First steps

Daniela Feitosa
1 parent 96fa5dd4
Showing 2 changed files with 49 additions and 13 deletions Show diff stats
app/controllers/public/account_controller.rb
app/views/account/_signup_form.rhtml
@@ -55,6 +55,11 @@ class AccountController &lt; ApplicationController
     render :action => 'login', :layout => false
   end
  
+  def signup_time
+    set_signup_time_for_now
+    render :text => {:ok=>true}.to_json
+  end
+
   # action to register an user to the application
   def signup
     if @plugins.dispatch(:allow_user_registration).include?(false)
@@ -62,6 +67,7 @@ class AccountController &lt; ApplicationController
       session[:notice] = _("This environment doesn't allow user registration.")
     end
  
+    @block_bot = !!session[:may_be_a_bot]
     @invitation_code = params[:invitation_code]
     begin
       if params[:user]
@@ -76,19 +82,28 @@ class AccountController &lt; ApplicationController
       @person = Person.new(params[:profile_data])
       @person.environment = @user.environment
       if request.post?
-        @user.signup!
-        owner_role = Role.find_by_name('owner')
-        @user.person.affiliate(@user.person, [owner_role]) if owner_role
-        invitation = Task.find_by_code(@invitation_code)
-        if invitation
-          invitation.update_attributes!({:friend => @user.person})
-          invitation.finish
-        end
-        if @user.activated?
-          self.current_user = @user
-          redirect_to '/'
+        if may_be_a_bot
+          set_signup_time_for_now
+          @block_bot = true
+          session[:may_be_a_bot] = true
         else
-          @register_pending = true
+          if session[:may_be_a_bot]
+            return false unless verify_recaptcha :model=>@user, :message=>_('bota o recaptcha manuel!')
+          end
+          @user.signup!
+          owner_role = Role.find_by_name('owner')
+          @user.person.affiliate(@user.person, [owner_role]) if owner_role
+          invitation = Task.find_by_code(@invitation_code)
+          if invitation
+            invitation.update_attributes!({:friend => @user.person})
+            invitation.finish
+          end
+          if @user.activated?
+            self.current_user = @user
+            redirect_to '/'
+          else
+            @register_pending = true
+          end
         end
       end
     rescue ActiveRecord::RecordInvalid
@@ -271,7 +286,16 @@ class AccountController &lt; ApplicationController
   def no_redirect
     @cannot_redirect = true
   end
-  
+
+  def set_signup_time_for_now
+    session[:signup_time] = Time.now
+  end
+
+  def may_be_a_bot
+    return true if session[:signup_time].nil?
+    session[:signup_time] > ( Time.now - 15.seconds )
+  end
+
   def check_answer
     unless answer_correct
       @enterprise.block
+<script type="text/javascript">
+  jQuery.post("<%= url_for :controller=>'account', :action=>'signup_time' %>");
+</script>
+
+<% if @block_bot %>
+  <div class="bot-notice">
+    <%=_('<strong>How Fast!</strong> Looks like you are a bot.')%>
+  </div>
+<% end %>
+
 <% @profile_data = @person %>
  
 <%= error_messages_for :user, :person, :header_message => _('The account could not be created') %>
@@ -97,6 +107,8 @@
   <% end %>
 </div>
  
+<%= recaptcha_tags :ajax => true, :display => {:theme => 'clean'} if @block_bot %>
+
 <p style="text-align: center">
   <%= submit_button('save', _('Create my account')) %>
 </p>
...	...	@@ -55,6 +55,11 @@ class AccountController < ApplicationController
55	55	render :action => 'login', :layout => false
56	56	end
57	57
	58	+ def signup_time
	59	+ set_signup_time_for_now
	60	+ render :text => {:ok=>true}.to_json
	61	+ end
	62	+
58	63	# action to register an user to the application
59	64	def signup
60	65	if @plugins.dispatch(:allow_user_registration).include?(false)
...	...	@@ -62,6 +67,7 @@ class AccountController < ApplicationController
62	67	session[:notice] = _("This environment doesn't allow user registration.")
63	68	end
64	69
	70	+ @block_bot = !!session[:may_be_a_bot]
65	71	@invitation_code = params[:invitation_code]
66	72	begin
67	73	if params[:user]
...	...	@@ -76,19 +82,28 @@ class AccountController < ApplicationController
76	82	@person = Person.new(params[:profile_data])
77	83	@person.environment = @user.environment
78	84	if request.post?
79		- @user.signup!
80		- owner_role = Role.find_by_name('owner')
81		- @user.person.affiliate(@user.person, [owner_role]) if owner_role
82		- invitation = Task.find_by_code(@invitation_code)
83		- if invitation
84		- invitation.update_attributes!({:friend => @user.person})
85		- invitation.finish
86		- end
87		- if @user.activated?
88		- self.current_user = @user
89		- redirect_to '/'
	85	+ if may_be_a_bot
	86	+ set_signup_time_for_now
	87	+ @block_bot = true
	88	+ session[:may_be_a_bot] = true
90	89	else
91		- @register_pending = true
	90	+ if session[:may_be_a_bot]
	91	+ return false unless verify_recaptcha :model=>@user, :message=>_('bota o recaptcha manuel!')
	92	+ end
	93	+ @user.signup!
	94	+ owner_role = Role.find_by_name('owner')
	95	+ @user.person.affiliate(@user.person, [owner_role]) if owner_role
	96	+ invitation = Task.find_by_code(@invitation_code)
	97	+ if invitation
	98	+ invitation.update_attributes!({:friend => @user.person})
	99	+ invitation.finish
	100	+ end
	101	+ if @user.activated?
	102	+ self.current_user = @user
	103	+ redirect_to '/'
	104	+ else
	105	+ @register_pending = true
	106	+ end
92	107	end
93	108	end
94	109	rescue ActiveRecord::RecordInvalid
...	...	@@ -271,7 +286,16 @@ class AccountController < ApplicationController
271	286	def no_redirect
272	287	@cannot_redirect = true
273	288	end
274		-
	289	+
	290	+ def set_signup_time_for_now
	291	+ session[:signup_time] = Time.now
	292	+ end
	293	+
	294	+ def may_be_a_bot
	295	+ return true if session[:signup_time].nil?
	296	+ session[:signup_time] > ( Time.now - 15.seconds )
	297	+ end
	298	+
275	299	def check_answer
276	300	unless answer_correct
277	301	@enterprise.block
...	...
	1	+<script type="text/javascript">
	2	+ jQuery.post("<%= url_for :controller=>'account', :action=>'signup_time' %>");
	3	+</script>
	4	+
	5	+<% if @block_bot %>
	6	+ <div class="bot-notice">
	7	+ <%=_('<strong>How Fast!</strong> Looks like you are a bot.')%>
	8	+ </div>
	9	+<% end %>
	10	+
1	11	<% @profile_data = @person %>
2	12
3	13	<%= error_messages_for :user, :person, :header_message => _('The account could not be created') %>
...	...	@@ -97,6 +107,8 @@
97	107	<% end %>
98	108	</div>
99	109
	110	+<%= recaptcha_tags :ajax => true, :display => {:theme => 'clean'} if @block_bot %>
	111	+
100	112	<p style="text-align: center">
101	113	<%= submit_button('save', _('Create my account')) %>
102	114	</p>
...	...