #captcha_result = verify_recaptcha_v2(remote_ip, params['g-recaptcha-response'], private_key, api_recaptcha_verify_uri) | ||
| 52 | - captcha_result = verify_recaptcha_v1(remote_ip, params['recaptcha_response_field'], private_key, params['recaptcha_challenge_field'], api_recaptcha_verify_uri) | ||
| 53 | - binding.pry | ||
| 54 | - user = User.new(attrs) | ||
| 55 | - if captcha_result["success"] and user.save | 44 | + api_recaptcha_verify_uri = API.NOOSFERO_CONF['api_recaptcha_v1_verify_uri'] |
| 45 | + # TODO: FIX THAT | ||
| 46 | + # TEST WILL NOT STUB WITHOUT Noosfero::API::APIHelpers | ||
| 47 | + # Leave with the full namespace otherwise the stub for the test will fail | ||
| 48 | + begin | ||
| 49 | + # This will run from test | ||
| 50 | + captcha_result = Noosfero::API::APIHelpers.verify_recaptcha_v1(remote_ip, params['recaptcha_response_field'], private_key, params['recaptcha_challenge_field'], api_recaptcha_verify_uri) | ||
| 51 | + rescue NoMethodError | ||
| 52 | + # Normal execution | ||
| 53 | + captcha_result = verify_recaptcha_v1(remote_ip, params['recaptcha_response_field'], private_key, params['recaptcha_challenge_field'], api_recaptcha_verify_uri) | ||
| 54 | + end | ||
| 55 | + unless captcha_result === true | ||
| 56 | + render_api_error!(_('Please solve the test in order to register.'), 400) | ||
| 57 | + return | ||
| 58 | + end | ||
| 59 | + user = User.new(attrs) | ||
| 60 | + if user.save | ||
| 56 | user.activate | 61 | user.activate |
| 57 | user.generate_private_token! | 62 | user.generate_private_token! |
| 58 | present user, :with => Entities::UserLogin | 63 | present user, :with => Entities::UserLogin |