card-mod-recaptcha 0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 54d5a0b7d291ab0be1e56645e7dbcb16580155cd3215b98d4fb29a7f734e1bb3
+  data.tar.gz: ef923fc2f02ae4c15614ca1c005b5d5dec7771cfbc5cb395344513231b0a5a0f
+SHA512:
+  metadata.gz: aa2c2cacd1f7409f3c22a7051d518017d2226b3ded97abb9ff0db24b66e86c14808bcb620d3944b18838666492d5073bcd748fccfc22a4eb65c10956e9f9f2a7
+  data.tar.gz: 77afdbd9ec793079a3e1b80021c06ce2915a97bf7f184c35b5b9f39637817b8b56845dd9823005fd6e439c5951f7ffdda7834686eed400077dd00db80a2f7442

data/config/initializers/recaptcha.rb

@@ -0,0 +1,55 @@
+# -*- encoding : utf-8 -*-
+require "recaptcha"
+
+# This initializer module is mostly here to avoid adding methods/vars to the Object
+# namespace
+module RecaptchaCard
+  @deprecated = {
+    recaptcha_site_key: :recaptcha_public_key,
+    recaptcha_secret_key: :recaptcha_private_key
+  }
+  @defaults = {
+    recaptcha_site_key: "6LdoqpgUAAAAAEdhJ4heI1h3XLlpXcDf0YubriCG",
+    recaptcha_secret_key: "6LdoqpgUAAAAAP4Sz1L5PY6VKrum_RFxq4-awj4BH"
+  }
+
+  mattr_accessor :using_card_defaults
+
+  class << self
+    def load_recaptcha_config setting
+      setting = "recaptcha_#{setting}".to_sym
+      Cardio.config.send "#{setting}=", recaptcha_setting_value(setting)
+    end
+
+    def using_defaults?
+      Cardio.config.recaptcha_site_key == @defaults[:recaptcha_site_key]
+    end
+
+    # card config overrides application.rb config overrides default
+    def recaptcha_setting_value setting
+      card_value(setting) ||                  # card content
+        config_value(setting) ||              # application.rb (current setting)
+        config_value(@deprecated[setting]) || # application.rb (deprecated setting)
+        @defaults[setting]
+    end
+
+    def config_value setting
+      Cardio.config.send setting
+    end
+
+    def card_value setting
+      return unless Card::Codename.exist? setting # prevents breakage in migrations
+      value = Card[setting]&.content
+      value if value.present?
+    end
+  end
+end
+
+ActiveSupport.on_load :after_card do
+  Recaptcha.configure do |config|
+    %i[site_key secret_key].each do |setting|
+      config.send "#{setting}=", RecaptchaCard.load_recaptcha_config(setting)
+    end
+    config.verify_url = "https://www.google.com/recaptcha/api/siteverify"
+  end
+end

data/set/all/recaptcha.rb

@@ -0,0 +1,102 @@
+RECAPTCHA_ERROR_CODES = {  # LOCALIZE
+  "missing-input-secret" =>	"secret parameter is missing",
+  "invalid-input-secret" =>	"secret parameter is invalid or malformed",
+  "missing-input-response" =>	"response parameter is missing",
+  "invalid-input-response" =>	"response parameter is invalid or malformed",
+  "bad-request" =>	"request is invalid or malformed"
+}
+
+def human?
+  result = JSON.parse recaptcha_response
+  return if recaptcha_success?(result)
+
+  add_recaptcha_errors result["error-codes"]
+end
+
+def recaptcha_on?
+  recaptcha_keys? &&
+    Env[:controller] &&
+    !Auth.signed_in? &&
+    !Auth.always_ok? &&
+    !Auth.needs_setup? &&
+    Card::Rule.toggle(rule(:captcha))
+end
+
+def add_recaptcha_errors error_codes
+  if error_codes.present?
+    error_codes.each do |code|
+      errors.add :recaptcha, RECAPTCHA_ERROR_CODES.fetch(code, code)
+    end
+  else
+    errors.add :recaptcha, "Looks like you are not a human" # LOCALIZE
+  end
+end
+
+def recaptcha_success? result
+  result['success'] &&
+    (result['score'].to_f >= Cardio.config.recaptcha_minimum_score) &&
+    (result['action'].to_sym == action.to_sym)
+end
+
+def recaptcha_response
+  ::Recaptcha.get({ secret: Card.config.recaptcha_secret_key,
+                    response: Env.params[:recaptcha_token] }, {})
+end
+
+def recaptcha_keys?
+  Card.config.recaptcha_site_key && Card.config.recaptcha_secret_key
+end
+
+event :recaptcha, :validate, when: :validate_recaptcha? do
+  handle_recaptcha_config_errors do
+    Env[:recaptcha_used] = true
+    human?
+  end
+end
+
+def handle_recaptcha_config_errors
+  if Env.params[:recaptcha_token] == "grecaptcha-undefined"
+    errors.add "recaptcha", "needs correct v3 configuration" # LOCALILZE
+  elsif Env.params[:recaptcha_token] == "recaptcha-token-field-missing"
+    raise Card::Error, "recaptcha token field missing" # LOCALILZE
+  else
+    yield
+  end
+end
+
+
+def validate_recaptcha?
+  !@supercard && !Env[:recaptcha_used] && recaptcha_on?
+end
+
+format :html do
+  def recaptcha_token action
+    output [
+      javascript_include_tag(recaptcha_script_url),
+      hidden_field_tag("recaptcha_token", "",
+                       "data-site-key": Card.config.recaptcha_site_key,
+                       "data-action": action,
+                       class: "_recaptcha-token")
+    ]
+  end
+
+  def recaptcha_script_url
+    "https://www.google.com/recaptcha/api.js?render=#{Card.config.recaptcha_site_key}"
+  end
+
+  def hidden_form_tags action, opts
+    return super unless recaptcha?(opts)
+
+    super + recaptcha_token(action)
+  end
+
+  def card_form_html_opts action, opts={}
+    super
+    opts["data-recaptcha"] ||= "on" if recaptcha?(opts)
+    opts
+  end
+
+  def recaptcha? opts
+    card.recaptcha_on? && opts[:recaptcha] != :off
+  end
+end

data/set/self/admin_info.rb

@@ -0,0 +1,32 @@
+add_to_basket :warnings, :recaptcha_config_issues
+
+def recaptcha_config_issues?
+  RecaptchaCard.using_defaults?
+end
+
+format :html do
+  def recaptcha_config_issues_message
+    warning =
+      if Card::Env.localhost?
+        # %(Your captcha is currently working with temporary settings.
+        #   This is fine for a local installation, but you will need new
+        #   recaptcha keys if you want to make this site public.)
+        I18n.t(:captcha_temp, scope: "mod.admin.set.self.admin_info",
+                              recaptcha_link: add_recaptcha_keys_link)
+      else
+        # %(You are configured to use [[*captcha]], but for that to work
+        #   you need new recaptcha keys.)
+        I18n.t(:captcha_keys, scope: "mod.admin.set.self.admin_info",
+                              recaptcha_link: add_recaptcha_keys_link,
+                              captcha_link: link_to_card(:captcha))
+      end
+    <<-HTML
+        <p>#{warning}</p>
+    HTML
+  end
+
+  def add_recaptcha_keys_link
+    link_text = I18n.t :recaptcha_keys, scope: "mod.admin.set.self.admin_info"
+    Card[:recaptcha_settings]&.format&.edit_link link_text: link_text
+  end
+end

data/set/self/recaptcha_proxy.rb

@@ -0,0 +1,3 @@
+event :set_recaptcha_proxy, :finalize do
+  Card.config.recaptcha_proxy = content
+end

data/set/self/recaptcha_secret_key.rb

@@ -0,0 +1,9 @@
+event :validate_recaptcha_secret_key, :validate do
+  return if content.match?(/^[a-zA-Z0-9\-_]*$/)
+
+  errors.add :content, "invalid key" # LOCALIZE
+end
+
+event :set_recaptcha_secret_key, :finalize do
+  Card.config.recaptcha_secret_key = content
+end

data/set/self/recaptcha_settings.rb

@@ -0,0 +1,44 @@
+format :html do
+  def raw_help_text
+    # LOCALIZE
+    "Register your domain at Google's [[http://google.com/recaptcha|reCAPTCHA service]] "\
+    "and enter your site key and secret key below.<br>"\
+    "If you want to turn catchas off then change all [[*captcha|captcha rules]] to 'no'."
+  end
+
+  # def instructions title, steps
+  #   steps = list_tag steps, ordered: true
+  #   "#{title}#{steps}"
+  # end
+  #
+  #       <h5>#{instructions}</h5>
+  #       #{howto_add_new_recaptcha_keys}
+  #       #{howto_turn_captcha_off}
+  #
+  # def howto_add_new_recaptcha_keys
+  #   instructions(
+  #     I18n.t(:howto_add_keys, scope: "mod.admin.set.self.admin_info"),
+  #     [
+  #       I18n.t(:howto_register,
+  #              scope: "mod.admin.set.self.admin_info",
+  #              recaptcha_link: link_to_resource("http://google.com/recaptcha")),
+  #       I18n.t(:howto_add,
+  #              scope: "mod.admin.set.self.admin_info",
+  #              recaptcha_settings: link_to_card(:recaptcha_settings))
+  #     ]
+  #   )
+  # end
+  #
+  # def howto_turn_captcha_off
+  #   instructions(
+  #     I18n.t(:howto_turn_off, scope: "mod.admin.set.self.admin_info"),
+  #     [
+  #       I18n.t(:howto_go,
+  #              scope: "mod.admin.set.self.admin_info",
+  #              captcha_card: link_to_card(:captcha)),
+  #       I18n.t(:howto_update,
+  #              scope: "mod.admin.set.self.admin_info")
+  #     ]
+  #   )
+  # end
+end

data/set/self/recaptcha_site_key.rb

@@ -0,0 +1,9 @@
+event :validate_recaptcha_site_key, :validate do
+  return if content.match?(/^[a-zA-Z0-9\-_]*$/)
+
+  errors.add :content, "invalid key" # LOCALIZE
+end
+
+event :set_recaptcha_site_key, :finalize do
+  Card.config.recaptcha_site_key = content
+end

metadata

@@ -0,0 +1,54 @@
+--- !ruby/object:Gem::Specification
+name: card-mod-recaptcha
+version: !ruby/object:Gem::Version
+  version: '0.1'
+platform: ruby
+authors:
+- Ethan McCutchen
+- Philipp Kühl
+- Gerry Gleason
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2020-09-19 00:00:00.000000000 Z
+dependencies: []
+description: ''
+email:
+- info@decko.org
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- config/initializers/recaptcha.rb
+- set/all/recaptcha.rb
+- set/self/admin_info.rb
+- set/self/recaptcha_proxy.rb
+- set/self/recaptcha_secret_key.rb
+- set/self/recaptcha_settings.rb
+- set/self/recaptcha_site_key.rb
+homepage: http://decko.org
+licenses:
+- GPL-2.0
+- GPL-3.0
+metadata:
+  card-mod: recaptcha
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.3.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.0.3
+signing_key:
+specification_version: 4
+summary: recaptcha support for decko
+test_files: []