invisible_captcha 0.8.0 → 0.8.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 03aab9758bfbaf12adb3913f5b37c8423d269c2e
-  data.tar.gz: 18e136fc292c192126f7c08d5d60286a4c86ba6b
+  metadata.gz: b7eba6a0efa0ea67bedde6d91063e95c22d3ea6c
+  data.tar.gz: ea76244a1e88963ffe3ac27f492fb50d3ac63401
 SHA512:
-  metadata.gz: c60cc1997f5748fef444f1eea60aa3a47b42ee6de60dffa8f320e346608e224594f4252efbe19d7df80edaf8c137729df4357162cb27f2e8b6c7fa1327aed94f
-  data.tar.gz: b5b62112cf6ea24aab60e66f589a0756d06e7337c7564e43cdea6a838023334c43e22cba5e486c3c8b1278fe1ef4829a5c925fea3e4917ba919677bd10710049
+  metadata.gz: 23c1ba38041202c3007b8f8283f19204d3487d0f6e32be065dea68ee35a39dd9eb11f14af4891a55053b4914f790de6dbb352e2a26c2b1f013573db56cfa598a
+  data.tar.gz: 12799ae4924800e64ffff0b50492e646e4aef7375eac687af9170732fb04c8ec2f6b56e9fb50d0c34c37fffc95235e3e108f7f15a77e675b760d2a6e9044ebbd

data/.gitignore

@@ -1,6 +1,8 @@
 .bundle
 pkg
 .rvmrc
+.ruby-version
+.ruby-gemset
 Gemfile.lock
 spec/dummy/log/*.log
-spec/dummy/tmp/
+spec/dummy/tmp/

data/.rspec

@@ -0,0 +1,2 @@
+--color
+--format documentation

data/README.md

@@ -115,19 +115,24 @@ This section contains a description of all plugin options and customizations.
 
 You can customize:
 
-* `sentence_for_humans`: text for real users if input field was visible.
-* `error_message`: error message thrown by model validation (only model implementation).
+* `sentence_for_humans`: text for real users if input field was visible. By default, it uses I18n (see below)
+* `error_message`: error message thrown by model validation (only model implementation - by default it uses I18n).
 * `honeypots`: collection of default honeypots, used by the view helper, called with no args, to generate the honeypot field name
 * `visual_honeypots`: make honeypots visible, also useful to test/debug your implementation.
+* `timestamp_threshold`: fastest time (4 seconds by default) to expect a human to submit the form (see [original article by Yoav Aner](http://blog.gingerlime.com/2012/simple-detection-of-comment-spam-in-rails/) outlining the idea)
+* `timestamp_error_message`: flash error message thrown when form submitted quicker than the `timestamp_threshold` value. It uses I18n by default.
 
 To change these defaults, add the following to an initializer (recommended `config/initializers/invisible_captcha.rb`):
 
 ```ruby
 InvisibleCaptcha.setup do |config|
-  config.sentence_for_humans = 'If you are a human, ignore this field'
-  config.error_message       = 'You are a robot!'
-  config.honeypots          += 'fake_resource_title'
-  config.visual_honeypots    = false
+  config.honeypots              += 'fake_resource_title'
+  config.visual_honeypots        = false
+  config.timestamp_threshold     = 4.seconds
+  # Leave these unset if you want to use I18n (see below)
+  # config.error_message           = 'You are a robot!'
+  # config.sentence_for_humans     = 'If you are a human, ignore this field'
+  # config.timestamp_error_message = 'Sorry, that was too quick! Please resubmit.'
 end
 ```
 
@@ -140,6 +145,7 @@ The `invisible_captcha` method accepts some options:
 * `honeypot`: name of honeypot.
 * `scope`: name of scope, ie: 'topic[subtitle]' -> 'topic' is the scope.
 * `on_spam`: custom callback to be called on spam detection.
+* `on_timestamp_spam`: custom callback to be called when form submitted too quickly.
 
 ### View helpers options:
 
@@ -153,6 +159,22 @@ Using the view/form helper you can override some defaults for the given instance
 <% end %>
 ```
 
+### I18n
+
+`invisible_captcha` tries to use I18n when it's available by default. The keys it looks for are the following:
+
+```yaml
+en:
+  invisible_captcha:
+    sentence_for_humans: "If you are human, ignore this field"
+    error_message: "You are a robot!"
+    timestamp_error_message: "Sorry, that was too quick! Please resubmit."
+```
+
+You can override the english ones in your own i18n config files as well as add new ones for other locales.
+
+If you intend to use I18n with `invisible_captcha`, you _must not_ set `sentence_for_humans`, `error_message` or `timestamp_error_message` to strings in the setup phase.
+
 ## Contribute
 
 Any kind of idea, feedback or bug report are welcome! Open an [issue](https://github.com/markets/invisible_captcha/issues) or send a [pull request](https://github.com/markets/invisible_captcha/pulls).

data/lib/invisible_captcha.rb

@@ -7,22 +7,46 @@ require 'invisible_captcha/railtie'
 
 module InvisibleCaptcha
   class << self
-    attr_accessor :sentence_for_humans, :error_message, :honeypots, :visual_honeypots
+    attr_writer :sentence_for_humans,
+                :timestamp_error_message,
+                :error_message
+
+    attr_accessor :honeypots,
+                  :timestamp_threshold,
+                  :visual_honeypots
 
     def init!
       # Default sentence for real users if text field was visible
-      self.sentence_for_humans = 'If you are a human, ignore this field'
+      self.sentence_for_humans = -> { I18n.t('invisible_captcha.sentence_for_humans', default: 'If you are a human, ignore this field') }
 
       # Default error message for validator
-      self.error_message = 'You are a robot!'
+      self.error_message = -> { I18n.t('invisible_captcha.error_message', default: 'You are a robot!') }
 
       # Default fake fields for controller based workflow
       self.honeypots = ['foo_id', 'bar_id', 'baz_id']
 
+      # Fastest time to expect a human to submit the form
+      self.timestamp_threshold = 4.seconds
+
+      # Default error message for validator when form submitted too quickly
+      self.timestamp_error_message = -> { I18n.t('invisible_captcha.timestamp_error_message', default: 'Sorry, that was too quick! Please resubmit.') }
+
       # Make honeypots visibles
       self.visual_honeypots = false
     end
 
+    def sentence_for_humans
+      call_lambda_or_return(@sentence_for_humans)
+    end
+
+    def error_message
+      call_lambda_or_return(@error_message)
+    end
+
+    def timestamp_error_message
+      call_lambda_or_return(@timestamp_error_message)
+    end
+
     def setup
       yield(self) if block_given?
     end
@@ -30,7 +54,13 @@ module InvisibleCaptcha
     def get_honeypot
       honeypots.sample
     end
+
+    private
+
+    def call_lambda_or_return(obj)
+      obj.respond_to?(:call) ? obj.call : obj
+    end
   end
 end
 
-InvisibleCaptcha.init!
+InvisibleCaptcha.init!

data/lib/invisible_captcha/controller_ext.rb

@@ -9,11 +9,21 @@ module InvisibleCaptcha
     end
 
     def detect_spam(options = {})
-      if invisible_captcha?(options)
+      if invisible_captcha_timestamp?(options)
+        on_timestamp_spam_action(options)
+      elsif invisible_captcha?(options)
         on_spam_action(options)
       end
     end
 
+    def on_timestamp_spam_action(options = {})
+      if action = options[:on_timestamp_spam]
+        send(action)
+      else
+        flash[:error] = InvisibleCaptcha.timestamp_error_message
+      end
+    end
+
     def on_spam_action(options = {})
       if action = options[:on_spam]
         send(action)
@@ -26,6 +36,18 @@ module InvisibleCaptcha
       head(200)
     end
 
+    def invisible_captcha_timestamp?(options = {})
+      timestamp       = session[:invisible_captcha_timestamp]
+      time_to_submit  = Time.zone.now - timestamp
+
+      # Consider as spam if form submitted too quickly
+      if timestamp && time_to_submit < InvisibleCaptcha.timestamp_threshold
+        logger.warn("Potential spam detected for IP #{request.env['REMOTE_ADDR']}. Invisible Captcha timestamp threshold not reached (took #{time_to_submit.to_i}s).")
+        return true
+      end
+      false
+    end
+
     def invisible_captcha?(options = {})
       honeypot = options[:honeypot]
       scope    = options[:scope] || controller_name.singularize
@@ -45,4 +67,4 @@ module InvisibleCaptcha
       false
     end
   end
-end
+end

data/lib/invisible_captcha/version.rb

@@ -1,3 +1,3 @@
 module InvisibleCaptcha
-  VERSION = "0.8.0"
+  VERSION = "0.8.1"
 end

data/lib/invisible_captcha/view_helpers.rb

@@ -6,6 +6,7 @@ module InvisibleCaptcha
     # @param scope [Symbol] name of honeypot scope, ie: topic => input name: topic[subtitle]
     # @return [String] the generated html
     def invisible_captcha(honeypot = nil, scope = nil, options = {})
+      session[:invisible_captcha_timestamp] ||= Time.zone.now
       build_invisible_captcha(honeypot, scope, options)
     end
 
@@ -29,7 +30,7 @@ module InvisibleCaptcha
     end
 
     def generate_html_id(honeypot, scope = nil)
-      "#{scope || honeypot}_#{Time.now.to_i}"
+      "#{scope || honeypot}_#{Time.zone.now.to_i}"
     end
 
     def visibility_css(container_id, options)
@@ -60,4 +61,4 @@ module InvisibleCaptcha
       end
     end
   end
-end
+end

data/spec/controllers_spec.rb

@@ -5,21 +5,62 @@ describe InvisibleCaptcha::ControllerExt, type: :controller do
 
   before { @controller = TopicsController.new }
 
-  it 'with spam' do
-    post :create, topic: { subtitle: 'foo' }
+  context 'submission timestamp_threshold' do
+    before do
+      session[:invisible_captcha_timestamp] = Time.zone.now
+    end
 
-    expect(response.body).to be_blank
-  end
+    it 'fails if submission before timestamp_threshold' do
+      post :create, topic: { title: 'foo' }
+
+      expect(response).to redirect_to(new_topic_path)
+      expect(flash[:error]).to eq(InvisibleCaptcha.timestamp_error_message)
+    end
+
+    it 'allow custom on_timestamp_spam callback', focus: true do
+      put :update, id: 1, topic: { title: 'bar' }
+
+      expect(response.body).to redirect_to(root_path)
+    end
+
+    context 'successful submissions' do
+      before do
+        # Wait for valid submission
+        sleep InvisibleCaptcha.timestamp_threshold
+      end
 
-  it 'with no spam' do
-    post :create, topic: { title: 'foo' }
+      it 'passes if submission on or after timestamp_threshold' do
+        post :create, topic: { title: 'foo' }
 
-    expect(response.body).to be_present
+        expect(flash[:error]).not_to be_present
+        expect(response.body).to be_present
+      end
+    end
   end
 
-  it 'allow custom on_spam callback' do
-    put :update, id: 1, topic: { subtitle: 'foo' }
+  context 'form field' do
+    before do
+      session[:invisible_captcha_timestamp] = Time.zone.now
+      # Wait for valid submission
+      sleep InvisibleCaptcha.timestamp_threshold
+    end
+
+    it 'with spam' do
+      post :create, topic: { subtitle: 'foo' }
+
+      expect(response.body).to be_blank
+    end
+
+    it 'with no spam' do
+      post :create, topic: { title: 'foo' }
+
+      expect(response.body).to be_present
+    end
+
+    it 'allow custom on_spam callback' do
+      put :update, id: 1, topic: { subtitle: 'foo' }
 
-    expect(response.body).to redirect_to(new_topic_path)
+      expect(response.body).to redirect_to(new_topic_path)
+    end
   end
-end
+end

data/spec/dummy/app/controllers/topics_controller.rb

@@ -1,6 +1,8 @@
 class TopicsController < ApplicationController
   invisible_captcha honeypot: :subtitle, only: :create
-  invisible_captcha honeypot: :subtitle, only: :update, on_spam: :custom_callback
+  invisible_captcha honeypot: :subtitle, only: :update,
+                              on_spam: :custom_callback,
+                              on_timestamp_spam: :custom_timestamp_callback
 
   def new
     @topic = Topic.new
@@ -24,4 +26,8 @@ class TopicsController < ApplicationController
   def custom_callback
     redirect_to new_topic_path
   end
+
+  def custom_timestamp_callback
+    redirect_to root_path
+  end
 end

data/spec/dummy/bin/bundle

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+load Gem.bin_path('bundler', 'bundle')

data/spec/dummy/bin/rails

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path('../../config/application', __FILE__)
+require_relative '../config/boot'
+require 'rails/commands'

data/spec/dummy/bin/rake

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative '../config/boot'
+require 'rake'
+Rake.application.run

data/spec/dummy/bin/setup

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+require 'pathname'
+
+# path to your application root.
+APP_ROOT = Pathname.new File.expand_path('../../',  __FILE__)
+
+Dir.chdir APP_ROOT do
+  # This script is a starting point to setup your application.
+  # Add necessary setup steps to this file:
+
+  puts "== Installing dependencies =="
+  system "gem install bundler --conservative"
+  system "bundle check || bundle install"
+
+  # puts "\n== Copying sample files =="
+  # unless File.exist?("config/database.yml")
+  #   system "cp config/database.yml.sample config/database.yml"
+  # end
+
+  puts "\n== Preparing database =="
+  system "bin/rake db:setup"
+
+  puts "\n== Removing old logs and tempfiles =="
+  system "rm -f log/*"
+  system "rm -rf tmp/cache"
+
+  puts "\n== Restarting application server =="
+  system "touch tmp/restart.txt"
+end

data/spec/dummy/config/application.rb

@@ -5,16 +5,27 @@ require 'action_view/railtie'
 require 'action_mailer/railtie'
 require 'active_model/railtie'
 
+# Require the gems listed in Gemfile, including any gems
+# you've limited to :test, :development, or :production.
 Bundler.require(*Rails.groups)
 
 require 'invisible_captcha'
 
 module Dummy
   class Application < Rails::Application
-    config.encoding = 'utf-8'
-    config.filter_parameters += [:password]
-    config.assets.enabled = true
-    config.assets.version = '1.0'
+    # Settings in config/environments/* take precedence over those specified here.
+    # Application configuration should go into files in config/initializers
+    # -- all .rb files in that directory are automatically loaded.
+
+    # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
+    # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
+    # config.time_zone = 'Central Time (US & Canada)'
+
+    # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
+    # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
+    # config.i18n.default_locale = :de
+
+    # Do not swallow errors in after_commit/after_rollback callbacks.
+    # config.active_record.raise_in_transactional_callbacks = true
   end
 end
-

data/spec/dummy/config/boot.rb

@@ -1,5 +1,3 @@
-# Set up gems listed in the Gemfile.
-ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../../../Gemfile', __FILE__)
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
 
-require 'bundler/setup' if File.exists?(ENV['BUNDLE_GEMFILE'])
-$LOAD_PATH.unshift File.expand_path('../../../../lib', __FILE__)
+require 'bundler/setup' # Set up gems listed in the Gemfile.

data/spec/dummy/config/environment.rb

@@ -1,5 +1,5 @@
-# Load the rails application
+# Load the Rails application.
 require File.expand_path('../application', __FILE__)
 
-# Initialize the rails application
-Dummy::Application.initialize!
+# Initialize the Rails application.
+Rails.application.initialize!

data/spec/dummy/config/environments/development.rb

@@ -1,30 +1,41 @@
-Dummy::Application.configure do
-  # Settings specified here will take precedence over those in config/application.rb
+Rails.application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
 
   # In the development environment your application's code is reloaded on
   # every request. This slows down response time but is perfect for development
   # since you don't have to restart the web server when you make code changes.
   config.cache_classes = false
 
-  # Log error messages when you accidentally call methods on nil.
-  config.whiny_nils = true
+  # Do not eager load code on boot.
+  config.eager_load = false
 
-  # Show full error reports and disable caching
+  # Show full error reports and disable caching.
   config.consider_all_requests_local       = true
   config.action_controller.perform_caching = false
 
-  # Don't care if the mailer can't send
+  # Don't care if the mailer can't send.
   config.action_mailer.raise_delivery_errors = false
 
-  # Print deprecation notices to the Rails logger
+  # Print deprecation notices to the Rails logger.
   config.active_support.deprecation = :log
 
-  # Only use best-standards-support built into browsers
-  config.action_dispatch.best_standards_support = :builtin
+  # Raise an error on page load if there are pending migrations.
+  # config.active_record.migration_error = :page_load
 
-  # Do not compress assets
-  config.assets.compress = false
-
-  # Expands the lines which load the assets
+  # Debug mode disables concatenation and preprocessing of assets.
+  # This option may cause significant delays in view rendering with a large
+  # number of complex assets.
   config.assets.debug = true
+
+  # Asset digests allow you to set far-future HTTP expiration dates on all assets,
+  # yet still be able to expire them through the digest params.
+  config.assets.digest = true
+
+  # Adds additional error checking when serving assets at runtime.
+  # Checks for improperly declared sprockets dependencies.
+  # Raises helpful error messages.
+  config.assets.raise_runtime_errors = true
+
+  # Raises error for missing translations
+  # config.action_view.raise_on_missing_translations = true
 end

data/spec/dummy/config/environments/production.rb

@@ -1,67 +1,79 @@
-Dummy::Application.configure do
-  # Settings specified here will take precedence over those in config/application.rb
+Rails.application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
 
-  # Code is not reloaded between requests
+  # Code is not reloaded between requests.
   config.cache_classes = true
 
-  # Full error reports are disabled and caching is turned on
+  # Eager load code on boot. This eager loads most of Rails and
+  # your application in memory, allowing both threaded web servers
+  # and those relying on copy on write to perform better.
+  # Rake tasks automatically ignore this option for performance.
+  config.eager_load = true
+
+  # Full error reports are disabled and caching is turned on.
   config.consider_all_requests_local       = false
   config.action_controller.perform_caching = true
 
-  # Disable Rails's static asset server (Apache or nginx will already do this)
-  config.serve_static_assets = false
+  # Enable Rack::Cache to put a simple HTTP cache in front of your application
+  # Add `rack-cache` to your Gemfile before enabling this.
+  # For large-scale production use, consider using a caching reverse proxy like
+  # NGINX, varnish or squid.
+  # config.action_dispatch.rack_cache = true
+
+  # Disable serving static files from the `/public` folder by default since
+  # Apache or NGINX already handles this.
+  config.serve_static_files = ENV['RAILS_SERVE_STATIC_FILES'].present?
 
-  # Compress JavaScripts and CSS
-  config.assets.compress = true
+  # Compress JavaScripts and CSS.
+  config.assets.js_compressor = :uglifier
+  # config.assets.css_compressor = :sass
 
-  # Don't fallback to assets pipeline if a precompiled asset is missed
+  # Do not fallback to assets pipeline if a precompiled asset is missed.
   config.assets.compile = false
 
-  # Generate digests for assets URLs
+  # Asset digests allow you to set far-future HTTP expiration dates on all assets,
+  # yet still be able to expire them through the digest params.
   config.assets.digest = true
 
-  # Defaults to nil and saved in location specified by config.assets.prefix
-  # config.assets.manifest = YOUR_PATH
+  # `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb
 
-  # Specifies the header that your server uses for sending files
-  # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
-  # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
+  # Specifies the header that your server uses for sending files.
+  # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache
+  # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
 
   # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
   # config.force_ssl = true
 
-  # See everything in the log (default is :info)
-  # config.log_level = :debug
+  # Use the lowest log level to ensure availability of diagnostic information
+  # when problems arise.
+  config.log_level = :debug
 
-  # Prepend all log lines with the following tags
+  # Prepend all log lines with the following tags.
   # config.log_tags = [ :subdomain, :uuid ]
 
-  # Use a different logger for distributed setups
+  # Use a different logger for distributed setups.
   # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
 
-  # Use a different cache store in production
+  # Use a different cache store in production.
   # config.cache_store = :mem_cache_store
 
-  # Enable serving of images, stylesheets, and JavaScripts from an asset server
-  # config.action_controller.asset_host = "http://assets.example.com"
-
-  # Precompile additional assets (application.js, application.css, and all non-JS/CSS are already added)
-  # config.assets.precompile += %w( search.js )
+  # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+  # config.action_controller.asset_host = 'http://assets.example.com'
 
-  # Disable delivery errors, bad email addresses will be ignored
+  # Ignore bad email addresses and do not raise email delivery errors.
+  # Set this to true and configure the email server for immediate delivery to raise delivery errors.
   # config.action_mailer.raise_delivery_errors = false
 
-  # Enable threaded mode
-  # config.threadsafe!
-
   # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
-  # the I18n.default_locale when a translation can not be found)
+  # the I18n.default_locale when a translation cannot be found).
   config.i18n.fallbacks = true
 
-  # Send deprecation notices to registered listeners
+  # Send deprecation notices to registered listeners.
   config.active_support.deprecation = :notify
 
-  # Log the query plan for queries taking more than this (works
-  # with SQLite, MySQL, and PostgreSQL)
-  # config.active_record.auto_explain_threshold_in_seconds = 0.5
+  # Use default logging formatter so that PID and timestamp are not suppressed.
+  config.log_formatter = ::Logger::Formatter.new
+
+  # Do not dump schema after migrations.
+  # config.active_record.dump_schema_after_migration = false
 end

data/spec/dummy/config/environments/test.rb

@@ -1,5 +1,5 @@
-Dummy::Application.configure do
-  # Settings specified here will take precedence over those in config/application.rb
+Rails.application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
 
   # The test environment is used exclusively to run your application's
   # test suite. You never need to work with it otherwise. Remember that
@@ -7,28 +7,36 @@ Dummy::Application.configure do
   # and recreated between test runs. Don't rely on the data there!
   config.cache_classes = true
 
-  # Configure static asset server for tests with Cache-Control for performance
-  config.serve_static_assets = true
-  config.static_cache_control = "public, max-age=3600"
+  # Do not eager load code on boot. This avoids loading your whole application
+  # just for the purpose of running a single test. If you are using a tool that
+  # preloads Rails for running tests, you may have to set it to true.
+  config.eager_load = false
 
-  # Log error messages when you accidentally call methods on nil
-  config.whiny_nils = true
+  # Configure static file server for tests with Cache-Control for performance.
+  config.serve_static_files   = true
+  config.static_cache_control = 'public, max-age=3600'
 
-  # Show full error reports and disable caching
+  # Show full error reports and disable caching.
   config.consider_all_requests_local       = true
   config.action_controller.perform_caching = false
 
-  # Raise exceptions instead of rendering exception templates
+  # Raise exceptions instead of rendering exception templates.
   config.action_dispatch.show_exceptions = false
 
-  # Disable request forgery protection in test environment
-  config.action_controller.allow_forgery_protection    = false
+  # Disable request forgery protection in test environment.
+  config.action_controller.allow_forgery_protection = false
 
   # Tell Action Mailer not to deliver emails to the real world.
   # The :test delivery method accumulates sent emails in the
   # ActionMailer::Base.deliveries array.
   config.action_mailer.delivery_method = :test
 
-  # Print deprecation notices to the stderr
+  # Randomize the order test cases are executed.
+  config.active_support.test_order = :random
+
+  # Print deprecation notices to the stderr.
   config.active_support.deprecation = :stderr
+
+  # Raises error for missing translations
+  # config.action_view.raise_on_missing_translations = true
 end

data/spec/dummy/config/initializers/assets.rb

@@ -0,0 +1,11 @@
+# Be sure to restart your server when you modify this file.
+
+# Version of your assets, change this if you want to expire all your assets.
+Rails.application.config.assets.version = '1.0'
+
+# Add additional assets to the asset load path
+# Rails.application.config.assets.paths << Emoji.images_path
+
+# Precompile additional assets.
+# application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
+# Rails.application.config.assets.precompile += %w( search.js )

data/spec/dummy/config/initializers/cookies_serializer.rb

@@ -0,0 +1,3 @@
+# Be sure to restart your server when you modify this file.
+
+Rails.application.config.action_dispatch.cookies_serializer = :marshal

data/spec/dummy/config/initializers/filter_parameter_logging.rb

@@ -0,0 +1,4 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure sensitive parameters which will be filtered from the log file.
+Rails.application.config.filter_parameters += [:password]

data/spec/dummy/config/initializers/inflections.rb

@@ -1,15 +1,16 @@
 # Be sure to restart your server when you modify this file.
 
-# Add new inflection rules using the following format
-# (all these examples are active by default):
-# ActiveSupport::Inflector.inflections do |inflect|
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
 #   inflect.plural /^(ox)$/i, '\1en'
 #   inflect.singular /^(ox)en/i, '\1'
 #   inflect.irregular 'person', 'people'
 #   inflect.uncountable %w( fish sheep )
 # end
-#
+
 # These inflection rules are supported but not enabled by default:
-# ActiveSupport::Inflector.inflections do |inflect|
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
 #   inflect.acronym 'RESTful'
 # end

data/spec/dummy/config/initializers/mime_types.rb

@@ -2,4 +2,3 @@
 
 # Add new mime types for use in respond_to blocks:
 # Mime::Type.register "text/richtext", :rtf
-# Mime::Type.register_alias "text/html", :iphone

data/spec/dummy/config/initializers/session_store.rb

@@ -1,8 +1,3 @@
 # Be sure to restart your server when you modify this file.
 
-Dummy::Application.config.session_store :cookie_store, key: '_dummy_session'
-
-# Use the database for sessions instead of the cookie-based default,
-# which shouldn't be used to store highly confidential information
-# (create the session table with "rails generate session_migration")
-# Dummy::Application.config.session_store :active_record_store
+Rails.application.config.session_store :cookie_store, key: '_dummy_session'

data/spec/dummy/config/initializers/wrap_parameters.rb

@@ -1,9 +1,14 @@
 # Be sure to restart your server when you modify this file.
-#
+
 # This file contains settings for ActionController::ParamsWrapper which
 # is enabled by default.
 
 # Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
 ActiveSupport.on_load(:action_controller) do
-  wrap_parameters format: [:json]
+  wrap_parameters format: [:json] if respond_to?(:wrap_parameters)
 end
+
+# To enable root element in JSON for ActiveRecord objects.
+# ActiveSupport.on_load(:active_record) do
+#  self.include_root_in_json = true
+# end

data/spec/dummy/config/locales/en.yml

@@ -1,5 +1,23 @@
-# Sample localization file for English. Add more files in this directory for other locales.
-# See https://github.com/svenfuchs/rails-i18n/tree/master/rails%2Flocale for starting points.
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+#     I18n.t 'hello'
+#
+# In views, this is aliased to just `t`:
+#
+#     <%= t('hello') %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+#     I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# To learn more, please read the Rails Internationalization guide
+# available at http://guides.rubyonrails.org/i18n.html.
 
 en:
   hello: "Hello world"

data/spec/dummy/config/routes.rb

@@ -1,4 +1,4 @@
-Dummy::Application.routes.draw do
+Rails.application.routes.draw do
   resources :topics, only: [:new, :create, :update]
 
   root to: 'topics#new'

data/spec/dummy/config/secrets.yml

@@ -0,0 +1,22 @@
+# Be sure to restart your server when you modify this file.
+
+# Your secret key is used for verifying the integrity of signed cookies.
+# If you change this key, all old signed cookies will become invalid!
+
+# Make sure the secret is at least 30 characters and all random,
+# no regular words or you'll be exposed to dictionary attacks.
+# You can use `rake secret` to generate a secure secret key.
+
+# Make sure the secrets in this file are kept private
+# if you're sharing your code publicly.
+
+development:
+  secret_key_base: d55ed9a6ec6fc0b93d2404994c8632220ab5835d77ccbd52760c6fc4b9e0c83f87d78d9c2b66d366a698933feeac81efc445b29bad22c9f267ebdadbc5aebbd4
+
+test:
+  secret_key_base: 5df5772ea2c76236d1444a2e7a491c9f99f9bc96770b6b52e995555ea7a70b2bd3a3d0a45bbe7d32bf1a0eb450db7e32a838e6aa17c494b464ff381bb4bf9910
+
+# Do not keep production secrets in the repository,
+# instead read values from the environment.
+production:
+  secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>

data/spec/invisible_captcha_spec.rb

@@ -6,6 +6,8 @@ describe InvisibleCaptcha do
 
     expect(InvisibleCaptcha.sentence_for_humans).to eq('If you are a human, ignore this field')
     expect(InvisibleCaptcha.error_message).to eq('You are a robot!')
+    expect(InvisibleCaptcha.timestamp_threshold).to eq(4.seconds)
+    expect(InvisibleCaptcha.timestamp_error_message).to eq('Sorry, that was too quick! Please resubmit.')
     expect(InvisibleCaptcha.honeypots).to eq(['foo_id', 'bar_id', 'baz_id'])
   end
 
@@ -16,4 +18,37 @@ describe InvisibleCaptcha do
 
     expect(InvisibleCaptcha.sentence_for_humans).to eq('Another sentence')
   end
-end
+
+  it 'It uses I18n when available' do
+    InvisibleCaptcha.init!
+
+    I18n.available_locales = [:en, :fr]
+
+    I18n.backend.store_translations(:en,
+                                    'invisible_captcha' => {
+                                       'sentence_for_humans' => "Can't touch this",
+                                       'error_message' => 'MR ROBOT',
+                                       'timestamp_error_message' => 'Fast and furious' })
+
+    I18n.backend.store_translations(:fr,
+                                    'invisible_captcha' => {
+                                       'sentence_for_humans' => 'Ne touchez pas',
+                                       'error_message' => 'Mon dieu, un robot!',
+                                       'timestamp_error_message' => 'Plus doucement SVP' })
+
+    I18n.locale = :en
+    expect(InvisibleCaptcha.sentence_for_humans).to eq("Can't touch this")
+    expect(InvisibleCaptcha.error_message).to eq('MR ROBOT')
+    expect(InvisibleCaptcha.timestamp_error_message).to eq('Fast and furious')
+
+    I18n.locale = :fr
+    expect(InvisibleCaptcha.sentence_for_humans).to eq('Ne touchez pas')
+    expect(InvisibleCaptcha.error_message).to eq('Mon dieu, un robot!')
+    expect(InvisibleCaptcha.timestamp_error_message).to eq('Plus doucement SVP')
+
+    I18n.backend.reload!
+    expect(InvisibleCaptcha.sentence_for_humans).to eq('If you are a human, ignore this field')
+    expect(InvisibleCaptcha.error_message).to eq('You are a robot!')
+    expect(InvisibleCaptcha.timestamp_error_message).to eq('Sorry, that was too quick! Please resubmit.')
+  end
+end

data/spec/spec_helper.rb

@@ -13,4 +13,4 @@ RSpec.configure do |config|
   config.mock_with :rspec do |mocks|
     mocks.verify_partial_doubles = true
   end
-end
+end

data/spec/validator_spec.rb

@@ -9,4 +9,4 @@ describe InvisibleCaptcha::InvisibleCaptchaValidator do
     expect(topic.valid?).to be false
     expect(topic.errors.messages[:base]).to eq [InvisibleCaptcha.error_message]
   end
-end
+end

data/spec/view_helpers_spec.rb

@@ -22,7 +22,7 @@ describe InvisibleCaptcha::ViewHelpers, type: :helper do
   end
 
   before do
-    allow(Time).to receive(:now).and_return(Time.parse('Feb 19 1986'))
+    allow(Time.zone).to receive(:now).and_return(Time.zone.parse('Feb 19 1986'))
     InvisibleCaptcha.visual_honeypots = false
   end
 
@@ -60,4 +60,10 @@ describe InvisibleCaptcha::ViewHelpers, type: :helper do
       expect(invisible_captcha(visual_honeypots: false)).to eq(helper_output(nil, nil, visual_honeypots: false))
     end
   end
-end
+
+  it 'should set spam timestamp' do
+    InvisibleCaptcha.honeypots = [:foo_id]
+    invisible_captcha
+    expect(session[:invisible_captcha_timestamp]).to eq(Time.zone.now)
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: invisible_captcha
 version: !ruby/object:Gem::Version
-  version: 0.8.0
+  version: 0.8.1
 platform: ruby
 authors:
 - Marc Anguera Insa
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-04-12 00:00:00.000000000 Z
+date: 2016-04-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -47,6 +47,7 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".gitignore"
+- ".rspec"
 - ".travis.yml"
 - Gemfile
 - LICENSE
@@ -73,6 +74,10 @@ files:
 - spec/dummy/app/models/topic.rb
 - spec/dummy/app/views/layouts/application.html.erb
 - spec/dummy/app/views/topics/new.html.erb
+- spec/dummy/bin/bundle
+- spec/dummy/bin/rails
+- spec/dummy/bin/rake
+- spec/dummy/bin/setup
 - spec/dummy/config.ru
 - spec/dummy/config/application.rb
 - spec/dummy/config/boot.rb
@@ -80,7 +85,10 @@ files:
 - spec/dummy/config/environments/development.rb
 - spec/dummy/config/environments/production.rb
 - spec/dummy/config/environments/test.rb
+- spec/dummy/config/initializers/assets.rb
 - spec/dummy/config/initializers/backtrace_silencers.rb
+- spec/dummy/config/initializers/cookies_serializer.rb
+- spec/dummy/config/initializers/filter_parameter_logging.rb
 - spec/dummy/config/initializers/inflections.rb
 - spec/dummy/config/initializers/invisible_captcha.rb
 - spec/dummy/config/initializers/mime_types.rb
@@ -89,6 +97,7 @@ files:
 - spec/dummy/config/initializers/wrap_parameters.rb
 - spec/dummy/config/locales/en.yml
 - spec/dummy/config/routes.rb
+- spec/dummy/config/secrets.yml
 - spec/dummy/lib/assets/.gitkeep
 - spec/dummy/log/.gitkeep
 - spec/dummy/public/404.html
@@ -138,6 +147,10 @@ test_files:
 - spec/dummy/app/models/topic.rb
 - spec/dummy/app/views/layouts/application.html.erb
 - spec/dummy/app/views/topics/new.html.erb
+- spec/dummy/bin/bundle
+- spec/dummy/bin/rails
+- spec/dummy/bin/rake
+- spec/dummy/bin/setup
 - spec/dummy/config.ru
 - spec/dummy/config/application.rb
 - spec/dummy/config/boot.rb
@@ -145,7 +158,10 @@ test_files:
 - spec/dummy/config/environments/development.rb
 - spec/dummy/config/environments/production.rb
 - spec/dummy/config/environments/test.rb
+- spec/dummy/config/initializers/assets.rb
 - spec/dummy/config/initializers/backtrace_silencers.rb
+- spec/dummy/config/initializers/cookies_serializer.rb
+- spec/dummy/config/initializers/filter_parameter_logging.rb
 - spec/dummy/config/initializers/inflections.rb
 - spec/dummy/config/initializers/invisible_captcha.rb
 - spec/dummy/config/initializers/mime_types.rb
@@ -154,6 +170,7 @@ test_files:
 - spec/dummy/config/initializers/wrap_parameters.rb
 - spec/dummy/config/locales/en.yml
 - spec/dummy/config/routes.rb
+- spec/dummy/config/secrets.yml
 - spec/dummy/lib/assets/.gitkeep
 - spec/dummy/log/.gitkeep
 - spec/dummy/public/404.html