new_google_recaptcha_turbo 1.2.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 3c5cd7372d8cb66ef663b5d79f4c252e949189f9f60be5ea0a5d32691f5a8aa0
+  data.tar.gz: cc6f097e61eb5be159f6ac0e165f2f037e2ef94ac9e0a3e549532a7d743ba880
+SHA512:
+  metadata.gz: e0ce6734d58c2e7f9b4d9c53a24fd9754b6aeb09b0688bc657989aceacd5c1ce76638b967367148cde449bd2ff7af8ef1e6770963d7d51b7291b20c0f1394f2b
+  data.tar.gz: 84570ddaeb15737ab5f3c2645ea1cd9e32a5c54d09ff378df6a3f2606a285297a56fb77fe37bb16e42bee837a592100240b8f1523da23687e60ee713cef03610

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2018 Igor Kasyanchuk
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,237 @@
+# Google Recaptcha v3 + Rails
+
+[![Build Status](https://travis-ci.org/igorkasyanchuk/new_google_recaptcha.svg?branch=master)](https://travis-ci.org/igorkasyanchuk/new_google_recaptcha)
+[![RailsJazz](https://github.com/igorkasyanchuk/rails_time_travel/blob/main/docs/my_other.svg?raw=true)](https://www.railsjazz.com)
+
+Integrate Google Recaptcha v3 with Rails app.
+
+Google Recaptcha console: https://www.google.com/recaptcha/admin#list
+
+Recaptcha v3 documentation: https://developers.google.com/recaptcha/docs/v3
+
+## Usage
+
+- Open https://www.google.com/recaptcha/admin#list
+- register a new site
+- copy `site_key` and `secret_key` and put into config/initializers/new_google_recaptcha.rb
+- optionally, change the `minimum_score` in the initializer to a preferred float value (from 0.0 to 1.0)
+- in layout:
+  ```erb
+  <head>
+    ...
+    <%= yield :recaptcha_js %>
+  </head>
+  ```
+- in view where you for example you have a form:
+  ```erb
+  <%= content_for :recaptcha_js do %>
+    <%= include_recaptcha_js %>
+  <% end %>
+  <form ...>
+    <%#= 'checkout' is action name to be verified later %>
+    <%= recaptcha_action('checkout') %>
+  </form>
+  ```
+- in controller:
+  ```ruby
+  def create
+    @post = Post.new(post_params)
+    if NewGoogleRecaptcha.human?(
+        params[:new_google_recaptcha_token],
+        "checkout",
+        NewGoogleRecaptcha.minimum_score,
+        @post
+      ) && @post.save
+      redirect_to @post, notice: 'Post was successfully created.'
+    else
+      render :new
+    end
+  end
+
+
+  # or
+  # if you need to capture a humanity `score` from Google
+  # before you need to add a column for example `humanity_score` (type: float) where this score will be saved.
+
+
+  def create
+    @post = Post.new(post_params)
+    humanity_details =
+      NewGoogleRecaptcha.get_humanity_detailed(
+        params[:new_google_recaptcha_token],
+        "checkout",
+        NewGoogleRecaptcha.minimum_score,
+        @post
+      )
+
+    @post.humanity_score = humanity_details[:score]
+
+    if humanity_details[:is_human] && @post.save
+      redirect_to @post, notice: 'Post was successfully created.'
+    else
+      render :new
+    end
+  end
+  ```
+
+There are two mandatory arguments for `human?` method:
+
+- `token` - token valid for your site
+- `action` - the action name for this request
+  (the gem checks if it is the same as the name used with the token,
+  otherwise a hacker could replace it on frontend to some another action used,
+  but with lower score requirement and thus pass the verification)
+
+You can verify recaptcha without using these arguments:
+
+- `minimum_score` - defaults to value set in the initializer
+  (reCAPTCHA recommends using 0.5 as default)
+- `model` - defaults to `nil` which will result in not adding an error to model;
+  any custom failure handling is applicable here
+
+like this:
+
+```ruby
+  NewGoogleRecaptcha.human?(params[:new_google_recaptcha_token], "checkout")
+```
+
+### Saving humanity score from Google in your model
+
+`get_humanity_detailed` method acts like `human?` method, the only difference is that it returns following hash with three key-value pairs:
+
+- `is_human` - whether actor is a human or not (same as result of `human?` method)
+- `score` - actual humanity score from recaptcha response
+- `model` - model which you trying to save
+
+It could be handy if you want to store score in db or put it into logs or smth else. Real example is above in the code samples.
+
+Add to your navigation links `data-turbolinks="false"` to make it works with `turbolinks`.
+
+## Installation
+
+```ruby
+gem 'new_google_recaptcha'
+```
+
+And then execute:
+```bash
+$ bundle
+```
+
+And then run:
+
+```bash
+$ rails generate new_google_recaptcha initializer
+```
+
+And edit new_google_recaptcha.rb and enter your site_key and secret_key.
+
+## API
+
+`NewGoogleRecaptcha.human?(token, model)` or `NewGoogleRecaptcha.get_humanity_detailed(token, model)` in contoller
+
+- token is received from google, must be sent to backend
+- model optional parameter. if you want to add error to model.
+
+`<%= include_recaptcha_js %>` in layout (by using yield)
+
+Include Google Recaptcha v3 JS into your Rails app. In head, right before `</head>`.
+
+`<%= recaptcha_action(action_name) %>` in view
+
+Action where recaptcha action was executed. Actions could be viewed in Admin console. More docs: https://developers.google.com/recaptcha/docs/v3. Action name could be "comments", "checkout", etc. Put any name and check scores in console.
+
+## How to add to the Devise
+
+Generate Devise controllers and views, and edit "create" method.
+
+```ruby
+class Users::RegistrationsController < Devise::RegistrationsController
+...
+  def create
+    build_resource(sign_up_params)
+
+    NewGoogleRecaptcha.human?(
+      params[:new_google_recaptcha_token],
+      "user",
+      NewGoogleRecaptcha.minimum_score,
+      resource) && resource.save
+
+    yield resource if block_given?
+    if resource.persisted?
+      if resource.active_for_authentication?
+        set_flash_message! :notice, :signed_up
+        sign_up(resource_name, resource)
+        respond_with resource, location: after_sign_up_path_for(resource)
+      else
+        set_flash_message! :notice, :"signed_up_but_#{resource.inactive_message}"
+        expire_data_after_sign_in!
+        respond_with resource, location: after_inactive_sign_up_path_for(resource)
+      end
+    else
+      clean_up_passwords resource
+      set_minimum_password_length
+      respond_with resource
+    end
+  end
+```
+
+## How to use in test or specs
+
+At the end of the spec/rails_helper.rb put:
+
+```ruby
+module NewGoogleRecaptcha
+  def self.human?(*attrs)
+    true
+  end
+end
+```
+
+Tests are located in `specs` folder and `test/dummy/tests` folder.
+
+
+## I18n support
+
+reCAPTCHA passes one types of error explanation to a linked model. It will use the I18n gem
+to translate the default error message if I18n is available. To customize the messages to your locale,
+add these keys to your I18n backend:
+
+`new_google_recaptcha.errors.verification_human` error message displayed when it is something like a robot, or a suspicious action
+
+Also you can translate API response errors to human friendly by adding translations to the locale (`config/locales/en.yml`):
+
+```Yaml
+en:
+  new_google_recaptcha:
+    errors:
+      verification_human: 'Fail'
+```
+
+## TODO
+
+- check everything works with turbolinks
+- allow custom ID for input
+- more tests
+- handle exceptions with timeouts, json is not parsed
+- add support for non-Rails apps
+- add support for older Rails (should be easy since code is very simple)
+
+## Contributors
+
+You are welcome to contribute.
+
+* [Igor Kasyanchuk](https://github.com/igorkasyanchuk) (maintainer)
+* [gilcierweb](https://github.com/gilcierweb)
+* [RoRElessar](https://github.com/RoRElessar)
+* [rubyconvict](https://github.com/rubyconvict)
+* [adelnabiullin](https://github.com/adelnabiullin)
+* [jhill](https://github.com/jhill)
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
+
+
+[<img src="https://github.com/igorkasyanchuk/rails_time_travel/blob/main/docs/more_gems.png?raw=true"
+/>](https://www.railsjazz.com/)

data/Rakefile

@@ -0,0 +1,27 @@
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+require 'rdoc/task'
+
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'NewGoogleRecaptcha'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.md')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+require 'bundler/gem_tasks'
+
+require 'rake/testtask'
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'test'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = false
+end
+
+task default: :test

data/lib/generators/USAGE

@@ -0,0 +1,8 @@
+Description:
+    Generate configuration file.
+
+Example:
+    rails generate new_google_recaptcha initializer
+
+    This will create:
+        config/new_google_recaptcha.rb

data/lib/generators/new_google_recaptcha_generator.rb

@@ -0,0 +1,6 @@
+class NewGoogleRecaptchaGenerator < Rails::Generators::NamedBase
+  source_root File.expand_path('../templates', __FILE__)
+  def copy_initializer
+    template 'new_google_recaptcha.rb', 'config/initializers/new_google_recaptcha.rb'
+  end
+end

data/lib/generators/templates/new_google_recaptcha.rb

@@ -0,0 +1,7 @@
+if Object.const_defined?('NewGoogleRecaptcha')
+  NewGoogleRecaptcha.setup do |config|
+    config.site_key   = "SITE_KEY"
+    config.secret_key = "SECRET_KEY"
+    config.minimum_score = 0.5
+  end
+end

data/lib/new_google_recaptcha.rb

@@ -0,0 +1,61 @@
+require "new_google_recaptcha/railtie"
+
+module NewGoogleRecaptcha
+  mattr_accessor :site_key
+  mattr_accessor :secret_key
+  mattr_accessor :minimum_score
+
+  def self.setup
+    yield(self)
+  end
+
+  def self.human?(token, action, minimum_score = self.minimum_score, model = nil)
+    is_valid =
+      NewGoogleRecaptcha::Validator.new(
+        token: token,
+        action: action,
+        minimum_score: minimum_score
+      ).call
+
+    if model && !is_valid
+      model.errors.add(:base, self.i18n("new_google_recaptcha.errors.verification_human", "Looks like you are not a human"))
+    end
+
+    is_valid
+  end
+
+  def self.get_humanity_detailed(token, action, minimum_score = self.minimum_score, model = nil)
+    validator =
+      NewGoogleRecaptcha::Validator.new(
+        token: token,
+        action: action,
+        minimum_score: minimum_score
+      )
+
+    is_valid = validator.call
+
+    if model && !is_valid
+      model.errors.add(:base, self.i18n("new_google_recaptcha.errors.verification_human", "Looks like you are not a human"))
+    end
+
+    { is_human: is_valid, score: validator.score, model: model }
+  end
+
+  def self.i18n(key, default)
+    if defined?(I18n)
+      I18n.translate(key, default: default)
+    else
+      default
+    end
+  end
+
+  def self.compose_uri(token)
+    URI(
+      "https://www.google.com/recaptcha/api/siteverify?"\
+      "secret=#{self.secret_key}&response=#{token}"
+    )
+  end
+end
+
+require_relative "new_google_recaptcha/view_ext"
+require_relative "new_google_recaptcha/validator"

data/lib/new_google_recaptcha/railtie.rb

@@ -0,0 +1,9 @@
+module NewGoogleRecaptcha
+  class Railtie < ::Rails::Railtie
+    initializer 'new_google_recaptcha.helpers' do
+      ActiveSupport.on_load :action_view do
+        ActionView::Base.send :include, NewGoogleRecaptcha::ViewExt
+      end
+    end
+  end
+end

data/lib/new_google_recaptcha/validator.rb

@@ -0,0 +1,30 @@
+require 'net/http'
+
+module NewGoogleRecaptcha
+  class Validator
+    attr_reader :score
+    attr_reader :token, :action, :minimum_score
+
+    def initialize(token:, action:, minimum_score:)
+      @token         = token
+      @action        = action
+      @minimum_score = minimum_score
+    end
+
+    def call
+      uri    = NewGoogleRecaptcha.compose_uri(token)
+      
+      http = Net::HTTP.new(uri.host, uri.port)
+      http.use_ssl = true if uri.scheme == 'https' 
+      result = JSON.parse(http.request(Net::HTTP::Get.new(uri)).body)
+
+      @score = result['score'].to_f
+
+      conditions = []
+      conditions << !!result['success']
+      conditions << (result['score'].to_f >= minimum_score)
+      conditions << (result['action'].to_s == action.to_s)
+      conditions.none?(&:!)
+    end
+  end
+end

data/lib/new_google_recaptcha/version.rb

@@ -0,0 +1,3 @@
+module NewGoogleRecaptcha
+  VERSION = '1.2.1'
+end

data/lib/new_google_recaptcha/view_ext.rb

@@ -0,0 +1,41 @@
+module NewGoogleRecaptcha
+  module ViewExt
+    include ActionView::Helpers::TagHelper
+
+    def include_recaptcha_js
+      generate_recaptcha_callback + javascript_include_tag("https://www.google.com/recaptcha/api.js?render=#{NewGoogleRecaptcha.site_key}&onload=newGoogleRecaptchaCallback", defer: true, 'data-turbolinks-track': "reload")
+    end
+
+    def recaptcha_action(action)
+      id = "new_google_recaptcha_token_#{SecureRandom.hex(10)}"
+      hidden_field_tag(
+        "new_recaptcha_token",
+        nil,
+        :readonly => true,
+        "data-google-recaptcha-action" => action,
+        :id => id
+      )
+    end
+
+    private
+
+    def generate_recaptcha_callback
+      javascript_tag %(
+        function newGoogleRecaptchaCallback () {
+          grecaptcha.ready(function () {
+            var elements = document.querySelectorAll('[data-google-recaptcha-action]')
+            Array.prototype.slice.call(elements).forEach(function (el) {
+              var action = el.dataset.googleRecaptchaAction
+              if (!action) return
+              grecaptcha
+                .execute("#{NewGoogleRecaptcha.site_key}", { action: action })
+                .then(function (token) {
+                  el.value = token
+                })
+            })
+          })
+        }
+      )
+    end
+  end
+end

data/lib/tasks/new_google_recaptcha_tasks.rake

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :new_google_recaptcha do
+#   # Task goes here
+# end

metadata

@@ -0,0 +1,168 @@
+--- !ruby/object:Gem::Specification
+name: new_google_recaptcha_turbo
+version: !ruby/object:Gem::Version
+  version: 1.2.1
+platform: ruby
+authors:
+- Igor Kasyanchuk
+- rubyconvict
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2021-02-01 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.2.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.2.0
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '3.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '3.5'
+- !ruby/object:Gem::Dependency
+  name: mocha
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.14.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.14.0
+- !ruby/object:Gem::Dependency
+  name: redis-store-testing
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: connection_pool
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.2.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.2.0
+- !ruby/object:Gem::Dependency
+  name: appraisal
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Google reCAPTCHA v3 + Rails (integration)
+email:
+- igorkasyanchuk@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- MIT-LICENSE
+- README.md
+- Rakefile
+- lib/generators/USAGE
+- lib/generators/new_google_recaptcha_generator.rb
+- lib/generators/templates/new_google_recaptcha.rb
+- lib/new_google_recaptcha.rb
+- lib/new_google_recaptcha/railtie.rb
+- lib/new_google_recaptcha/validator.rb
+- lib/new_google_recaptcha/version.rb
+- lib/new_google_recaptcha/view_ext.rb
+- lib/tasks/new_google_recaptcha_tasks.rake
+homepage: https://github.com/igorkasyanchuk/new_google_recaptcha
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.1.4
+signing_key:
+specification_version: 4
+summary: Google reCAPTCHA v3 + Rails
+test_files: []