new_google_recaptcha 0.1.0 → 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f5410e7d18af6d1a30e7b679a10975ecfa59eccd6902efaf1e569de236920ac1
4
- data.tar.gz: 578c1cbf8e7c1743dc26d71c44358625b4dfab5818c4bd6a69474ae90828fe7f
3
+ metadata.gz: fa810b760940cf717035ca4440a7fdc6fa770cde651ff6b987c0e10d0a471718
4
+ data.tar.gz: 41af27ec27a704388b0bc6e946fbf3ee595a261df8b90355720a9f6cb9742131
5
5
  SHA512:
6
- metadata.gz: c7298d1b499360f7051c2488858921eb3f52c37159bb34470b8362ddeb63bf0934dd55db85966ed87299ad845b5fc52ca518f4f31c61cc76303da8e89d88c398
7
- data.tar.gz: 3e7b5476d418e5e2d441797a1fc9af65c9909c711a924778c160f815c08edb5f6ead189fddc13f23b973016feba8e9e222f44c26c1157a497d9487947f44a705
6
+ metadata.gz: d378417f2010faed2b3bea508a54d17ddf66ca38766ba5d8c9ec3224a04742000c56a2121a1ec07217c86bfa59f2e36a7d84b680617cac2bb700093c0da39930
7
+ data.tar.gz: 9a3dad7d9fb2236905e94a970e499935b52f2d9281e56a9612c3439ccc229aa545afc43fb8a3c0992de4c7faa0551a0047b89064be9fd9dfd8b1ee74f937bd73
data/README.md CHANGED
@@ -10,17 +10,22 @@ Recaptcha v3 documentation: https://developers.google.com/recaptcha/docs/v3
10
10
 
11
11
  - Open https://www.google.com/recaptcha/admin#list
12
12
  - register a new site
13
- - copy `site_key` and `secret_key` and put into config/initializer/new_google_recaptcha.rb
13
+ - copy `site_key` and `secret_key` and put into config/initializers/new_google_recaptcha.rb
14
+ - optionally, change the `minimum_score` in the initializer to a preferred float value (from 0.0 to 1.0)
14
15
  - in layout:
15
16
  ```erb
16
17
  <head>
17
18
  ...
18
- <%= include_recaptcha_js %>
19
+ <%= yield :recaptcha_js %>
19
20
  </head>
20
21
  ```
21
22
  - in view where you for example you have a form:
22
23
  ```erb
24
+ <%= content_for :recaptcha_js do %>
25
+ <%= include_recaptcha_js %>
26
+ <% end %>
23
27
  <form ...>
28
+ <%#= 'checkout' is action name to be verified later %>
24
29
  <%= recaptcha_action('checkout') %>
25
30
  </form>
26
31
  ```
@@ -28,7 +33,12 @@ Recaptcha v3 documentation: https://developers.google.com/recaptcha/docs/v3
28
33
  ```ruby
29
34
  def create
30
35
  @post = Post.new(post_params)
31
- if NewGoogleRecaptcha.human?(params[:new_google_recaptcha_token], @post) && @post.save
36
+ if NewGoogleRecaptcha.human?(
37
+ params[:new_google_recaptcha_token],
38
+ "checkout",
39
+ NewGoogleRecaptcha.minimum_score,
40
+ @post
41
+ ) && @post.save
32
42
  redirect_to @post, notice: 'Post was successfully created.'
33
43
  else
34
44
  render :new
@@ -36,12 +46,29 @@ Recaptcha v3 documentation: https://developers.google.com/recaptcha/docs/v3
36
46
  end
37
47
  ```
38
48
 
39
- Also you can verify token without adding error to model:
49
+ There are two mandatory arguments for `human?` method:
50
+
51
+ - `token` - token valid for your site
52
+ - `action` - the action name for this request
53
+ (the gem checks if it is the same as the name used with the token,
54
+ otherwise a hacker could replace it on frontend to some another action used,
55
+ but with lower score requirement and thus pass the verification)
56
+
57
+ You can verify recaptcha without using these arguments:
58
+
59
+ - `minimum_score` - defaults to value set in the initializer
60
+ (reCAPTCHA recommends using 0.5 as default)
61
+ - `model` - defaults to `nil` which will result in not adding an error to model;
62
+ any custom failure handling is applicable here
63
+
64
+ like this:
40
65
 
41
66
  ```ruby
42
- NewGoogleRecaptcha.human?(params[:new_google_recaptcha_token])
67
+ NewGoogleRecaptcha.human?(params[:new_google_recaptcha_token], "checkout")
43
68
  ```
44
69
 
70
+ Add to your navigation links `data-turbolinks="false"` to make it works with `turbolinks`.
71
+
45
72
  ## Installation
46
73
 
47
74
  ```ruby
@@ -68,7 +95,7 @@ And edit new_google_recaptcha.rb and enter your site_key and secret_key.
68
95
  - token is received from google, must be sent to backend
69
96
  - model optional parameter. if you want to add error to model.
70
97
 
71
- **<%= include_recaptcha_js %>** in layout
98
+ **<%= include_recaptcha_js %>** in layout (by using yield)
72
99
 
73
100
  Include Google Recaptcha v3 JS into your Rails app. In head, right before `</head>`.
74
101
 
@@ -76,19 +103,41 @@ Include Google Recaptcha v3 JS into your Rails app. In head, right before `</hea
76
103
 
77
104
  Action where recaptcha action was executed. Actions could be viewed in Admin console. More docs: https://developers.google.com/recaptcha/docs/v3. Action name could be "comments", "checkout", etc. Put any name and check scores in console.
78
105
 
106
+ ## I18n support
107
+ reCAPTCHA passes one types of error explanation to a linked model. It will use the I18n gem
108
+ to translate the default error message if I18n is available. To customize the messages to your locale,
109
+ add these keys to your I18n backend:
110
+
111
+ `new_google_recaptcha.errors.verification_human` error message displayed when it is something like a robot, or a suspicious action
112
+
113
+ Also you can translate API response errors to human friendly by adding translations to the locale (`config/locales/en.yml`):
114
+
115
+ ```Yaml
116
+ en:
117
+ new_google_recaptcha:
118
+ errors:
119
+ verification_human: 'Fail'
120
+ ```
121
+
79
122
  ## TODO
80
123
 
81
124
  - check everything works with turbolinks
82
125
  - allow custom ID for input
83
126
  - return score ?
84
- - tests
127
+ - more tests
85
128
  - handle exceptions with timeouts, json is not parsed
86
129
  - add support for non-Rails apps
130
+ - add support for older Rails (should be easy since code is very simple)
87
131
 
88
- ## Contributing
132
+ ## Contributors
89
133
 
90
134
  You are welcome to contribute.
91
135
 
136
+ * [Igor Kasyanchuk](https://github.com/igorkasyanchuk) (maintainer)
137
+ * [gilcierweb](https://github.com/gilcierweb)
138
+ * [RoRElessar](https://github.com/RoRElessar)
139
+ * [rubyconvict](https://github.com/rubyconvict)
140
+
92
141
  ## License
93
142
 
94
143
  The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
@@ -2,5 +2,6 @@ if Object.const_defined?('NewGoogleRecaptcha')
2
2
  NewGoogleRecaptcha.setup do |config|
3
3
  config.site_key = "SITE_KEY"
4
4
  config.secret_key = "SECRET_KEY"
5
+ config.minimum_score = 0.5
5
6
  end
6
- end
7
+ end
@@ -3,18 +3,28 @@ require "new_google_recaptcha/railtie"
3
3
  module NewGoogleRecaptcha
4
4
  mattr_accessor :site_key
5
5
  mattr_accessor :secret_key
6
+ mattr_accessor :minimum_score
6
7
 
7
8
  def self.setup
8
9
  yield(self)
9
10
  end
10
11
 
11
- def self.human?(token, model = nil)
12
- is_valid = NewGoogleRecaptcha::Validator.valid?(token)
12
+ def self.human?(token, action, minimum_score = self.minimum_score, model = nil)
13
+ is_valid = NewGoogleRecaptcha::Validator.valid?(token, action, minimum_score)
13
14
  if model && !is_valid
14
- model.errors.add(:base, "Looks like you are not a human")
15
+ model.errors.add(:base, self.i18n("new_google_recaptcha.errors.verification_human", "Looks like you are not a human"))
15
16
  end
16
17
  is_valid
17
18
  end
19
+
20
+ def self.i18n(key, default)
21
+ if defined?(I18n)
22
+ I18n.translate(key, default: default)
23
+ else
24
+ default
25
+ end
26
+ end
27
+
18
28
  end
19
29
 
20
30
  require_relative "new_google_recaptcha/view_ext"
@@ -1,13 +1,15 @@
1
- require 'net/http'
2
-
3
- module NewGoogleRecaptcha
4
- class Validator
5
-
6
- def Validator.valid?(token)
7
- uri = URI("https://www.google.com/recaptcha/api/siteverify?secret=#{NewGoogleRecaptcha.secret_key}&response=#{token}")
8
- result = JSON.parse(Net::HTTP.get(uri))
9
- !!result["success"]
10
- end
11
-
12
- end
13
- end
1
+ require 'net/http'
2
+
3
+ module NewGoogleRecaptcha
4
+ class Validator
5
+ def self.valid?(token, action, minimum_score)
6
+ uri = URI("https://www.google.com/recaptcha/api/siteverify?secret=#{NewGoogleRecaptcha.secret_key}&response=#{token}")
7
+ result = JSON.parse(Net::HTTP.get(uri))
8
+ conditions = []
9
+ conditions << !!result['success']
10
+ conditions << (result['score'].to_f >= minimum_score)
11
+ conditions << (result['action'].to_s == action.to_s)
12
+ conditions.none?(&:!)
13
+ end
14
+ end
15
+ end
@@ -1,3 +1,3 @@
1
1
  module NewGoogleRecaptcha
2
- VERSION = '0.1.0'
2
+ VERSION = '1.0.0'
3
3
  end
metadata CHANGED
@@ -1,14 +1,15 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: new_google_recaptcha
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 1.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Igor Kasyanchuk
8
+ - rubyconvict
8
9
  autorequire:
9
10
  bindir: bin
10
11
  cert_chain: []
11
- date: 2018-10-31 00:00:00.000000000 Z
12
+ date: 2019-01-03 00:00:00.000000000 Z
12
13
  dependencies:
13
14
  - !ruby/object:Gem::Dependency
14
15
  name: rails
@@ -16,16 +17,100 @@ dependencies:
16
17
  requirements:
17
18
  - - ">="
18
19
  - !ruby/object:Gem::Version
19
- version: 5.0.0
20
+ version: 4.2.0
20
21
  type: :runtime
21
22
  prerelease: false
22
23
  version_requirements: !ruby/object:Gem::Requirement
23
24
  requirements:
24
25
  - - ">="
25
26
  - !ruby/object:Gem::Version
26
- version: 5.0.0
27
+ version: 4.2.0
27
28
  - !ruby/object:Gem::Dependency
28
29
  name: sqlite3
30
+ requirement: !ruby/object:Gem::Requirement
31
+ requirements:
32
+ - - ">="
33
+ - !ruby/object:Gem::Version
34
+ version: '1.3'
35
+ type: :development
36
+ prerelease: false
37
+ version_requirements: !ruby/object:Gem::Requirement
38
+ requirements:
39
+ - - ">="
40
+ - !ruby/object:Gem::Version
41
+ version: '1.3'
42
+ - !ruby/object:Gem::Dependency
43
+ name: byebug
44
+ requirement: !ruby/object:Gem::Requirement
45
+ requirements:
46
+ - - ">="
47
+ - !ruby/object:Gem::Version
48
+ version: '10.0'
49
+ type: :development
50
+ prerelease: false
51
+ version_requirements: !ruby/object:Gem::Requirement
52
+ requirements:
53
+ - - ">="
54
+ - !ruby/object:Gem::Version
55
+ version: '10.0'
56
+ - !ruby/object:Gem::Dependency
57
+ name: webmock
58
+ requirement: !ruby/object:Gem::Requirement
59
+ requirements:
60
+ - - ">="
61
+ - !ruby/object:Gem::Version
62
+ version: '3.5'
63
+ type: :development
64
+ prerelease: false
65
+ version_requirements: !ruby/object:Gem::Requirement
66
+ requirements:
67
+ - - ">="
68
+ - !ruby/object:Gem::Version
69
+ version: '3.5'
70
+ - !ruby/object:Gem::Dependency
71
+ name: mocha
72
+ requirement: !ruby/object:Gem::Requirement
73
+ requirements:
74
+ - - "~>"
75
+ - !ruby/object:Gem::Version
76
+ version: 0.14.0
77
+ type: :development
78
+ prerelease: false
79
+ version_requirements: !ruby/object:Gem::Requirement
80
+ requirements:
81
+ - - "~>"
82
+ - !ruby/object:Gem::Version
83
+ version: 0.14.0
84
+ - !ruby/object:Gem::Dependency
85
+ name: redis-store-testing
86
+ requirement: !ruby/object:Gem::Requirement
87
+ requirements:
88
+ - - ">="
89
+ - !ruby/object:Gem::Version
90
+ version: '0'
91
+ type: :development
92
+ prerelease: false
93
+ version_requirements: !ruby/object:Gem::Requirement
94
+ requirements:
95
+ - - ">="
96
+ - !ruby/object:Gem::Version
97
+ version: '0'
98
+ - !ruby/object:Gem::Dependency
99
+ name: connection_pool
100
+ requirement: !ruby/object:Gem::Requirement
101
+ requirements:
102
+ - - "~>"
103
+ - !ruby/object:Gem::Version
104
+ version: 1.2.0
105
+ type: :development
106
+ prerelease: false
107
+ version_requirements: !ruby/object:Gem::Requirement
108
+ requirements:
109
+ - - "~>"
110
+ - !ruby/object:Gem::Version
111
+ version: 1.2.0
112
+ - !ruby/object:Gem::Dependency
113
+ name: appraisal
29
114
  requirement: !ruby/object:Gem::Requirement
30
115
  requirements:
31
116
  - - ">="
@@ -38,7 +123,7 @@ dependencies:
38
123
  - - ">="
39
124
  - !ruby/object:Gem::Version
40
125
  version: '0'
41
- description: Google reCAPTCHA v3 + Rails (integration)
126
+ description: Google reCaptcha v3 + Rails (integration)
42
127
  email:
43
128
  - igorkasyanchuk@gmail.com
44
129
  executables: []
@@ -76,9 +161,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
76
161
  - !ruby/object:Gem::Version
77
162
  version: '0'
78
163
  requirements: []
79
- rubyforge_project:
80
- rubygems_version: 2.7.6
164
+ rubygems_version: 3.0.1
81
165
  signing_key:
82
166
  specification_version: 4
83
- summary: Google reCAPTCHA v3 + Rails
167
+ summary: Google reCaptcha v3 + Rails
84
168
  test_files: []