acts_as_textcaptcha 1.1.0 → 1.1.1
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +1 -1
- data/README.rdoc +113 -20
- data/VERSION +1 -1
- data/acts_as_textcaptcha.gemspec +60 -0
- data/lib/acts_as_textcaptcha.rb +8 -5
- data/lib/textcaptcha_helper.rb +2 -1
- metadata +4 -3
data/.gitignore
CHANGED
data/README.rdoc
CHANGED
|
@@ -1,37 +1,130 @@
|
|
|
1
|
-
=
|
|
1
|
+
= ActAsTextcaptcha
|
|
2
2
|
|
|
3
|
-
|
|
3
|
+
Spam protection for your ActiveRecord models using logic questions and the excellent {Text CAPTCHA}[http://textcaptcha.com] service.
|
|
4
4
|
|
|
5
|
-
|
|
5
|
+
ActAsTextcaptcha can *also* be configured with your very own logic questions (to fall back on if the textcaptcha service is down) or as a replacement for the service. The plugin can also make use of *bcrypt* *encryption*, to store the possible answers in your session (recommended if you are using the default Rails {CookieStore}[http://apidock.com/rails/CGI/Session/CookieStore])
|
|
6
6
|
|
|
7
|
-
|
|
7
|
+
Text CAPTCHA's logic questions are aimed at a child's age of 7, so can be solved easily by all but the most cognitively impaired users. As they involve human logic, such questions cannot be solved by a robot. There are both advantages and disadvantages for using logic questions over image based captchas, {find out more at Text CAPTCHA}[http://textcaptcha.com/why].
|
|
8
|
+
|
|
9
|
+
== Demo
|
|
8
10
|
|
|
9
|
-
|
|
11
|
+
A {fully working demo on heroku}[http://textcaptcha.heroku.com] will be available soon.
|
|
10
12
|
|
|
11
|
-
==
|
|
12
|
-
|
|
13
|
-
=== Requirements
|
|
13
|
+
== Requirements
|
|
14
14
|
|
|
15
15
|
What do you need?
|
|
16
16
|
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
==
|
|
17
|
+
* {Rails}[http://github.com/rails/rails] >= 2.3
|
|
18
|
+
* {Ruby}[http://ruby-lang.org/] >= 1.8.7
|
|
19
|
+
* {bcrypt-ruby}[http://bcrypt-ruby.rubyforge.org/] gem (to securely encrypt the spam answers in your session)
|
|
20
|
+
* {Text CAPTCHA api key}[http://textcaptcha.com/register] (_optional_, since you can define your own logic questions, see below for details)
|
|
21
|
+
* {Rspec}[http://rspec.info/] (_optional_ if you want to run the tests)
|
|
22
|
+
|
|
23
|
+
== Installing
|
|
24
|
+
|
|
25
|
+
Install the gems
|
|
26
|
+
|
|
27
|
+
sudo gem install acts_as_textcaptcha bcrypt-ruby
|
|
28
|
+
|
|
29
|
+
Or you can install it as a Rails plugin
|
|
30
|
+
|
|
31
|
+
script/plugin install git://github.com/hiddenloop/acts_as_textcaptcha
|
|
32
|
+
|
|
33
|
+
== Using
|
|
34
|
+
|
|
35
|
+
First, in your environment.rb file, add the gem to your config like so;
|
|
36
|
+
|
|
37
|
+
config.gem 'acts_as_textcaptcha'
|
|
38
|
+
|
|
39
|
+
Next configure your models to be spam protected like so; (this is the most basic way to configure the gem, with an api key only)
|
|
40
|
+
|
|
41
|
+
class Comment < ActiveRecord::Base
|
|
42
|
+
acts_as_textcaptcha({'api_key' => 'your_textcaptcha_api_key'})
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
Next in your controller *new* and *create* actions you'll want to _spamify_ your model like so. This generates a new spam question on the model;
|
|
46
|
+
|
|
47
|
+
def new
|
|
48
|
+
@comment = Comment.new
|
|
49
|
+
spamify(@comment)
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
def create
|
|
53
|
+
@comment = Comment.new(params[:comment])
|
|
54
|
+
if @comment.save
|
|
55
|
+
...
|
|
56
|
+
else
|
|
57
|
+
spamify(@comment)
|
|
58
|
+
render :action => 'new'
|
|
59
|
+
end
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
Finally, in your form/view erb do something like the following;
|
|
63
|
+
|
|
64
|
+
<%- if @comment.validate_spam_answer -%>
|
|
65
|
+
<%= f.hidden_field :spam_answer, :value => @comment.spam_answer -%>
|
|
66
|
+
<%- else -%>
|
|
67
|
+
<%= f.label :spam_answer, @comment.spam_question %>
|
|
68
|
+
<%= f.text_field :spam_answer, :value => '' %>
|
|
69
|
+
<%- end -%>
|
|
70
|
+
|
|
71
|
+
More configurations are available and will be explained here shortly. If your'e interested now, jump into the code.
|
|
72
|
+
|
|
73
|
+
== More Configurations
|
|
74
|
+
|
|
75
|
+
You can also configure ActAsTextcaptcha in the following ways.
|
|
76
|
+
|
|
77
|
+
=== Options hash
|
|
78
|
+
|
|
79
|
+
You can configure your models with the following options.
|
|
80
|
+
|
|
81
|
+
class Comment < ActiveRecord::Base
|
|
82
|
+
acts_as_textcaptcha({'api_key' => 'your_textcaptcha_api_key',
|
|
83
|
+
'bcrypt_salt' => '$2a$10$j0bmycH.SVfD1b5mpEGPpe',
|
|
84
|
+
'bcrypt_cost' => '3',
|
|
85
|
+
'questions' => [{'question' => '1+1', 'answers' => '2,two'},
|
|
86
|
+
{'question' => 'The green hat is what color?', 'answers' => 'green'}]})
|
|
87
|
+
end
|
|
88
|
+
|
|
89
|
+
* *api_key* (from textcaptcha)
|
|
90
|
+
* *bcrypt_salt* - used to encrypt valid possible answers in your session (recommended if you are using cookie session storage) NOTE: this must be a valid bcrypt salt; for security PLEASE CHANGE THIS, open irb and enter; require 'bcrypt'; BCrypt::Engine.generate_salt
|
|
91
|
+
* *bcrypt_cost* - an optional logarithmic var which determines how computational expensive the bcrypt hash is to calculate (a cost of 4 is twice as much work as a cost of 3 - default is 10)
|
|
92
|
+
* *questions* - an array of question and answer hashes (see above) A random question from this array will be asked if the textcaptcha web service fails
|
|
93
|
+
|
|
94
|
+
=== config/textcaptcha.yml
|
|
95
|
+
|
|
96
|
+
The above options can also be expressed in {textcaptcha.yml}[http://github.com/hiddenloop/acts_as_textcaptcha/raw/master/config/textcaptcha.yml] drop this into your Rails config folder.
|
|
97
|
+
|
|
98
|
+
It *also* is possible to configure without an api_key, and provide your own logic questions only.
|
|
99
|
+
|
|
100
|
+
== What does the code do?
|
|
101
|
+
|
|
102
|
+
* spam answers are not case-sensitive and left/right white space is trimmed
|
|
103
|
+
* if the textcaptcha service is down, the gem will look for user defined questions defined in the options
|
|
104
|
+
* if no questions are found, AND the service is down no spam protection will take place and the model will be valid
|
|
105
|
+
|
|
106
|
+
Will explain more soon, until then examine the code on github or browse the rdocs.
|
|
107
|
+
|
|
108
|
+
== Rake
|
|
109
|
+
|
|
110
|
+
* rake spec (run the tests)
|
|
111
|
+
* rake rcov (run tests showing coverage)
|
|
112
|
+
* rake rdoc (generate docs)
|
|
24
113
|
|
|
25
114
|
== Credits
|
|
26
115
|
|
|
27
116
|
Who's who?
|
|
28
117
|
|
|
29
|
-
*
|
|
118
|
+
* {ActsAsTextcaptcha}[http://github.com/hiddenloop/acts_as_textcaptcha] authored by {Matthew Hutchinson}[http://matthewhutchinson.net]
|
|
119
|
+
* {Text CAPTCHA}[http://textcaptcha.com] api and service by {Rob Tuley}[http://openknot.com/me/] at {Openknot}[http://openknot.com]
|
|
120
|
+
* Gem and code kindly hosted at {rubygems.org}[http://rubygems.org/gems/acts_as_textcaptcha] and {github.com}[http://github.com/hiddenloop/acts_as_textcaptcha]
|
|
30
121
|
|
|
31
|
-
==
|
|
122
|
+
== Usage
|
|
32
123
|
|
|
33
|
-
|
|
124
|
+
This code is currently used in a number of production websites and applications. It was originally extracted from code developed for {Bugle}[http://bugleblogs.com]
|
|
34
125
|
|
|
35
|
-
|
|
126
|
+
* {matthewhutchinson.net}[http://matthewhutchinson.net]
|
|
127
|
+
* {pmFAQtory.com}[http://pmfaqtory.com]
|
|
128
|
+
* {The FAQtory}[http://faqtory.heroku.com]
|
|
36
129
|
|
|
37
|
-
|
|
130
|
+
(if you're happily using acts_as_textcaptcha in production, let me know and I'll add your site/app to the list)
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.1.
|
|
1
|
+
1.1.1
|
|
@@ -0,0 +1,60 @@
|
|
|
1
|
+
# Generated by jeweler
|
|
2
|
+
# DO NOT EDIT THIS FILE DIRECTLY
|
|
3
|
+
# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
|
|
4
|
+
# -*- encoding: utf-8 -*-
|
|
5
|
+
|
|
6
|
+
Gem::Specification.new do |s|
|
|
7
|
+
s.name = %q{acts_as_textcaptcha}
|
|
8
|
+
s.version = "1.1.1"
|
|
9
|
+
|
|
10
|
+
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
11
|
+
s.authors = ["Matthew Hutchinson"]
|
|
12
|
+
s.date = %q{2010-04-20}
|
|
13
|
+
s.description = %q{Spam protection for your ActiveRecord models using logic questions and the excellent textcaptcha api. See textcaptcha.com for more details and to get your api key.
|
|
14
|
+
The logic questions are aimed at a child's age of 7, so can be solved easily by all but the most cognitively impaired users. As they involve human logic, such questions cannot be solved by a robot.
|
|
15
|
+
For more reasons on why logic questions are useful, see here; http://textcaptcha.com/why}
|
|
16
|
+
s.email = %q{matt@hiddenloop.com}
|
|
17
|
+
s.extra_rdoc_files = [
|
|
18
|
+
"LICENSE",
|
|
19
|
+
"README.rdoc"
|
|
20
|
+
]
|
|
21
|
+
s.files = [
|
|
22
|
+
".gitignore",
|
|
23
|
+
"LICENSE",
|
|
24
|
+
"README.rdoc",
|
|
25
|
+
"Rakefile",
|
|
26
|
+
"VERSION",
|
|
27
|
+
"acts_as_textcaptcha.gemspec",
|
|
28
|
+
"config/textcaptcha.yml",
|
|
29
|
+
"init.rb",
|
|
30
|
+
"lib/acts_as_textcaptcha.rb",
|
|
31
|
+
"lib/textcaptcha_helper.rb",
|
|
32
|
+
"rails/init.rb",
|
|
33
|
+
"spec/acts_as_textcaptcha_spec.rb",
|
|
34
|
+
"spec/database.yml",
|
|
35
|
+
"spec/schema.rb",
|
|
36
|
+
"spec/spec.opts",
|
|
37
|
+
"spec/spec_helper.rb"
|
|
38
|
+
]
|
|
39
|
+
s.homepage = %q{http://github.com/hiddenloop/acts_as_textcaptcha}
|
|
40
|
+
s.rdoc_options = ["--charset=UTF-8"]
|
|
41
|
+
s.require_paths = ["lib"]
|
|
42
|
+
s.rubygems_version = %q{1.3.6}
|
|
43
|
+
s.summary = %q{Spam protection for your models via logic questions and the excellent textcaptcha.com api}
|
|
44
|
+
s.test_files = [
|
|
45
|
+
"spec/acts_as_textcaptcha_spec.rb",
|
|
46
|
+
"spec/schema.rb",
|
|
47
|
+
"spec/spec_helper.rb"
|
|
48
|
+
]
|
|
49
|
+
|
|
50
|
+
if s.respond_to? :specification_version then
|
|
51
|
+
current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
|
|
52
|
+
s.specification_version = 3
|
|
53
|
+
|
|
54
|
+
if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
|
|
55
|
+
else
|
|
56
|
+
end
|
|
57
|
+
else
|
|
58
|
+
end
|
|
59
|
+
end
|
|
60
|
+
|
data/lib/acts_as_textcaptcha.rb
CHANGED
|
@@ -29,15 +29,18 @@ module ActsAsTextcaptcha #:nodoc:
|
|
|
29
29
|
|
|
30
30
|
|
|
31
31
|
module InstanceMethods
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
32
|
+
|
|
33
|
+
# override this method to toggle spam checking, default is on (true)
|
|
34
|
+
def perform_spam_check?; true end
|
|
35
|
+
|
|
36
|
+
# override this method to toggle allowing the model to be created, default is on (true)
|
|
37
|
+
# if returning false model.validate will always be false with errors on base
|
|
35
38
|
def allowed?; true end
|
|
36
39
|
|
|
37
40
|
def validate
|
|
38
41
|
if new_record?
|
|
39
42
|
if allowed?
|
|
40
|
-
if possible_answers &&
|
|
43
|
+
if possible_answers && perform_spam_check? && !validate_spam_answer
|
|
41
44
|
errors.add(:spam_answer, 'is incorrect, try another question instead')
|
|
42
45
|
return false
|
|
43
46
|
end
|
|
@@ -46,7 +49,7 @@ module ActsAsTextcaptcha #:nodoc:
|
|
|
46
49
|
return false
|
|
47
50
|
end
|
|
48
51
|
end
|
|
49
|
-
|
|
52
|
+
super
|
|
50
53
|
end
|
|
51
54
|
|
|
52
55
|
def validate_spam_answer
|
data/lib/textcaptcha_helper.rb
CHANGED
metadata
CHANGED
|
@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
|
|
|
5
5
|
segments:
|
|
6
6
|
- 1
|
|
7
7
|
- 1
|
|
8
|
-
-
|
|
9
|
-
version: 1.1.
|
|
8
|
+
- 1
|
|
9
|
+
version: 1.1.1
|
|
10
10
|
platform: ruby
|
|
11
11
|
authors:
|
|
12
12
|
- Matthew Hutchinson
|
|
@@ -14,7 +14,7 @@ autorequire:
|
|
|
14
14
|
bindir: bin
|
|
15
15
|
cert_chain: []
|
|
16
16
|
|
|
17
|
-
date: 2010-04-
|
|
17
|
+
date: 2010-04-20 00:00:00 +01:00
|
|
18
18
|
default_executable:
|
|
19
19
|
dependencies: []
|
|
20
20
|
|
|
@@ -36,6 +36,7 @@ files:
|
|
|
36
36
|
- README.rdoc
|
|
37
37
|
- Rakefile
|
|
38
38
|
- VERSION
|
|
39
|
+
- acts_as_textcaptcha.gemspec
|
|
39
40
|
- config/textcaptcha.yml
|
|
40
41
|
- init.rb
|
|
41
42
|
- lib/acts_as_textcaptcha.rb
|