Commit c55f23335a34bd416981b3e0012b0b8649bc9d97
1 parent
920f13a9
Exists in
master
and in
29 other branches
Adjusting signup anti-bot
Showing
6 changed files
with
55 additions
and
57 deletions
Show diff stats
app/controllers/public/account_controller.rb
| ... | ... | @@ -299,7 +299,7 @@ class AccountController < ApplicationController |
| 299 | 299 | end |
| 300 | 300 | |
| 301 | 301 | def clear_signup_start_time |
| 302 | - Rails.cache.delete params[:signup_time_key] | |
| 302 | + Rails.cache.delete params[:signup_time_key] if params[:signup_time_key] | |
| 303 | 303 | end |
| 304 | 304 | |
| 305 | 305 | def may_be_a_bot | ... | ... |
app/models/environment.rb
| ... | ... | @@ -233,7 +233,7 @@ class Environment < ActiveRecord::Base |
| 233 | 233 | settings[:message_for_member_invitation] || InviteMember.mail_template |
| 234 | 234 | end |
| 235 | 235 | |
| 236 | - settings_items :min_signup_delay, :type => Integer, :default => 25 #seconds | |
| 236 | + settings_items :min_signup_delay, :type => Integer, :default => 3 #seconds | |
| 237 | 237 | settings_items :activation_blocked_text, :type => String |
| 238 | 238 | settings_items :message_for_disabled_enterprise, :type => String, |
| 239 | 239 | :default => _('This enterprise needs to be enabled.') | ... | ... |
app/views/account/_signup_form.rhtml
| 1 | 1 | <% if @block_bot %> |
| 2 | - <div id="bot-notice"> | |
| 3 | - <strong><%=_('How Fast!')%></strong> | |
| 4 | - <p><%=_('Looks like you are a robot. Please, prove that you are human.')%></p> | |
| 2 | + <div class="atention" style="font-size: 150%;"> | |
| 3 | + <strong><%=_('Are you a robot?')%></strong> <br /> | |
| 4 | + <%=_('Please, prove that you are human by filling the captcha.')%> | |
| 5 | 5 | </div> |
| 6 | 6 | <% end %> |
| 7 | 7 | ... | ... |
public/stylesheets/application.css
| ... | ... | @@ -5636,16 +5636,6 @@ li.profile-activity-item.upload_image .activity-gallery-images-count-1 img { |
| 5636 | 5636 | |
| 5637 | 5637 | /* Signup interface {{{ */ |
| 5638 | 5638 | |
| 5639 | -#bot-notice { | |
| 5640 | - border: 3px solid #000; | |
| 5641 | - background: #FE0; | |
| 5642 | - padding: 5px 10px; | |
| 5643 | - font-size: 150%; | |
| 5644 | -} | |
| 5645 | -#bot-notice p { | |
| 5646 | - margin: 0px; | |
| 5647 | -} | |
| 5648 | - | |
| 5649 | 5639 | #url-check { |
| 5650 | 5640 | margin: 0 0 -5px 0; |
| 5651 | 5641 | width: 100%; | ... | ... |
test/functional/account_controller_test.rb
| ... | ... | @@ -19,6 +19,7 @@ class AccountControllerTest < ActionController::TestCase |
| 19 | 19 | @controller = AccountController.new |
| 20 | 20 | @request = ActionController::TestRequest.new |
| 21 | 21 | @response = ActionController::TestResponse.new |
| 22 | + disable_signup_bot_check | |
| 22 | 23 | end |
| 23 | 24 | |
| 24 | 25 | def test_local_files_reference |
| ... | ... | @@ -566,6 +567,7 @@ class AccountControllerTest < ActionController::TestCase |
| 566 | 567 | template.boxes[0].blocks << Block.new |
| 567 | 568 | template.save! |
| 568 | 569 | env = fast_create(Environment, :name => 'test_env') |
| 570 | + disable_signup_bot_check(env) | |
| 569 | 571 | env.settings[:person_template_id] = template.id |
| 570 | 572 | env.save! |
| 571 | 573 | |
| ... | ... | @@ -882,26 +884,31 @@ class AccountControllerTest < ActionController::TestCase |
| 882 | 884 | |
| 883 | 885 | |
| 884 | 886 | protected |
| 885 | - def new_user(options = {}, extra_options ={}) | |
| 886 | - data = {:profile_data => person_data} | |
| 887 | - if extra_options[:profile_data] | |
| 888 | - data[:profile_data].merge! extra_options.delete(:profile_data) | |
| 889 | - end | |
| 890 | - data.merge! extra_options | |
| 891 | - | |
| 892 | - post :signup, { :user => { :login => 'quire', | |
| 893 | - :email => 'quire@example.com', | |
| 894 | - :password => 'quire', | |
| 895 | - :password_confirmation => 'quire' | |
| 896 | - }.merge(options) | |
| 897 | - }.merge(data) | |
| 887 | + def new_user(options = {}, extra_options ={}) | |
| 888 | + data = {:profile_data => person_data} | |
| 889 | + if extra_options[:profile_data] | |
| 890 | + data[:profile_data].merge! extra_options.delete(:profile_data) | |
| 898 | 891 | end |
| 892 | + data.merge! extra_options | |
| 899 | 893 | |
| 900 | - def auth_token(token) | |
| 901 | - CGI::Cookie.new('name' => 'auth_token', 'value' => token) | |
| 902 | - end | |
| 894 | + post :signup, { :user => { :login => 'quire', | |
| 895 | + :email => 'quire@example.com', | |
| 896 | + :password => 'quire', | |
| 897 | + :password_confirmation => 'quire' | |
| 898 | + }.merge(options) | |
| 899 | + }.merge(data) | |
| 900 | + end | |
| 903 | 901 | |
| 904 | - def cookie_for(user) | |
| 905 | - auth_token users(user).remember_token | |
| 906 | - end | |
| 902 | + def auth_token(token) | |
| 903 | + CGI::Cookie.new('name' => 'auth_token', 'value' => token) | |
| 904 | + end | |
| 905 | + | |
| 906 | + def cookie_for(user) | |
| 907 | + auth_token users(user).remember_token | |
| 908 | + end | |
| 909 | + | |
| 910 | + def disable_signup_bot_check(environment = Environment.default) | |
| 911 | + environment.min_signup_delay = 0 | |
| 912 | + environment.save! | |
| 913 | + end | |
| 907 | 914 | end | ... | ... |
test/integration/signup_test.rb
| ... | ... | @@ -7,33 +7,18 @@ class SignupTest < ActionController::IntegrationTest |
| 7 | 7 | ActionController::Integration::Session.any_instance.stubs(:https?).returns(true) |
| 8 | 8 | end |
| 9 | 9 | |
| 10 | - # helper | |
| 11 | - def registering_with_bot_test(min_signup_delay, sleep_secs) | |
| 12 | - env = Environment.default | |
| 13 | - env.min_signup_delay = min_signup_delay | |
| 14 | - env.save! | |
| 15 | - get '/account/signup' | |
| 16 | - assert_response :success | |
| 17 | - get '/account/signup_time' | |
| 18 | - assert_response :success | |
| 19 | - data = ActiveSupport::JSON.decode response.body | |
| 20 | - sleep sleep_secs | |
| 21 | - post '/account/signup', :user => { :login => 'someone', :password => 'test', :password_confirmation => 'test', :email => 'someone@example.com' }, :signup_time_key => data['key'] | |
| 22 | - assert_response :success | |
| 23 | - end | |
| 24 | - | |
| 25 | - def test_signup_form_submition_must_be_blocked_for_fast_bots | |
| 26 | - count = User.count | |
| 27 | - registering_with_bot_test 5, 1 | |
| 10 | + def test_signup_form_submission_must_be_blocked_for_fast_bots | |
| 11 | + assert_no_difference User, :count do | |
| 12 | + registering_with_bot_test 5, 1 | |
| 13 | + end | |
| 28 | 14 | assert_template 'signup' |
| 29 | - assert_equal count, User.count | |
| 30 | 15 | assert_match /you are a robot/, response.body |
| 31 | 16 | end |
| 32 | 17 | |
| 33 | - def test_signup_form_submition_must_not_block_after_min_signup_delay | |
| 34 | - count = User.count | |
| 35 | - registering_with_bot_test 1, 2 | |
| 36 | - assert_equal count+1, User.count | |
| 18 | + def test_signup_form_submission_must_not_block_after_min_signup_delay | |
| 19 | + assert_difference User, :count, 1 do | |
| 20 | + registering_with_bot_test 1, 2 | |
| 21 | + end | |
| 37 | 22 | end |
| 38 | 23 | |
| 39 | 24 | def test_should_require_acceptance_of_terms_for_signup |
| ... | ... | @@ -63,4 +48,20 @@ class SignupTest < ActionController::IntegrationTest |
| 63 | 48 | |
| 64 | 49 | end |
| 65 | 50 | |
| 51 | + private | |
| 52 | + | |
| 53 | + def registering_with_bot_test(min_signup_delay, sleep_secs) | |
| 54 | + env = Environment.default | |
| 55 | + env.min_signup_delay = min_signup_delay | |
| 56 | + env.save! | |
| 57 | + get '/account/signup' | |
| 58 | + assert_response :success | |
| 59 | + get '/account/signup_time' | |
| 60 | + assert_response :success | |
| 61 | + data = ActiveSupport::JSON.decode response.body | |
| 62 | + sleep sleep_secs | |
| 63 | + post '/account/signup', :user => { :login => 'someone', :password => 'test', :password_confirmation => 'test', :email => 'someone@example.com' }, :signup_time_key => data['key'] | |
| 64 | + assert_response :success | |
| 65 | + end | |
| 66 | + | |
| 66 | 67 | end | ... | ... |