summaryrefslogtreecommitdiffstats
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rw-r--r--modules/auth/user_form.go9
-rw-r--r--modules/auth/user_form_auth_openid.go5
-rw-r--r--modules/recaptcha/recaptcha.go47
-rw-r--r--modules/setting/setting.go14
4 files changed, 68 insertions, 7 deletions
diff --git a/modules/auth/user_form.go b/modules/auth/user_form.go
index 0c342df86a..959a8ac417 100644
--- a/modules/auth/user_form.go
+++ b/modules/auth/user_form.go
@@ -72,10 +72,11 @@ func (f *InstallForm) Validate(ctx *macaron.Context, errs binding.Errors) bindin
// RegisterForm form for registering
type RegisterForm struct {
- UserName string `binding:"Required;AlphaDashDot;MaxSize(35)"`
- Email string `binding:"Required;Email;MaxSize(254)"`
- Password string `binding:"Required;MaxSize(255)"`
- Retype string
+ UserName string `binding:"Required;AlphaDashDot;MaxSize(35)"`
+ Email string `binding:"Required;Email;MaxSize(254)"`
+ Password string `binding:"Required;MaxSize(255)"`
+ Retype string
+ GRecaptchaResponse string `form:"g-recaptcha-response"`
}
// Validate valideates the fields
diff --git a/modules/auth/user_form_auth_openid.go b/modules/auth/user_form_auth_openid.go
index 0ef821dd9e..6a3c284873 100644
--- a/modules/auth/user_form_auth_openid.go
+++ b/modules/auth/user_form_auth_openid.go
@@ -22,8 +22,9 @@ func (f *SignInOpenIDForm) Validate(ctx *macaron.Context, errs binding.Errors) b
// SignUpOpenIDForm form for signin up with OpenID
type SignUpOpenIDForm struct {
- UserName string `binding:"Required;AlphaDashDot;MaxSize(35)"`
- Email string `binding:"Required;Email;MaxSize(254)"`
+ UserName string `binding:"Required;AlphaDashDot;MaxSize(35)"`
+ Email string `binding:"Required;Email;MaxSize(254)"`
+ GRecaptchaResponse string `form:"g-recaptcha-response"`
}
// Validate valideates the fields
diff --git a/modules/recaptcha/recaptcha.go b/modules/recaptcha/recaptcha.go
new file mode 100644
index 0000000000..1009185961
--- /dev/null
+++ b/modules/recaptcha/recaptcha.go
@@ -0,0 +1,47 @@
+// Copyright 2018 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package recaptcha
+
+import (
+ "encoding/json"
+ "fmt"
+ "io/ioutil"
+ "net/http"
+ "net/url"
+ "time"
+
+ "code.gitea.io/gitea/modules/setting"
+)
+
+// Response is the structure of JSON returned from API
+type Response struct {
+ Success bool `json:"success"`
+ ChallengeTS time.Time `json:"challenge_ts"`
+ Hostname string `json:"hostname"`
+ ErrorCodes []string `json:"error-codes"`
+}
+
+const apiURL = "https://www.google.com/recaptcha/api/siteverify"
+
+// Verify calls Google Recaptcha API to verify token
+func Verify(response string) (bool, error) {
+ resp, err := http.PostForm(apiURL,
+ url.Values{"secret": {setting.Service.RecaptchaSecret}, "response": {response}})
+ if err != nil {
+ return false, fmt.Errorf("Failed to send CAPTCHA response: %s", err)
+ }
+ defer resp.Body.Close()
+ body, err := ioutil.ReadAll(resp.Body)
+ if err != nil {
+ return false, fmt.Errorf("Failed to read CAPTCHA response: %s", err)
+ }
+ var jsonResponse Response
+ err = json.Unmarshal(body, &jsonResponse)
+ if err != nil {
+ return false, fmt.Errorf("Failed to parse CAPTCHA response: %s", err)
+ }
+
+ return jsonResponse.Success, nil
+}
diff --git a/modules/setting/setting.go b/modules/setting/setting.go
index a5f4457f33..5230307cab 100644
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@@ -75,6 +75,12 @@ const (
RepoCreatingPublic = "public"
)
+// enumerates all the types of captchas
+const (
+ ImageCaptcha = "image"
+ ReCaptcha = "recaptcha"
+)
+
// settings
var (
// AppVer settings
@@ -1165,6 +1171,9 @@ var Service struct {
EnableReverseProxyAuth bool
EnableReverseProxyAutoRegister bool
EnableCaptcha bool
+ CaptchaType string
+ RecaptchaSecret string
+ RecaptchaSitekey string
DefaultKeepEmailPrivate bool
DefaultAllowCreateOrganization bool
EnableTimetracking bool
@@ -1189,7 +1198,10 @@ func newService() {
Service.RequireSignInView = sec.Key("REQUIRE_SIGNIN_VIEW").MustBool()
Service.EnableReverseProxyAuth = sec.Key("ENABLE_REVERSE_PROXY_AUTHENTICATION").MustBool()
Service.EnableReverseProxyAutoRegister = sec.Key("ENABLE_REVERSE_PROXY_AUTO_REGISTRATION").MustBool()
- Service.EnableCaptcha = sec.Key("ENABLE_CAPTCHA").MustBool()
+ Service.EnableCaptcha = sec.Key("ENABLE_CAPTCHA").MustBool(false)
+ Service.CaptchaType = sec.Key("CAPTCHA_TYPE").MustString(ImageCaptcha)
+ Service.RecaptchaSecret = sec.Key("RECAPTCHA_SECRET").MustString("")
+ Service.RecaptchaSitekey = sec.Key("RECAPTCHA_SITEKEY").MustString("")
Service.DefaultKeepEmailPrivate = sec.Key("DEFAULT_KEEP_EMAIL_PRIVATE").MustBool()
Service.DefaultAllowCreateOrganization = sec.Key("DEFAULT_ALLOW_CREATE_ORGANIZATION").MustBool(true)
Service.EnableTimetracking = sec.Key("ENABLE_TIMETRACKING").MustBool(true)