rails_cloudflare_turnstile 0.1.2 → 0.1.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 213b9ea35b854fa37d8fc8b18e62f37a55d594a23df7d8b4717ed6d528a164a3
-  data.tar.gz: 1182162d69f5a507075de7c9e5a9ba30a5661fa08587b95399078e37f5ab021d
+  metadata.gz: 74e8c3cd9c2aa0d7b6efc991fe4ab26d5e4386b308a391ab38b611857df26bde
+  data.tar.gz: 1dae15eaf445e80b32cbd507fddee58cbc34f1c71b9ff5f5487ceb04873593a5
 SHA512:
-  metadata.gz: 49f8cfbf351ac4a46258dadc8d21751849fe345519919053e30bf01f3a7972d2265548822423a18e9c5d2e956db8ffbcdc192aa5467de871b44e98989b076223
-  data.tar.gz: 534896363c9408f0f6c145c6f4b14599631dc77ea507d113bbb24f8d2d81f17bf47a8fc97e866cebe83f42b1dface02f3b2193bc3d47db86ef99995e56e5b593
+  metadata.gz: a1c3a53ed7a4dc9291aa5eb5acc1895dfd06eeaae8ee213faaee5236f4d4e5222e71f3bc8752f55864ca6637d8bde92c846c4d15eb52002c6dbabf6f28132074
+  data.tar.gz: e502bd59212eeec1372f927f2c70206ebe6d7ea37a2c9947ce510d723038d1a049f9c724b3f530c37010d0ac2f9ef97cb2113f1af7c7ed92f454fc91b7273a18

data/CHANGELOG.md

@@ -1,6 +1,14 @@
 ChangeLog
 =========
 
+0.1.4
+-----
+- add data-callback support; mock javascript
+
+0.1.3
+-----
+- Add mocked functionality in dev/test
+
 0.1.2
 -----
 - Fix URIs in gemspec

data/README.md

@@ -34,7 +34,6 @@ RailsCloudflareTurnstile.configure do |c|
   c.fail_open = true
 end
 ```
-
 To totally disable Turnstile, you can set `c.enabled = false` and all other config values are ignored.
 
 To use Turnstile for a view:
@@ -46,5 +45,8 @@ To use Turnstile for a view:
 If the challenge fails, the exception `RailsCloudflareTurnstile::Forbidden` will be raised; you should handle this with
 a `rescue_from` block.
 
+By default, in development and test mode, a special mock view will be inserted if real credentials are not present. To
+disable this, set the `mock_enable` property of the configuration to false.
+
 ## License
 The gem is available as open source under the terms of the [ISC License](LICENSE.txt).

data/app/assets/images/turnstile-logo.svg

@@ -0,0 +1 @@
+<svg width="54" height="54" viewBox="0 0 54 54" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M27.3146 7.26134C22.346 7.11258 17.5089 8.87182 13.7968 12.1778l1.2307-6.74308-3.1939-.58208L9.67207 16.6889 21.5124 18.8498 22.0945 15.6559l-6.0801-1.1096c2.9126-2.5542 6.6454-3.9781 10.5192-4.0126C30.4073 10.4993 34.1648 11.8565 37.1224 14.3585s4.9188 5.9826 5.5269 9.8085C43.2573 27.9929 42.4718 31.91 40.4356 35.2057c-2.0362 3.2956-5.1877 5.7509-8.8813 6.9191S23.8704 43.0965 20.3094 41.5711c-3.5609-1.5254-6.456-4.2784-8.1586-7.7582-1.7026-3.4797-2.0995-7.455-1.1185-11.2027L7.89023 21.7861c-1.02566 3.9081-.81053 8.0386.61559 11.8191C9.93194 37.3856 12.4985 40.629 15.8498 42.8861c3.3514 2.257 7.3217 3.4159 11.361 3.3162C31.2501 46.1025 35.1584 44.7491 38.3943 42.3294c3.2359-2.4196 5.6393-5.7858 6.8771-9.632C46.5092 28.8511 46.5202 24.7151 45.3029 20.8623s-3.6026-7.2317-6.8256-9.6685c-3.2229-2.43693-7.124-3.81119-11.1627-3.93246z" style="fill: rgb(243, 128, 32)"></path><path clip-rule="evenodd" d="M38.8474 21.9189 35.9285 19 24.4761 30.4524l-4.5531-4.553L17 28.8224l7.4833 7.4832 2.923-2.923L27.3949 33.3713 38.8474 21.9189z" fill-rule="evenodd" style="fill: rgb(243, 128, 32);"></path></svg>

data/app/assets/javascripts/mock_cloudflare_turnstile_api.js

@@ -0,0 +1,20 @@
+(function() {
+  function mock_cloudflare_turnstile_response() {
+    setTimeout(function() {
+      console.log("setting mock cloudflare turnstile to ✓");
+      for (let elem of document.getElementsByClassName("cf-turnstile")) {
+        elem.getElementsByTagName("p")[0].style.color = 'green';
+        elem.getElementsByTagName("p").innerHTML = "Mocked CAPTCHA succeeded"
+        if (elem.dataset.callback !== undefined) {
+          eval(elem.dataset.callback).call("mocked");
+        }
+      }
+    }, 1500);
+  }
+
+  if (document.readyState !== 'loading') {
+    mock_cloudflare_turnstile_response()
+  } else {
+    document.addEventListener('DOMContentLoaded', mock_cloudflare_turnstile_response);
+  }
+})();

data/lib/rails_cloudflare_turnstile/configuration.rb

@@ -16,18 +16,25 @@ module RailsCloudflareTurnstile
     # Timeout for operations with Cloudflare
     attr_accessor :timeout
 
-    # size for the widget ("regular" or "compact")
+    # size for the widget (:regular or :compact)
     attr_accessor :size
 
+    # theme for the widget (:auto, :light, or :dark)
+    attr_accessor :theme
+
     attr_accessor :enabled
 
+    attr_accessor :mock_enabled
+
     def initialize
       @site_key = nil
       @secret_key = nil
       @fail_open = true
       @enabled = nil
+      @mock_enabled = nil
       @timeout = 5.0
       @size = :regular
+      @theme = :auto
       @validation_url = "https://challenges.cloudflare.com/turnstile/v0/siteverify"
     end
 
@@ -36,6 +43,7 @@ module RailsCloudflareTurnstile
       raise "Must set secret key" if @secret_key.nil?
       @size = @size.to_sym
       raise "Size must be one of ':regular' or ':compact'" unless [:regular, :compact].include? @size
+      raise "Theme must be one of :auto, :light, or :dark" unless [:auto, :light, :dark].include? @theme
     end
 
     def disabled?

data/lib/rails_cloudflare_turnstile/controller_helpers.rb

@@ -5,54 +5,58 @@ require "faraday"
 module RailsCloudflareTurnstile
   module ControllerHelpers
     def cloudflare_turnstile_ok?
-      return true unless RailsCloudflareTurnstile.enabled?
+      if RailsCloudflareTurnstile.enabled?
+        config = RailsCloudflareTurnstile.configuration
 
-      config = RailsCloudflareTurnstile.configuration
+        url = URI(config.validation_url)
 
-      url = URI(config.validation_url)
+        body = {
+          secret: config.secret_key,
+          response: params["cf-turnstile-response"],
+          remoteip: request.remote_ip
+        }
 
-      body = {
-        secret: config.secret_key,
-        response: params["cf-turnstile-response"],
-        remoteip: request.remote_ip
-      }
-
-      begin
-        resp = Faraday.new(url) { |conn|
-          conn.options.timeout = config.timeout
-          conn.options.open_timeout = config.timeout
-          conn.use Faraday::Response::RaiseError
-          conn.request :json
-          conn.response :json
-        }.post(url, body)
-      rescue Faraday::Error => e
-        Rails.logger.error "Error response from CloudFlare Turnstile: #{e}"
-        if config.fail_open
-          return true
-        else
-          return false
+        begin
+          resp = Faraday.new(url) { |conn|
+            conn.options.timeout = config.timeout
+            conn.options.open_timeout = config.timeout
+            conn.use Faraday::Response::RaiseError
+            conn.request :json
+            conn.response :json
+          }.post(url, body)
+        rescue Faraday::Error => e
+          Rails.logger.error "Error response from CloudFlare Turnstile: #{e}"
+          if config.fail_open
+            return true
+          else
+            return false
+          end
         end
-      end
 
-      json = resp.body
+        json = resp.body
 
-      success = json["success"]
+        success = json["success"]
 
-      return true if success
+        return true if success
 
-      error = json["error-codes"][0]
+        error = json["error-codes"][0]
 
-      ActiveSupport::Notifications.instrument(
-        "rails_cloudflare_turnstile.failure",
-        message: error,
-        remote_ip: request.remote_ip,
-        user_agent: request.user_agent,
-        controller: params[:controller],
-        action: params[:action],
-        url: request.url
-      )
+        ActiveSupport::Notifications.instrument(
+          "rails_cloudflare_turnstile.failure",
+          message: error,
+          remote_ip: request.remote_ip,
+          user_agent: request.user_agent,
+          controller: params[:controller],
+          action: params[:action],
+          url: request.url
+        )
 
-      false
+        false
+      elsif RailsCloudflareTurnstile.mock_enabled?
+        params["cf-turnstile-response"] == "mocked"
+      else
+        true
+      end
     end
 
     private

data/lib/rails_cloudflare_turnstile/engine.rb

@@ -0,0 +1,9 @@
+module RailsCloudflareTurnstile
+  class Engine < ::Rails::Engine
+    initializer "rails_cloudflare_turnstile.precompile" do |app|
+      %w[javascripts images].each do |sub|
+        app.config.assets.paths << root.join("assets", sub).to_s
+      end
+    end
+  end
+end

data/lib/rails_cloudflare_turnstile/railtie.rb

@@ -1,6 +1,6 @@
 module RailsCloudflareTurnstile
   class Railtie < ::Rails::Railtie
-    initializer "rails_cloudflare_turnstile" do
+    initializer "rails_cloudflare_turnstile" do |app|
       ActiveSupport.on_load(:action_controller) do
         include RailsCloudflareTurnstile::ControllerHelpers
       end
@@ -8,6 +8,8 @@ module RailsCloudflareTurnstile
       ActiveSupport.on_load(:action_view) do
         include RailsCloudflareTurnstile::ViewHelpers
       end
+
+      app.config.assets.precompile += %w[mock_cloudflare_turnstile_api.js turnstile-logo.svg]
     end
   end
 end

data/lib/rails_cloudflare_turnstile/version.rb

@@ -1,3 +1,3 @@
 module RailsCloudflareTurnstile
-  VERSION = "0.1.2"
+  VERSION = "0.1.4"
 end

data/lib/rails_cloudflare_turnstile/view_helpers.rb

@@ -2,29 +2,51 @@
 
 module RailsCloudflareTurnstile
   module ViewHelpers
-    def cloudflare_turnstile(action: "other")
-      return nil unless RailsCloudflareTurnstile.enabled?
-      content_tag(:div, class: "cloudflare-turnstile") do
-        concat turnstile_div(action)
+    def cloudflare_turnstile(action: "other", data_callback: nil)
+      if RailsCloudflareTurnstile.enabled?
+        content_tag(:div, class: "cloudflare-turnstile") do
+          concat turnstile_div(action, data_callback: data_callback)
+        end
+      elsif RailsCloudflareTurnstile.mock_enabled?
+        content_tag(:div, class: "cloudflare-turnstile") do
+          concat mock_turnstile_div(action, data_callback: data_callback)
+        end
       end
     end
 
     def cloudflare_turnstile_script_tag
-      return nil unless RailsCloudflareTurnstile.enabled?
-      content_tag(:script, :src => js_src, "async" => true) do
-        ""
+      if RailsCloudflareTurnstile.enabled?
+        content_tag(:script, :src => js_src, "async" => true) do
+          ""
+        end
+      elsif RailsCloudflareTurnstile.mock_enabled?
+        content_tag(:script, :src => mock_js, "async" => true) do
+          ""
+        end
       end
     end
 
     private
 
-    def turnstile_div(action)
+    def turnstile_div(action, data_callback: nil)
       config = RailsCloudflareTurnstile.configuration
-      content_tag(:div, :class => "cf-turnstile", "data-sitekey" => site_key, "data-size" => config.size, "data-action" => action) do
+      content_tag(:div, :class => "cf-turnstile", "data-sitekey" => site_key, "data-size" => config.size, "data-action" => action, "data-callback" => data_callback, "data-theme" => config.theme) do
         ""
       end
     end
 
+    def mock_turnstile_div(action, data_callback: nil)
+      content_tag(:div, :class => "cf-turnstile", :style => "width: 300px; height: 65px; border: 1px solid gray; display: flex; flex-direction: row; justify-content: center; align-items: center; margin: 10px;", "data-callback" => data_callback) do
+        [
+          tag.input(type: "hidden", name: "cf-turnstile-response", value: "mocked"),
+          image_tag("turnstile-logo.svg"),
+          content_tag(:p, style: "margin: 0") do
+            "CAPTCHA goes here in production"
+          end
+        ].reduce(:<<)
+      end
+    end
+
     def site_key
       RailsCloudflareTurnstile.configuration.site_key
     end
@@ -32,5 +54,9 @@ module RailsCloudflareTurnstile
     def js_src
       "https://challenges.cloudflare.com/turnstile/v0/api.js"
     end
+
+    def mock_js
+      javascript_path "mock_cloudflare_turnstile_api.js"
+    end
   end
 end

data/lib/rails_cloudflare_turnstile.rb

@@ -1,4 +1,5 @@
 require "rails_cloudflare_turnstile/version"
+require "rails_cloudflare_turnstile/engine"
 require "rails_cloudflare_turnstile/configuration"
 require "rails_cloudflare_turnstile/errors"
 require "rails_cloudflare_turnstile/controller_helpers"
@@ -16,12 +17,19 @@ module RailsCloudflareTurnstile
     if configuration.enabled.nil?
       configuration.enabled = true
     end
+    if configuration.mock_enabled.nil?
+      configuration.mock_enabled = Rails.env.development? || Rails.env.test?
+    end
   end
 
   def self.enabled?
     configuration.enabled == true
   end
 
+  def self.mock_enabled?
+    configuration.mock_enabled == true
+  end
+
   def self.reset_configuration!
     LOCK.synchronize do
       @configuration = nil

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rails_cloudflare_turnstile
 version: !ruby/object:Gem::Version
-  version: 0.1.2
+  version: 0.1.4
 platform: ruby
 authors:
 - James Brown
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-01-09 00:00:00.000000000 Z
+date: 2023-01-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -62,9 +62,12 @@ files:
 - CHANGELOG.md
 - README.md
 - Rakefile
+- app/assets/images/turnstile-logo.svg
+- app/assets/javascripts/mock_cloudflare_turnstile_api.js
 - lib/rails_cloudflare_turnstile.rb
 - lib/rails_cloudflare_turnstile/configuration.rb
 - lib/rails_cloudflare_turnstile/controller_helpers.rb
+- lib/rails_cloudflare_turnstile/engine.rb
 - lib/rails_cloudflare_turnstile/errors.rb
 - lib/rails_cloudflare_turnstile/railtie.rb
 - lib/rails_cloudflare_turnstile/version.rb