Add Recaptcha functionality to Gitea (#4044)

2018-07-05 00:13:05 -04:00 · 2018-07-05 00:13:05 -04:00 · f035dcd4f2
commit f035dcd4f2
parent 54fedd4070
13 changed files with 163 additions and 15 deletions
--- a/modules/auth/user_form.go
+++ b/modules/auth/user_form.go
@ -72,10 +72,11 @@ func (f *InstallForm) Validate(ctx *macaron.Context, errs binding.Errors) bindin

 // RegisterForm form for registering
 type RegisterForm struct {
-	UserName string `binding:"Required;AlphaDashDot;MaxSize(35)"`
-	Email    string `binding:"Required;Email;MaxSize(254)"`
-	Password string `binding:"Required;MaxSize(255)"`
-	Retype   string
+	UserName           string `binding:"Required;AlphaDashDot;MaxSize(35)"`
+	Email              string `binding:"Required;Email;MaxSize(254)"`
+	Password           string `binding:"Required;MaxSize(255)"`
+	Retype             string
+	GRecaptchaResponse string `form:"g-recaptcha-response"`
 }

 // Validate valideates the fields
--- a/modules/auth/user_form_auth_openid.go
+++ b/modules/auth/user_form_auth_openid.go
@ -22,8 +22,9 @@ func (f *SignInOpenIDForm) Validate(ctx *macaron.Context, errs binding.Errors) b

 // SignUpOpenIDForm form for signin up with OpenID
 type SignUpOpenIDForm struct {
-	UserName string `binding:"Required;AlphaDashDot;MaxSize(35)"`
-	Email    string `binding:"Required;Email;MaxSize(254)"`
+	UserName           string `binding:"Required;AlphaDashDot;MaxSize(35)"`
+	Email              string `binding:"Required;Email;MaxSize(254)"`
+	GRecaptchaResponse string `form:"g-recaptcha-response"`
 }

 // Validate valideates the fields
--- a/modules/recaptcha/recaptcha.go
+++ b/modules/recaptcha/recaptcha.go
@ -0,0 +1,47 @@
+// Copyright 2018 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package recaptcha
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"net/url"
+	"time"
+
+	"code.gitea.io/gitea/modules/setting"
+)
+
+// Response is the structure of JSON returned from API
+type Response struct {
+	Success     bool      `json:"success"`
+	ChallengeTS time.Time `json:"challenge_ts"`
+	Hostname    string    `json:"hostname"`
+	ErrorCodes  []string  `json:"error-codes"`
+}
+
+const apiURL = "https://www.google.com/recaptcha/api/siteverify"
+
+// Verify calls Google Recaptcha API to verify token
+func Verify(response string) (bool, error) {
+	resp, err := http.PostForm(apiURL,
+		url.Values{"secret": {setting.Service.RecaptchaSecret}, "response": {response}})
+	if err != nil {
+		return false, fmt.Errorf("Failed to send CAPTCHA response: %s", err)
+	}
+	defer resp.Body.Close()
+	body, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return false, fmt.Errorf("Failed to read CAPTCHA response: %s", err)
+	}
+	var jsonResponse Response
+	err = json.Unmarshal(body, &jsonResponse)
+	if err != nil {
+		return false, fmt.Errorf("Failed to parse CAPTCHA response: %s", err)
+	}
+
+	return jsonResponse.Success, nil
+}
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@ -75,6 +75,12 @@ const (
 	RepoCreatingPublic             = "public"
 )

+// enumerates all the types of captchas
+const (
+	ImageCaptcha = "image"
+	ReCaptcha    = "recaptcha"
+)
+
 // settings
 var (
 	// AppVer settings
@ -1165,6 +1171,9 @@ var Service struct {
 	EnableReverseProxyAuth                  bool
 	EnableReverseProxyAutoRegister          bool
 	EnableCaptcha                           bool
+	CaptchaType                             string
+	RecaptchaSecret                         string
+	RecaptchaSitekey                        string
 	DefaultKeepEmailPrivate                 bool
 	DefaultAllowCreateOrganization          bool
 	EnableTimetracking                      bool
@ -1189,7 +1198,10 @@ func newService() {
 	Service.RequireSignInView = sec.Key("REQUIRE_SIGNIN_VIEW").MustBool()
 	Service.EnableReverseProxyAuth = sec.Key("ENABLE_REVERSE_PROXY_AUTHENTICATION").MustBool()
 	Service.EnableReverseProxyAutoRegister = sec.Key("ENABLE_REVERSE_PROXY_AUTO_REGISTRATION").MustBool()
-	Service.EnableCaptcha = sec.Key("ENABLE_CAPTCHA").MustBool()
+	Service.EnableCaptcha = sec.Key("ENABLE_CAPTCHA").MustBool(false)
+	Service.CaptchaType = sec.Key("CAPTCHA_TYPE").MustString(ImageCaptcha)
+	Service.RecaptchaSecret = sec.Key("RECAPTCHA_SECRET").MustString("")
+	Service.RecaptchaSitekey = sec.Key("RECAPTCHA_SITEKEY").MustString("")
 	Service.DefaultKeepEmailPrivate = sec.Key("DEFAULT_KEEP_EMAIL_PRIVATE").MustBool()
 	Service.DefaultAllowCreateOrganization = sec.Key("DEFAULT_ALLOW_CREATE_ORGANIZATION").MustBool(true)
 	Service.EnableTimetracking = sec.Key("ENABLE_TIMETRACKING").MustBool(true)