rails_cloudflare_turnstile 0.1.2 → 0.1.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +4 -0
  3. data/README.md +3 -1
  4. data/lib/rails_cloudflare_turnstile/configuration.rb +3 -0
  5. data/lib/rails_cloudflare_turnstile/controller_helpers.rb +42 -38
  6. data/lib/rails_cloudflare_turnstile/version.rb +1 -1
  7. data/lib/rails_cloudflare_turnstile/view_helpers.rb +19 -3
  8. data/lib/rails_cloudflare_turnstile.rb +7 -0
  9. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 213b9ea35b854fa37d8fc8b18e62f37a55d594a23df7d8b4717ed6d528a164a3
4
- data.tar.gz: 1182162d69f5a507075de7c9e5a9ba30a5661fa08587b95399078e37f5ab021d
3
+ metadata.gz: 945f56fd2e6ef412bd71d68a58ca63978499ac4948ac4cdb640852a0d7f13cbf
4
+ data.tar.gz: 446c952679cf658fbc9e6e031043ca272ef8ef0ce5b3c6d40229461643725c07
5
5
  SHA512:
6
- metadata.gz: 49f8cfbf351ac4a46258dadc8d21751849fe345519919053e30bf01f3a7972d2265548822423a18e9c5d2e956db8ffbcdc192aa5467de871b44e98989b076223
7
- data.tar.gz: 534896363c9408f0f6c145c6f4b14599631dc77ea507d113bbb24f8d2d81f17bf47a8fc97e866cebe83f42b1dface02f3b2193bc3d47db86ef99995e56e5b593
6
+ metadata.gz: 6d27317d8fba8949675177a9fbbe798d0f57f7a26c2fad0ae72fe0b00337f6721dab1c298af562839a012d2f68764db99fe07fe2cb78ce44d6c996fa5ee0dc8b
7
+ data.tar.gz: 5549a4a67796a43b4effb39c4d50bef488f47164f3efcfb285c3ce8f64da445d23c1aefe4adc318da4964f79ea28af125d21972001da79ab5d00291649be4bda
data/CHANGELOG.md CHANGED
@@ -1,6 +1,10 @@
1
1
  ChangeLog
2
2
  =========
3
3
 
4
+ 0.1.3
5
+ -----
6
+ - Add mocked functionality in dev/test
7
+
4
8
  0.1.2
5
9
  -----
6
10
  - Fix URIs in gemspec
data/README.md CHANGED
@@ -34,7 +34,6 @@ RailsCloudflareTurnstile.configure do |c|
34
34
  c.fail_open = true
35
35
  end
36
36
  ```
37
-
38
37
  To totally disable Turnstile, you can set `c.enabled = false` and all other config values are ignored.
39
38
 
40
39
  To use Turnstile for a view:
@@ -46,5 +45,8 @@ To use Turnstile for a view:
46
45
  If the challenge fails, the exception `RailsCloudflareTurnstile::Forbidden` will be raised; you should handle this with
47
46
  a `rescue_from` block.
48
47
 
48
+ By default, in development and test mode, a special mock view will be inserted if real credentials are not present. To
49
+ disable this, set the `mock_enable` property of the configuration to false.
50
+
49
51
  ## License
50
52
  The gem is available as open source under the terms of the [ISC License](LICENSE.txt).
data/lib/rails_cloudflare_turnstile/configuration.rb CHANGED
@@ -21,11 +21,14 @@ module RailsCloudflareTurnstile
21
21
 
22
22
  attr_accessor :enabled
23
23
 
24
+ attr_accessor :mock_enabled
25
+
24
26
  def initialize
25
27
  @site_key = nil
26
28
  @secret_key = nil
27
29
  @fail_open = true
28
30
  @enabled = nil
31
+ @mock_enabled = nil
29
32
  @timeout = 5.0
30
33
  @size = :regular
31
34
  @validation_url = "https://challenges.cloudflare.com/turnstile/v0/siteverify"
data/lib/rails_cloudflare_turnstile/controller_helpers.rb CHANGED
@@ -5,54 +5,58 @@ require "faraday"
5
5
  module RailsCloudflareTurnstile
6
6
  module ControllerHelpers
7
7
  def cloudflare_turnstile_ok?
8
- return true unless RailsCloudflareTurnstile.enabled?
8
+ if RailsCloudflareTurnstile.enabled?
9
+ config = RailsCloudflareTurnstile.configuration
9
10
 
10
- config = RailsCloudflareTurnstile.configuration
11
+ url = URI(config.validation_url)
11
12
 
12
- url = URI(config.validation_url)
13
+ body = {
14
+ secret: config.secret_key,
15
+ response: params["cf-turnstile-response"],
16
+ remoteip: request.remote_ip
17
+ }
13
18
 
14
- body = {
15
- secret: config.secret_key,
16
- response: params["cf-turnstile-response"],
17
- remoteip: request.remote_ip
18
- }
19
-
20
- begin
21
- resp = Faraday.new(url) { |conn|
22
- conn.options.timeout = config.timeout
23
- conn.options.open_timeout = config.timeout
24
- conn.use Faraday::Response::RaiseError
25
- conn.request :json
26
- conn.response :json
27
- }.post(url, body)
28
- rescue Faraday::Error => e
29
- Rails.logger.error "Error response from CloudFlare Turnstile: #{e}"
30
- if config.fail_open
31
- return true
32
- else
33
- return false
19
+ begin
20
+ resp = Faraday.new(url) { |conn|
21
+ conn.options.timeout = config.timeout
22
+ conn.options.open_timeout = config.timeout
23
+ conn.use Faraday::Response::RaiseError
24
+ conn.request :json
25
+ conn.response :json
26
+ }.post(url, body)
27
+ rescue Faraday::Error => e
28
+ Rails.logger.error "Error response from CloudFlare Turnstile: #{e}"
29
+ if config.fail_open
30
+ return true
31
+ else
32
+ return false
33
+ end
34
34
  end
35
- end
36
35
 
37
- json = resp.body
36
+ json = resp.body
38
37
 
39
- success = json["success"]
38
+ success = json["success"]
40
39
 
41
- return true if success
40
+ return true if success
42
41
 
43
- error = json["error-codes"][0]
42
+ error = json["error-codes"][0]
44
43
 
45
- ActiveSupport::Notifications.instrument(
46
- "rails_cloudflare_turnstile.failure",
47
- message: error,
48
- remote_ip: request.remote_ip,
49
- user_agent: request.user_agent,
50
- controller: params[:controller],
51
- action: params[:action],
52
- url: request.url
53
- )
44
+ ActiveSupport::Notifications.instrument(
45
+ "rails_cloudflare_turnstile.failure",
46
+ message: error,
47
+ remote_ip: request.remote_ip,
48
+ user_agent: request.user_agent,
49
+ controller: params[:controller],
50
+ action: params[:action],
51
+ url: request.url
52
+ )
54
53
 
55
- false
54
+ false
55
+ elsif RailsCloudflareTurnstile.mock_enabled?
56
+ params["cf-turnstile-response"] == "mocked"
57
+ else
58
+ true
59
+ end
56
60
  end
57
61
 
58
62
  private
data/lib/rails_cloudflare_turnstile/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module RailsCloudflareTurnstile
2
- VERSION = "0.1.2"
2
+ VERSION = "0.1.3"
3
3
  end
data/lib/rails_cloudflare_turnstile/view_helpers.rb CHANGED
@@ -3,9 +3,14 @@
3
3
  module RailsCloudflareTurnstile
4
4
  module ViewHelpers
5
5
  def cloudflare_turnstile(action: "other")
6
- return nil unless RailsCloudflareTurnstile.enabled?
7
- content_tag(:div, class: "cloudflare-turnstile") do
8
- concat turnstile_div(action)
6
+ if RailsCloudflareTurnstile.enabled?
7
+ content_tag(:div, class: "cloudflare-turnstile") do
8
+ concat turnstile_div(action)
9
+ end
10
+ elsif RailsCloudflareTurnstile.mock_enabled?
11
+ content_tag(:div, class: "cloudflare-turnstile") do
12
+ concat mock_turnstile_div(action)
13
+ end
9
14
  end
10
15
  end
11
16
 
@@ -25,6 +30,17 @@ module RailsCloudflareTurnstile
25
30
  end
26
31
  end
27
32
 
33
+ def mock_turnstile_div(action)
34
+ content_tag(:div, class: "cf-turnstile", style: "width: 300px; height: 65px: border: 1px solid gray") do
35
+ [
36
+ tag.input(type: "hidden", name: "cf-turnstile-response", value: "mocked"),
37
+ content_tag(:p) do
38
+ "CAPTCHA goes here in production"
39
+ end
40
+ ].reduce(:<<)
41
+ end
42
+ end
43
+
28
44
  def site_key
29
45
  RailsCloudflareTurnstile.configuration.site_key
30
46
  end
data/lib/rails_cloudflare_turnstile.rb CHANGED
@@ -16,12 +16,19 @@ module RailsCloudflareTurnstile
16
16
  if configuration.enabled.nil?
17
17
  configuration.enabled = true
18
18
  end
19
+ if configuration.mock_enabled.nil?
20
+ configuration.mock_enabled = Rails.env.development? || Rails.env.test?
21
+ end
19
22
  end
20
23
 
21
24
  def self.enabled?
22
25
  configuration.enabled == true
23
26
  end
24
27
 
28
+ def self.mock_enabled?
29
+ configuration.mock_enabled == true
30
+ end
31
+
25
32
  def self.reset_configuration!
26
33
  LOCK.synchronize do
27
34
  @configuration = nil
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rails_cloudflare_turnstile
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.2
4
+ version: 0.1.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - James Brown
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-01-09 00:00:00.000000000 Z
11
+ date: 2023-01-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails