diff options
Diffstat (limited to 'modules')
-rw-r--r-- | modules/auth/user_form.go | 9 | ||||
-rw-r--r-- | modules/auth/user_form_auth_openid.go | 5 | ||||
-rw-r--r-- | modules/recaptcha/recaptcha.go | 47 | ||||
-rw-r--r-- | modules/setting/setting.go | 14 |
4 files changed, 68 insertions, 7 deletions
diff --git a/modules/auth/user_form.go b/modules/auth/user_form.go index 0c342df86a..959a8ac417 100644 --- a/modules/auth/user_form.go +++ b/modules/auth/user_form.go @@ -72,10 +72,11 @@ func (f *InstallForm) Validate(ctx *macaron.Context, errs binding.Errors) bindin // RegisterForm form for registering type RegisterForm struct { - UserName string `binding:"Required;AlphaDashDot;MaxSize(35)"` - Email string `binding:"Required;Email;MaxSize(254)"` - Password string `binding:"Required;MaxSize(255)"` - Retype string + UserName string `binding:"Required;AlphaDashDot;MaxSize(35)"` + Email string `binding:"Required;Email;MaxSize(254)"` + Password string `binding:"Required;MaxSize(255)"` + Retype string + GRecaptchaResponse string `form:"g-recaptcha-response"` } // Validate valideates the fields diff --git a/modules/auth/user_form_auth_openid.go b/modules/auth/user_form_auth_openid.go index 0ef821dd9e..6a3c284873 100644 --- a/modules/auth/user_form_auth_openid.go +++ b/modules/auth/user_form_auth_openid.go @@ -22,8 +22,9 @@ func (f *SignInOpenIDForm) Validate(ctx *macaron.Context, errs binding.Errors) b // SignUpOpenIDForm form for signin up with OpenID type SignUpOpenIDForm struct { - UserName string `binding:"Required;AlphaDashDot;MaxSize(35)"` - Email string `binding:"Required;Email;MaxSize(254)"` + UserName string `binding:"Required;AlphaDashDot;MaxSize(35)"` + Email string `binding:"Required;Email;MaxSize(254)"` + GRecaptchaResponse string `form:"g-recaptcha-response"` } // Validate valideates the fields diff --git a/modules/recaptcha/recaptcha.go b/modules/recaptcha/recaptcha.go new file mode 100644 index 0000000000..1009185961 --- /dev/null +++ b/modules/recaptcha/recaptcha.go @@ -0,0 +1,47 @@ +// Copyright 2018 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package recaptcha + +import ( + "encoding/json" + "fmt" + "io/ioutil" + "net/http" + "net/url" + "time" + + "code.gitea.io/gitea/modules/setting" +) + +// Response is the structure of JSON returned from API +type Response struct { + Success bool `json:"success"` + ChallengeTS time.Time `json:"challenge_ts"` + Hostname string `json:"hostname"` + ErrorCodes []string `json:"error-codes"` +} + +const apiURL = "https://www.google.com/recaptcha/api/siteverify" + +// Verify calls Google Recaptcha API to verify token +func Verify(response string) (bool, error) { + resp, err := http.PostForm(apiURL, + url.Values{"secret": {setting.Service.RecaptchaSecret}, "response": {response}}) + if err != nil { + return false, fmt.Errorf("Failed to send CAPTCHA response: %s", err) + } + defer resp.Body.Close() + body, err := ioutil.ReadAll(resp.Body) + if err != nil { + return false, fmt.Errorf("Failed to read CAPTCHA response: %s", err) + } + var jsonResponse Response + err = json.Unmarshal(body, &jsonResponse) + if err != nil { + return false, fmt.Errorf("Failed to parse CAPTCHA response: %s", err) + } + + return jsonResponse.Success, nil +} diff --git a/modules/setting/setting.go b/modules/setting/setting.go index a5f4457f33..5230307cab 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -75,6 +75,12 @@ const ( RepoCreatingPublic = "public" ) +// enumerates all the types of captchas +const ( + ImageCaptcha = "image" + ReCaptcha = "recaptcha" +) + // settings var ( // AppVer settings @@ -1165,6 +1171,9 @@ var Service struct { EnableReverseProxyAuth bool EnableReverseProxyAutoRegister bool EnableCaptcha bool + CaptchaType string + RecaptchaSecret string + RecaptchaSitekey string DefaultKeepEmailPrivate bool DefaultAllowCreateOrganization bool EnableTimetracking bool @@ -1189,7 +1198,10 @@ func newService() { Service.RequireSignInView = sec.Key("REQUIRE_SIGNIN_VIEW").MustBool() Service.EnableReverseProxyAuth = sec.Key("ENABLE_REVERSE_PROXY_AUTHENTICATION").MustBool() Service.EnableReverseProxyAutoRegister = sec.Key("ENABLE_REVERSE_PROXY_AUTO_REGISTRATION").MustBool() - Service.EnableCaptcha = sec.Key("ENABLE_CAPTCHA").MustBool() + Service.EnableCaptcha = sec.Key("ENABLE_CAPTCHA").MustBool(false) + Service.CaptchaType = sec.Key("CAPTCHA_TYPE").MustString(ImageCaptcha) + Service.RecaptchaSecret = sec.Key("RECAPTCHA_SECRET").MustString("") + Service.RecaptchaSitekey = sec.Key("RECAPTCHA_SITEKEY").MustString("") Service.DefaultKeepEmailPrivate = sec.Key("DEFAULT_KEEP_EMAIL_PRIVATE").MustBool() Service.DefaultAllowCreateOrganization = sec.Key("DEFAULT_ALLOW_CREATE_ORGANIZATION").MustBool(true) Service.EnableTimetracking = sec.Key("ENABLE_TIMETRACKING").MustBool(true) |