rhodecode-enterprise-ce Commit - r2731:f80f9da7

re-captcha: adjust for v2 that is the only left one supported since 1st of May.

marcink -

r2731:f80f9da7 default

parent child

pkgs/python-packages-overrides.nix

0 0 -7

                 };
               });
-              recaptcha-client = super.recaptcha-client.override (attrs: {
-                meta = {
-                  # TODO: It is MIT/X11
-                  license = pkgs.lib.licenses.mit;
-                };
-              });
               python-editor = super.python-editor.override (attrs: {
                 meta = {
                   license = pkgs.lib.licenses.asl20;

pkgs/python-packages.nix

0 +1 -14

                   license = [ pkgs.lib.licenses.bsdOriginal { fullName = "LGPL+BSD"; } { fullName = "GNU Library or Lesser General Public License (LGPL)"; } ];
                 };
               };
-              recaptcha-client = super.buildPythonPackage {
-                name = "recaptcha-client-1.0.6";
-                buildInputs = with self; [];
-                doCheck = false;
-                propagatedBuildInputs = with self; [];
-                src = fetchurl {
-                  url = "https://files.pythonhosted.org/packages/0a/ea/5f2fbbfd894bdac1c68ef8d92019066cfcf9fbff5fe3d728d2b5c25c8db4/recaptcha-client-1.0.6.tar.gz";
-                  sha256 = "28c6853c1d13d365b7dc71a6b05e5ffb56471f70a850de318af50d3d7c0dea2f";
-                };
-                meta = {
-                  license = [ { fullName = "MIT/X11"; } ];
-                };
-              };
               redis = super.buildPythonPackage {
                 name = "redis-2.10.6";
                 buildInputs = with self; [];
                 name = "rhodecode-enterprise-ce-4.13.0";
                 buildInputs = with self; [pytest py pytest-cov pytest-sugar pytest-runner pytest-catchlog pytest-profiling gprof2dot pytest-timeout mock webtest cov-core coverage configobj];
                 doCheck = true;
-                propagatedBuildInputs = with self; [setuptools-scm amqp authomatic babel beaker celery chameleon channelstream click colander configobj cssselect decorator deform docutils dogpile.cache dogpile.core ecdsa formencode future futures gnureadline infrae.cache iso8601 itsdangerous jinja2 billiard kombu lxml mako markdown markupsafe msgpack-python mysql-python objgraph packaging paste pastedeploy pastescript pathlib2 peppercorn psutil psycopg2 py-bcrypt pycrypto pycurl pyflakes pygments-markdown-lexer pygments pyparsing pyramid-beaker pyramid-debugtoolbar pyramid-jinja2 pyramid-mako pyramid pysqlite python-dateutil python-ldap python-memcached python-pam pytz tzlocal pyzmq py-gfm recaptcha-client redis repoze.lru requests routes setproctitle simplejson six sqlalchemy sshpubkeys subprocess32 supervisor tempita translationstring trollius urllib3 urlobject venusian weberror webhelpers2 webhelpers webob whoosh wsgiref zope.cachedescriptors zope.deprecation zope.event zope.interface nbconvert bleach nbformat jupyter-client alembic invoke bumpversion gevent greenlet gunicorn waitress ipdb ipython cprofilev bottle rhodecode-tools appenlight-client pytest py pytest-cov pytest-sugar pytest-runner pytest-catchlog pytest-profiling gprof2dot pytest-timeout mock webtest cov-core coverage];
+                propagatedBuildInputs = with self; [setuptools-scm amqp authomatic babel beaker celery chameleon channelstream click colander configobj cssselect decorator deform docutils dogpile.cache dogpile.core ecdsa formencode future futures gnureadline infrae.cache iso8601 itsdangerous jinja2 billiard kombu lxml mako markdown markupsafe msgpack-python mysql-python objgraph packaging paste pastedeploy pastescript pathlib2 peppercorn psutil psycopg2 py-bcrypt pycrypto pycurl pyflakes pygments-markdown-lexer pygments pyparsing pyramid-beaker pyramid-debugtoolbar pyramid-jinja2 pyramid-mako pyramid pysqlite python-dateutil python-ldap python-memcached python-pam pytz tzlocal pyzmq py-gfm redis repoze.lru requests routes setproctitle simplejson six sqlalchemy sshpubkeys subprocess32 supervisor tempita translationstring trollius urllib3 urlobject venusian weberror webhelpers2 webhelpers webob whoosh wsgiref zope.cachedescriptors zope.deprecation zope.event zope.interface nbconvert bleach nbformat jupyter-client alembic invoke bumpversion gevent greenlet gunicorn waitress ipdb ipython cprofilev bottle rhodecode-tools appenlight-client pytest py pytest-cov pytest-sugar pytest-runner pytest-catchlog pytest-profiling gprof2dot pytest-timeout mock webtest cov-core coverage];
                 src = ./.;
                 meta = {
                   license = [ { fullName = "Affero GNU General Public License v3 or later (AGPLv3+)"; } { fullName = "AGPLv3, and Commercial License"; } ];

requirements.txt

0 0 -1

             tzlocal==1.5.1
             pyzmq==14.6.0
             py-gfm==0.1.3
-            recaptcha-client==1.0.6
             redis==2.10.6
             repoze.lru==0.7
             requests==2.9.1

rhodecode/apps/login/tests/test_register_captcha.py

0 +3 -3

                         assertr.no_element_exists('#recaptcha_field')
                 @pytest.mark.parametrize('valid', [False, True])
-                @mock.patch('rhodecode.apps.login.views.submit')
+                @mock.patch.object(LoginView, 'validate_captcha')
                 @mock.patch.object(LoginView, '_get_captcha_data')
                 def test_register_with_active_captcha(
-                        self, m_get_captcha_data, m_submit, valid, app, csrf_token):
+                        self, m_get_captcha_data, m_validate_captcha, valid, app, csrf_token):
                     captcha = CaptchaData(
                         active=True, private_key='PRIVATE_KEY', public_key='PUBLIC_KEY')
                     m_get_captcha_data.return_value = captcha
                     m_response = mock.Mock()
                     m_response.is_valid = valid
-                    m_submit.return_value = m_response
+                    m_validate_captcha.return_value = valid, 'ok'
                     params = {
                         'csrf_token': csrf_token,

rhodecode/apps/login/views.py

0 +36 -17

             import formencode.htmlfill
             import logging
             import urlparse
+            import requests
             from pyramid.httpexceptions import HTTPFound
             from pyramid.view import view_config
-            from recaptcha.client.captcha import submit
             from rhodecode.apps._base import BaseAppView
             from rhodecode.authentication.base import authenticate, HTTP_TYPE
                     return CaptchaData(
                         active=active, private_key=private_key, public_key=public_key)
+                def validate_captcha(self, private_key):
+                    captcha_rs = self.request.POST.get('g-recaptcha-response')
+                    url = "https://www.google.com/recaptcha/api/siteverify"
+                    params = {
+                        'secret': private_key,
+                        'response': captcha_rs,
+                        'remoteip': get_ip_addr(self.request.environ)
+                    }
+                    verify_rs = requests.get(url, params=params, verify=True)
+                    verify_rs = verify_rs.json()
+                    captcha_status = verify_rs.get('success', False)
+                    captcha_errors = verify_rs.get('error-codes', [])
+                    if not isinstance(captcha_errors, list):
+                        captcha_errors = [captcha_errors]
+                    captcha_errors = ', '.join(captcha_errors)
+                    captcha_message = ''
+                    if captcha_status is False:
+                        captcha_message = "Bad captcha. Errors: {}".format(
+                            captcha_errors)
+                    return captcha_status, captcha_message
                 @view_config(
                     route_name='login', request_method='GET',
                     renderer='rhodecode:templates/login.mako')
                         form_result['active'] = auto_active
                         if captcha.active:
-                            response = submit(
+                            captcha_status, captcha_message = self.validate_captcha(
-                                self.request.POST.get('recaptcha_challenge_field'),
+                                captcha.private_key)
-                                self.request.POST.get('recaptcha_response_field'),
-                                private_key=captcha.private_key,
+                            if not captcha_status:
-                                remoteip=get_ip_addr(self.request.environ))
-                            if not response.is_valid:
                                 _value = form_result
                                 _msg = _('Bad captcha')
-                                error_dict = {'recaptcha_field': _msg}
+                                error_dict = {'recaptcha_field': captcha_message}
-                                raise formencode.Invalid(_msg, _value, None,
+                                raise formencode.Invalid(
-                                                         error_dict=error_dict)
+                                    _msg, _value, None, error_dict=error_dict)
                         new_user = UserModel().create_registration(form_result)
                             user_email = form_result['email']
                             if captcha.active:
-                                response = submit(
+                                captcha_status, captcha_message = self.validate_captcha(
-                                    self.request.POST.get('recaptcha_challenge_field'),
+                                    captcha.private_key)
-                                    self.request.POST.get('recaptcha_response_field'),
-                                    private_key=captcha.private_key,
+                                if not captcha_status:
-                                    remoteip=get_ip_addr(self.request.environ))
-                                if not response.is_valid:
                                     _value = form_result
                                     _msg = _('Bad captcha')
-                                    error_dict = {'recaptcha_field': _msg}
+                                    error_dict = {'recaptcha_field': captcha_message}
                                     raise formencode.Invalid(
                                         _msg, _value, None, error_dict=error_dict)

rhodecode/config/licenses.json

0 0 -3

               "python2.7-pyzmq-14.6.0": {
                 "BSD 4-clause \"Original\" or \"Old\" License": "http://spdx.org/licenses/BSD-4-Clause"
               },
-              "python2.7-recaptcha-client-1.0.6": {
-                "MIT License": "http://spdx.org/licenses/MIT"
-              },
               "python2.7-repoze.lru-0.6": {
                 "Repoze License": "http://www.repoze.org/LICENSE.txt"
               },

rhodecode/templates/admin/settings/settings_global.mako

0 +4 -4

                 </div>
                 <div class="panel-body">
                     <div class="label">
-                        <label for="rhodecode_captcha_public_key">${_('Google ReCaptcha public key')}</label>
+                        <label for="rhodecode_captcha_public_key">${_('Google reCaptcha v2 site key.')}</label>
                     </div>
                     <div class="field input">
                         ${h.text('rhodecode_captcha_public_key',size=60)}
                     </div>
                     <div class="field">
                         <span class="help-block">
-                            ${_('Public key for reCaptcha system.')}
+                            ${_('Site key for reCaptcha v2 system.')}
                         </span>
                     </div>
                     <div class="label">
-                        <label for="rhodecode_captcha_private_key">${_('Google ReCaptcha private key')}</label>
+                        <label for="rhodecode_captcha_private_key">${_('Google reCaptcha v2 secret key.')}</label>
                     </div>
                     <div class="field input">
                         ${h.text('rhodecode_captcha_private_key',size=60)}
                     </div>
                     <div class="field">
                         <span class="help-block">
-                            ${_('Private key for reCaptcha system. Setting this value will enable captcha on registration')}
+                            ${_('Secret key for reCaptcha v2 system. Setting this value will enable captcha on registration and password reset forms.')}
                         </span>
                     </div>
                 </div>

rhodecode/templates/password_reset.mako

0 +13 -6

                                         <label for="email">${_('Captcha')}:</label>
                                         ${h.hidden('recaptcha_field')}
                                         <div id="recaptcha"></div>
                                         %if 'recaptcha_field' in errors:
                                           <span class="error-message">${errors.get('recaptcha_field')}</span>
                                           <br />
                 </div>
             </div>
-            %if captcha_active:
-            <script type="text/javascript" src="https://www.google.com/recaptcha/api/js/recaptcha_ajax.js"></script>
-            %endif
             <script type="text/javascript">
              $(document).ready(function(){
                 $('#email').focus();
-                %if captcha_active:
-                  Recaptcha.create("${captcha_public_key}", "recaptcha", {theme: "white"});
-                %endif
              });
             </script>
+            % if captcha_active:
+            <script type="text/javascript">
+            var onloadCallback = function() {
+                grecaptcha.render('recaptcha', {
+                  'sitekey' : "${captcha_public_key}"
+                });
+            };
+            </script>
+            <script src="https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit" async defer></script>
+            % endif

rhodecode/templates/register.mako

0 +15 -8

@@ -110,14 +110,21 b''
110	</div>	110	</div>
111	</div>	111	</div>
112		112
113	%if captcha_active:	113
114	<script type="text/javascript" src="https://www.google.com/recaptcha/api/js/recaptcha_ajax.js"></script>
115	%endif
116	<script type="text/javascript">	114	<script type="text/javascript">
117	$(document).ready(function(){	115	$(document).ready(function(){
118	$('#username').focus();	116	$('#username').focus();
119	%if captcha_active:	117	});
120	Recaptcha.create("${captcha_public_key}", "recaptcha", {theme: "white"});
121	%endif
122	});
123	</script>	118	</script>
		119
		120	% if captcha_active:
		121	<script type="text/javascript">
		122	var onloadCallback = function() {
		123	grecaptcha.render('recaptcha', {
		124	'sitekey' : "${captcha_public_key}"
		125	});
		126	};
		127	</script>
		128	<script src="https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit" async defer></script>
		129	% endif
		130

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages