Merge lp:~maxiberta/canonical-identity-provider/drop-account-registration-captcha-web into lp:canonical-identity-provider/release
- drop-account-registration-captcha-web
- Merge into trunk
Proposed by
Maximiliano Bertacchini
Status: | Merged |
---|---|
Merged at revision: | 1668 |
Proposed branch: | lp:~maxiberta/canonical-identity-provider/drop-account-registration-captcha-web |
Merge into: | lp:canonical-identity-provider/release |
Prerequisite: | lp:~maxiberta/canonical-identity-provider/drop-account-registration-captcha-api-v1 |
Diff against target: |
448 lines (+2/-258) 7 files modified
src/webui/templates/registration/_create_account_form.html (+0/-11) src/webui/templates/widgets/recaptcha.html (+0/-43) src/webui/tests/test_views_registration.py (+0/-51) src/webui/tests/test_views_ui.py (+1/-85) src/webui/views/registration.py (+0/-26) src/webui/views/ui.py (+1/-35) src/webui/views/utils.py (+0/-7) |
To merge this branch: | bzr merge lp:~maxiberta/canonical-identity-provider/drop-account-registration-captcha-web |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Matias Bordese (community) | Approve | ||
Review via email: mp+356877@code.launchpad.net |
Commit message
Drop captcha from account registration via web.
Description of the change
Account registration captcha has been disabled for a long time (years?). And the implementation depends on reCaptcha v1 which is dead since March 2018. So, let's just drop all captcha bits from there.
To post a comment you must log in.
Revision history for this message
Otto Co-Pilot (otto-copilot) wrote : | # |
Running landing tests failed
https:/
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | === modified file 'src/webui/templates/registration/_create_account_form.html' | |||
2 | --- src/webui/templates/registration/_create_account_form.html 2018-07-04 17:51:43 +0000 | |||
3 | +++ src/webui/templates/registration/_create_account_form.html 2018-10-22 16:30:41 +0000 | |||
4 | @@ -50,17 +50,6 @@ | |||
5 | 50 | 50 | ||
6 | 51 | {% include "widgets/passwords.html" with fields=create_form %} | 51 | {% include "widgets/passwords.html" with fields=create_form %} |
7 | 52 | 52 | ||
8 | 53 | {% if captcha_required %} | ||
9 | 54 | <div class="captcha" id="captcha"> | ||
10 | 55 | {% if captcha_error_message %} | ||
11 | 56 | <span class="error"> | ||
12 | 57 | {{ captcha_error_message }} | ||
13 | 58 | </span> | ||
14 | 59 | {% endif %} | ||
15 | 60 | {% include "widgets/recaptcha.html" %} | ||
16 | 61 | </div> | ||
17 | 62 | {% endif %} | ||
18 | 63 | |||
19 | 64 | <div class="input-row{% if create_form.accept_tos.errors %} haserrors{% endif %} accept-tos-input"> | 53 | <div class="input-row{% if create_form.accept_tos.errors %} haserrors{% endif %} accept-tos-input"> |
20 | 65 | 54 | ||
21 | 66 | {% if create_form.accept_tos.errors %} | 55 | {% if create_form.accept_tos.errors %} |
22 | 67 | 56 | ||
23 | === removed file 'src/webui/templates/widgets/recaptcha.html' | |||
24 | --- src/webui/templates/widgets/recaptcha.html 2014-12-11 17:44:29 +0000 | |||
25 | +++ src/webui/templates/widgets/recaptcha.html 1970-01-01 00:00:00 +0000 | |||
26 | @@ -1,43 +0,0 @@ | |||
27 | 1 | {% comment %} | ||
28 | 2 | Copyright 2010 Canonical Ltd. This software is licensed under the | ||
29 | 3 | GNU Affero General Public License version 3 (see the file LICENSE). | ||
30 | 4 | {% endcomment %} | ||
31 | 5 | |||
32 | 6 | {% load i18n %} | ||
33 | 7 | {% load static_url %} | ||
34 | 8 | <script type="text/javascript"> | ||
35 | 9 | var RecaptchaOptions = { | ||
36 | 10 | theme: 'white', | ||
37 | 11 | custom_translations: { | ||
38 | 12 | visual_challenge : "{% trans "Get a visual challenge" %}", | ||
39 | 13 | audio_challenge : "{% trans "Get an audio challenge" %}", | ||
40 | 14 | refresh_btn : "{% trans "Get a new challenge" %}", | ||
41 | 15 | instructions_visual : "{% trans "Type the two words:" %}", | ||
42 | 16 | instructions_audio : "{% trans "Type what you hear:" %}", | ||
43 | 17 | help_btn : "{% trans "Help" %}", | ||
44 | 18 | play_again : "{% trans "Play sound again" %}", | ||
45 | 19 | cant_hear_this : "{% trans "Download sound as MP3" %}", | ||
46 | 20 | incorrect_try_again : "{% trans "Incorrect. Try again." %}" | ||
47 | 21 | }, | ||
48 | 22 | }; | ||
49 | 23 | </script> | ||
50 | 24 | <div {% if captcha_error %}class='captchaError'{% endif %}> | ||
51 | 25 | {% ifequal captcha_error "&error=no-challenge" %} | ||
52 | 26 | <p> | ||
53 | 27 | {% blocktrans with "support_form"|static_url as support_form_url %} | ||
54 | 28 | It appears that our captcha service was unable to load on this page. | ||
55 | 29 | This may be caused by a plugin on your browser. | ||
56 | 30 | Please correct this and try again. If the problem persists, please <a href="{{ support_form_url }}">contact support</a> | ||
57 | 31 | {% endblocktrans %} | ||
58 | 32 | </p> | ||
59 | 33 | {% endifequal %} | ||
60 | 34 | <script type="text/javascript" src="{{ CAPTCHA_API_URL_SECURE }}/challenge?k={{ CAPTCHA_PUBLIC_KEY }}{{ captcha_error }}"> | ||
61 | 35 | </script> | ||
62 | 36 | <noscript> | ||
63 | 37 | <iframe src="{{ CAPTCHA_API_URL_SECURE }}/noscript?k={{ CAPTCHA_PUBLIC_KEY }}" height="300" width="500" frameborder="0" class="recaptcha-noscript"> | ||
64 | 38 | </iframe> | ||
65 | 39 | <textarea class="recaptcha-challenge-field" name="recaptcha_challenge_field" rows="3" cols="40"> | ||
66 | 40 | </textarea> | ||
67 | 41 | <input type="hidden" name="recaptcha_response_field" value="manual_challenge"> | ||
68 | 42 | </noscript> | ||
69 | 43 | </div> | ||
70 | 44 | 0 | ||
71 | === modified file 'src/webui/tests/test_views_registration.py' | |||
72 | --- src/webui/tests/test_views_registration.py 2018-05-28 20:15:33 +0000 | |||
73 | +++ src/webui/tests/test_views_registration.py 2018-10-22 16:30:41 +0000 | |||
74 | @@ -161,16 +161,6 @@ | |||
75 | 161 | ctx = response.context_data | 161 | ctx = response.context_data |
76 | 162 | self.assertEqual(ctx['form']['email'].value(), 'test@test.com') | 162 | self.assertEqual(ctx['form']['email'].value(), 'test@test.com') |
77 | 163 | 163 | ||
78 | 164 | @switches(CAPTCHA=False) | ||
79 | 165 | def test_get_optional_captcha_switch_off(self): | ||
80 | 166 | response = self.get() | ||
81 | 167 | self.assertEqual(response.context_data['captcha_required'], False) | ||
82 | 168 | |||
83 | 169 | @switches(CAPTCHA=True, CAPTCHA_NEW_ACCOUNT=True) | ||
84 | 170 | def test_get_optional_captcha_switch_on(self): | ||
85 | 171 | response = self.get() | ||
86 | 172 | self.assertEqual(response.context_data['captcha_required'], True) | ||
87 | 173 | |||
88 | 174 | def test_post_required_fields(self): | 164 | def test_post_required_fields(self): |
89 | 175 | response = self.post() | 165 | response = self.post() |
90 | 176 | self.assert_form_displayed( | 166 | self.assert_form_displayed( |
91 | @@ -213,9 +203,6 @@ | |||
92 | 213 | email=self.TESTDATA['email'], | 203 | email=self.TESTDATA['email'], |
93 | 214 | password=self.TESTDATA['password'], | 204 | password=self.TESTDATA['password'], |
94 | 215 | displayname=self.TESTDATA['displayname'], | 205 | displayname=self.TESTDATA['displayname'], |
95 | 216 | captcha_id=None, | ||
96 | 217 | captcha_solution=None, | ||
97 | 218 | create_captcha=False, | ||
98 | 219 | creation_source=WEB_CREATION_SOURCE, | 206 | creation_source=WEB_CREATION_SOURCE, |
99 | 220 | ) | 207 | ) |
100 | 221 | 208 | ||
101 | @@ -242,9 +229,6 @@ | |||
102 | 242 | password=self.TESTDATA['password'], | 229 | password=self.TESTDATA['password'], |
103 | 243 | displayname=self.TESTDATA['displayname'], | 230 | displayname=self.TESTDATA['displayname'], |
104 | 244 | username=self.TESTDATA['username'], | 231 | username=self.TESTDATA['username'], |
105 | 245 | captcha_id=None, | ||
106 | 246 | captcha_solution=None, | ||
107 | 247 | create_captcha=False, | ||
108 | 248 | creation_source=WEB_CREATION_SOURCE, | 232 | creation_source=WEB_CREATION_SOURCE, |
109 | 249 | ) | 233 | ) |
110 | 250 | self.TESTDATA.pop('username') | 234 | self.TESTDATA.pop('username') |
111 | @@ -337,9 +321,6 @@ | |||
112 | 337 | expected_args = dict(email=self.TESTDATA['email'], | 321 | expected_args = dict(email=self.TESTDATA['email'], |
113 | 338 | password=self.TESTDATA['password'], | 322 | password=self.TESTDATA['password'], |
114 | 339 | displayname=self.TESTDATA['displayname'], | 323 | displayname=self.TESTDATA['displayname'], |
115 | 340 | create_captcha=False, | ||
116 | 341 | captcha_solution=None, | ||
117 | 342 | captcha_id=None, | ||
118 | 343 | creation_source='web-flow', | 324 | creation_source='web-flow', |
119 | 344 | oid_token=token) | 325 | oid_token=token) |
120 | 345 | self.mock_api_register.assert_called_once_with(**expected_args) | 326 | self.mock_api_register.assert_called_once_with(**expected_args) |
121 | @@ -351,38 +332,6 @@ | |||
122 | 351 | self.assert_form_displayed(response, email=VERIFY_EMAIL_MESSAGE) | 332 | self.assert_form_displayed(response, email=VERIFY_EMAIL_MESSAGE) |
123 | 352 | self.assert_stat_calls(['error.email']) | 333 | self.assert_stat_calls(['error.email']) |
124 | 353 | 334 | ||
125 | 354 | def test_post_captcha_required(self): | ||
126 | 355 | exc = api_errors.CaptchaRequired(Mock()) | ||
127 | 356 | self.mock_api_register.side_effect = exc | ||
128 | 357 | response = self.post(**self.TESTDATA) | ||
129 | 358 | self.assert_form_displayed(response) | ||
130 | 359 | self.assertEqual(response.context_data['captcha_required'], True) | ||
131 | 360 | |||
132 | 361 | def test_post_captcha_failure(self): | ||
133 | 362 | mock_response = Mock() | ||
134 | 363 | body = {'extra': {'captcha_message': 'XXX'}} | ||
135 | 364 | exc = api_errors.CaptchaFailure(mock_response, body) | ||
136 | 365 | self.mock_api_register.side_effect = exc | ||
137 | 366 | |||
138 | 367 | response = self.post(**self.TESTDATA) | ||
139 | 368 | self.assert_form_displayed(response) | ||
140 | 369 | self.assertEqual(response.context_data['captcha_required'], True) | ||
141 | 370 | self.assertEqual( | ||
142 | 371 | response.context_data['captcha_error'], | ||
143 | 372 | '&error=XXX') | ||
144 | 373 | self.assert_stat_calls(['error.captcha']) | ||
145 | 374 | |||
146 | 375 | def test_post_captcha_error(self): | ||
147 | 376 | mock_response = Mock() | ||
148 | 377 | body = {} | ||
149 | 378 | exc = api_errors.CaptchaError(mock_response, body) | ||
150 | 379 | self.mock_api_register.side_effect = exc | ||
151 | 380 | |||
152 | 381 | response = self.post(**self.TESTDATA) | ||
153 | 382 | self.assert_form_displayed(response) | ||
154 | 383 | self.assertEqual(response.context_data['captcha_required'], True) | ||
155 | 384 | self.assert_stat_calls(['error.captcha']) | ||
156 | 385 | |||
157 | 386 | 335 | ||
158 | 387 | class RegisterTimelineTestCase( | 336 | class RegisterTimelineTestCase( |
159 | 388 | SSOBaseTestCase, RegisterTestMixin, TimelineActionMixin): | 337 | SSOBaseTestCase, RegisterTestMixin, TimelineActionMixin): |
160 | 389 | 338 | ||
161 | === modified file 'src/webui/tests/test_views_ui.py' | |||
162 | --- src/webui/tests/test_views_ui.py 2018-09-07 21:54:44 +0000 | |||
163 | +++ src/webui/tests/test_views_ui.py 2018-10-22 16:30:41 +0000 | |||
164 | @@ -10,7 +10,6 @@ | |||
165 | 10 | import urllib2 | 10 | import urllib2 |
166 | 11 | from datetime import date | 11 | from datetime import date |
167 | 12 | from functools import partial | 12 | from functools import partial |
168 | 13 | from StringIO import StringIO | ||
169 | 14 | from urlparse import urlsplit | 13 | from urlparse import urlsplit |
170 | 15 | 14 | ||
171 | 16 | from django.conf import settings | 15 | from django.conf import settings |
172 | @@ -29,7 +28,6 @@ | |||
173 | 29 | from django.test.utils import override_settings | 28 | from django.test.utils import override_settings |
174 | 30 | from django.urls import reverse | 29 | from django.urls import reverse |
175 | 31 | from django.utils.html import escape | 30 | from django.utils.html import escape |
176 | 32 | from gargoyle import gargoyle | ||
177 | 33 | from gargoyle.testutils import switches | 31 | from gargoyle.testutils import switches |
178 | 34 | from mock import Mock, patch | 32 | from mock import Mock, patch |
179 | 35 | from pyquery import PyQuery | 33 | from pyquery import PyQuery |
180 | @@ -50,11 +48,7 @@ | |||
181 | 50 | OpenIDRPConfig, | 48 | OpenIDRPConfig, |
182 | 51 | twofactor, | 49 | twofactor, |
183 | 52 | ) | 50 | ) |
189 | 53 | from identityprovider.models.captcha import ( | 51 | from identityprovider.models.captcha import CaptchaV2 |
185 | 54 | Captcha, | ||
186 | 55 | CaptchaResponse, | ||
187 | 56 | CaptchaV2, | ||
188 | 57 | ) | ||
190 | 58 | from identityprovider.models.const import ( | 52 | from identityprovider.models.const import ( |
191 | 59 | AccountStatus, | 53 | AccountStatus, |
192 | 60 | AuthLogType, | 54 | AuthLogType, |
193 | @@ -65,7 +59,6 @@ | |||
194 | 65 | from identityprovider.tests import DEFAULT_USER_PASSWORD | 59 | from identityprovider.tests import DEFAULT_USER_PASSWORD |
195 | 66 | from identityprovider.tests.test_auth import AuthLogTestCaseMixin | 60 | from identityprovider.tests.test_auth import AuthLogTestCaseMixin |
196 | 67 | from identityprovider.tests.utils import ( | 61 | from identityprovider.tests.utils import ( |
197 | 68 | MockHandler, | ||
198 | 69 | SSOBaseTestCase, | 62 | SSOBaseTestCase, |
199 | 70 | TimelineActionMixin, | 63 | TimelineActionMixin, |
200 | 71 | ) | 64 | ) |
201 | @@ -115,9 +108,6 @@ | |||
202 | 115 | 'passwordconfirm': 'Testing123', | 108 | 'passwordconfirm': 'Testing123', |
203 | 116 | 'accept_tos': True | 109 | 'accept_tos': True |
204 | 117 | } | 110 | } |
205 | 118 | if gargoyle.is_active('CAPTCHA'): | ||
206 | 119 | data['recaptcha_challenge_field'] = 'ignored' | ||
207 | 120 | data['recaptcha_response_field'] = 'ignored' | ||
208 | 121 | 111 | ||
209 | 122 | return self.client.post(url, data, follow=follow) | 112 | return self.client.post(url, data, follow=follow) |
210 | 123 | 113 | ||
211 | @@ -132,24 +122,6 @@ | |||
212 | 132 | assert self.client.login( | 122 | assert self.client.login( |
213 | 133 | username=self.data['email'], password=self.data['password']) | 123 | username=self.data['email'], password=self.data['password']) |
214 | 134 | 124 | ||
215 | 135 | def request_when_captcha_fails(self, url, data): | ||
216 | 136 | class MockCaptcha(object): | ||
217 | 137 | def __init__(self, *args): | ||
218 | 138 | pass | ||
219 | 139 | |||
220 | 140 | def verify(self, solution, ip_addr, email): | ||
221 | 141 | self.message = 'no-challenge' | ||
222 | 142 | return False | ||
223 | 143 | |||
224 | 144 | @classmethod | ||
225 | 145 | def new(cls, env): | ||
226 | 146 | return cls() | ||
227 | 147 | |||
228 | 148 | with patch.object(ui, 'Captcha', MockCaptcha): | ||
229 | 149 | r = self.client.post(url, data) | ||
230 | 150 | |||
231 | 151 | return r | ||
232 | 152 | |||
233 | 153 | 125 | ||
234 | 154 | @override_settings(LANGUAGE_CODE='es') | 126 | @override_settings(LANGUAGE_CODE='es') |
235 | 155 | class SpanishUIViewsTestCase(BaseTestCase): | 127 | class SpanishUIViewsTestCase(BaseTestCase): |
236 | @@ -1348,62 +1320,6 @@ | |||
237 | 1348 | self.assertFalse(email.is_verified) | 1320 | self.assertFalse(email.is_verified) |
238 | 1349 | 1321 | ||
239 | 1350 | 1322 | ||
240 | 1351 | @override_settings(CAPTCHA_PRIVATE_KEY='some-private-key') | ||
241 | 1352 | class CaptchaVerificationTestCase(BaseTestCase): | ||
242 | 1353 | |||
243 | 1354 | success_status = 302 | ||
244 | 1355 | |||
245 | 1356 | def setUp(self): | ||
246 | 1357 | super(CaptchaVerificationTestCase, self).setUp() | ||
247 | 1358 | mock_handler = MockHandler() | ||
248 | 1359 | mock_handler.set_next_response(200, 'false\nno-challenge') | ||
249 | 1360 | self.patch(Captcha, 'opener', new=urllib2.build_opener(mock_handler)) | ||
250 | 1361 | |||
251 | 1362 | p = switches(CAPTCHA=True) | ||
252 | 1363 | p.patch() | ||
253 | 1364 | self.addCleanup(p.unpatch) | ||
254 | 1365 | |||
255 | 1366 | def test_new_account_when_form_validation_fails(self): | ||
256 | 1367 | r = self.post_new_account() | ||
257 | 1368 | self.assertTemplateUsed(r, 'registration/new_account.html') | ||
258 | 1369 | msg = 'It appears that our captcha service was unable to load' | ||
259 | 1370 | self.assertContains(r, msg) | ||
260 | 1371 | |||
261 | 1372 | def test_new_account_captcha_whitelist(self): | ||
262 | 1373 | email = 'canonicaltest@gmail.com' | ||
263 | 1374 | pattern = '^canonicaltest(?:\+.+)?@gmail\.com$' | ||
264 | 1375 | with self.settings(EMAIL_WHITELIST_REGEXP_LIST=[pattern]): | ||
265 | 1376 | response = self.post_new_account(email=email) | ||
266 | 1377 | self.assertEqual(response.status_code, self.success_status) | ||
267 | 1378 | |||
268 | 1379 | def test_new_account_captcha_whitelist_with_uuid(self): | ||
269 | 1380 | email = 'canonicaltest+something@gmail.com' | ||
270 | 1381 | pattern = '^canonicaltest(?:\+.+)?@gmail\.com$' | ||
271 | 1382 | with self.settings(EMAIL_WHITELIST_REGEXP_LIST=[pattern]): | ||
272 | 1383 | response = self.post_new_account(email=email) | ||
273 | 1384 | self.assertEqual(response.status_code, self.success_status) | ||
274 | 1385 | |||
275 | 1386 | def test_new_account_captcha_whitelist_fail(self): | ||
276 | 1387 | email = 'notcanonicaltest@gmail.com' | ||
277 | 1388 | pattern = '^canonicaltest(?:\+.+)?@gmail\.com$' | ||
278 | 1389 | with self.settings(EMAIL_WHITELIST_REGEXP_LIST=[pattern]): | ||
279 | 1390 | response = self.post_new_account(email=email) | ||
280 | 1391 | msg = 'It appears that our captcha service was unable to load' | ||
281 | 1392 | self.assertContains(response, msg) | ||
282 | 1393 | |||
283 | 1394 | @patch.object(Captcha, '_open') | ||
284 | 1395 | def test_uses_timeline_from_request(self, mock_open): | ||
285 | 1396 | mock_open.return_value = CaptchaResponse(200, StringIO('true\na')) | ||
286 | 1397 | request = Mock() | ||
287 | 1398 | timeline = Timeline() | ||
288 | 1399 | request.META = {'timeline.timeline': timeline} | ||
289 | 1400 | request.POST = {'recaptcha_challenge_field': 'captcha-id'} | ||
290 | 1401 | request.environ = {'REMOTE_ADDR': '127.0.0.1'} | ||
291 | 1402 | ui._verify_captcha_response(None, request, None) | ||
292 | 1403 | self.assertEqual(1, len(timeline.actions)) | ||
293 | 1404 | self.assertEqual('captcha-verify', timeline.actions[0].category) | ||
294 | 1405 | |||
295 | 1406 | |||
296 | 1407 | class CookiesTestCase(SSOBaseTestCase): | 1323 | class CookiesTestCase(SSOBaseTestCase): |
297 | 1408 | 1324 | ||
298 | 1409 | def setUp(self): | 1325 | def setUp(self): |
299 | 1410 | 1326 | ||
300 | === modified file 'src/webui/views/registration.py' | |||
301 | --- src/webui/views/registration.py 2018-05-28 20:15:33 +0000 | |||
302 | +++ src/webui/views/registration.py 2018-10-22 16:30:41 +0000 | |||
303 | @@ -53,7 +53,6 @@ | |||
304 | 53 | requires_cookies, | 53 | requires_cookies, |
305 | 54 | ) | 54 | ) |
306 | 55 | from webui.views.utils import ( | 55 | from webui.views.utils import ( |
307 | 56 | add_captcha_settings, | ||
308 | 57 | display_email_sent, | 56 | display_email_sent, |
309 | 58 | set_session_email, | 57 | set_session_email, |
310 | 59 | ) | 58 | ) |
311 | @@ -87,10 +86,6 @@ | |||
312 | 87 | @requires_cookies | 86 | @requires_cookies |
313 | 88 | @require_http_methods(['GET', 'POST']) | 87 | @require_http_methods(['GET', 'POST']) |
314 | 89 | def new_account(request, token=None): | 88 | def new_account(request, token=None): |
315 | 90 | captcha_required = (gargoyle.is_active('CAPTCHA', request) and | ||
316 | 91 | gargoyle.is_active('CAPTCHA_NEW_ACCOUNT', request)) | ||
317 | 92 | captcha_error = '' | ||
318 | 93 | captcha_error_message = None | ||
319 | 94 | rpconfig = get_rpconfig_from_request(request, token) | 89 | rpconfig = get_rpconfig_from_request(request, token) |
320 | 95 | 90 | ||
321 | 96 | def collect_stats(key): | 91 | def collect_stats(key): |
322 | @@ -108,14 +103,7 @@ | |||
323 | 108 | data = dict((k, v) for k, v in form.cleaned_data.items() | 103 | data = dict((k, v) for k, v in form.cleaned_data.items() |
324 | 109 | if k in ('email', 'password', 'displayname', | 104 | if k in ('email', 'password', 'displayname', |
325 | 110 | 'username')) | 105 | 'username')) |
326 | 111 | data['captcha_id'] = request.POST.get( | ||
327 | 112 | 'recaptcha_challenge_field' | ||
328 | 113 | ) | ||
329 | 114 | data['captcha_solution'] = request.POST.get( | ||
330 | 115 | 'recaptcha_response_field' | ||
331 | 116 | ) | ||
332 | 117 | # we'll handle our own capture generation | 106 | # we'll handle our own capture generation |
333 | 118 | data['create_captcha'] = False | ||
334 | 119 | data['creation_source'] = WEB_CREATION_SOURCE | 107 | data['creation_source'] = WEB_CREATION_SOURCE |
335 | 120 | if token: | 108 | if token: |
336 | 121 | data['oid_token'] = token | 109 | data['oid_token'] = token |
337 | @@ -136,15 +124,6 @@ | |||
338 | 136 | collect_stats('error.email') | 124 | collect_stats('error.email') |
339 | 137 | form._errors['email'] = [VERIFY_EMAIL_MESSAGE] | 125 | form._errors['email'] = [VERIFY_EMAIL_MESSAGE] |
340 | 138 | 126 | ||
341 | 139 | except api_errors.CaptchaRequired as e: | ||
342 | 140 | captcha_required = True | ||
343 | 141 | collect_stats('captcha_required') | ||
344 | 142 | |||
345 | 143 | except (api_errors.CaptchaFailure, api_errors.CaptchaError) as e: | ||
346 | 144 | captcha_required = True | ||
347 | 145 | captcha_error = '&error=' + e.extra.get('captcha_message', '') | ||
348 | 146 | captcha_error_message = _('Incorrect captcha solution') | ||
349 | 147 | collect_stats('error.captcha') | ||
350 | 148 | except Exception as e: | 127 | except Exception as e: |
351 | 149 | return HttpResponseServerError("exception: " + str(e)) | 128 | return HttpResponseServerError("exception: " + str(e)) |
352 | 150 | else: | 129 | else: |
353 | @@ -175,12 +154,7 @@ | |||
354 | 175 | 'form': form, | 154 | 'form': form, |
355 | 176 | 'rpconfig': rpconfig, | 155 | 'rpconfig': rpconfig, |
356 | 177 | 'token': token, | 156 | 'token': token, |
357 | 178 | 'captcha_required': captcha_required, | ||
358 | 179 | 'captcha_error': captcha_error, | ||
359 | 180 | 'captcha_error_message': captcha_error_message, | ||
360 | 181 | } | 157 | } |
361 | 182 | if captcha_required: | ||
362 | 183 | context = add_captcha_settings(context) | ||
363 | 184 | 158 | ||
364 | 185 | if form.errors: | 159 | if form.errors: |
365 | 186 | err = form.errors.get('email', [''])[0] | 160 | err = form.errors.get('email', [''])[0] |
366 | 187 | 161 | ||
367 | === modified file 'src/webui/views/ui.py' | |||
368 | --- src/webui/views/ui.py 2018-08-24 15:30:53 +0000 | |||
369 | +++ src/webui/views/ui.py 2018-10-22 16:30:41 +0000 | |||
370 | @@ -56,11 +56,7 @@ | |||
371 | 56 | 56 | ||
372 | 57 | ) | 57 | ) |
373 | 58 | from identityprovider.models import twofactor | 58 | from identityprovider.models import twofactor |
379 | 59 | from identityprovider.models.captcha import ( | 59 | from identityprovider.models.captcha import CaptchaV2 |
375 | 60 | Captcha, | ||
376 | 61 | CaptchaV2, | ||
377 | 62 | VerifyCaptchaError | ||
378 | 63 | ) | ||
380 | 64 | from identityprovider.models.const import AccountStatus, AuthTokenType | 60 | from identityprovider.models.const import AccountStatus, AuthTokenType |
381 | 65 | from identityprovider.signals import login_failed, login_succeeded | 61 | from identityprovider.signals import login_failed, login_succeeded |
382 | 66 | from identityprovider.signed import BadSignedValue | 62 | from identityprovider.signed import BadSignedValue |
383 | @@ -94,7 +90,6 @@ | |||
384 | 94 | requires_cookies, | 90 | requires_cookies, |
385 | 95 | ) | 91 | ) |
386 | 96 | from webui.views import registration | 92 | from webui.views import registration |
387 | 97 | from webui.views.utils import add_captcha_settings | ||
388 | 98 | 93 | ||
389 | 99 | 94 | ||
390 | 100 | ACCOUNT_CREATED = _("Your account was created successfully") | 95 | ACCOUNT_CREATED = _("Your account was created successfully") |
391 | @@ -150,11 +145,6 @@ | |||
392 | 150 | self, request, token, rpconfig, form, create_account_form=None): | 145 | self, request, token, rpconfig, form, create_account_form=None): |
393 | 151 | context = super(LoginView, self).get_context( | 146 | context = super(LoginView, self).get_context( |
394 | 152 | request, token=token, rpconfig=rpconfig, form=form) | 147 | request, token=token, rpconfig=rpconfig, form=form) |
395 | 153 | # add captcha and account creation form | ||
396 | 154 | context['captcha_required'] = ( | ||
397 | 155 | gargoyle.is_active('CAPTCHA', request) and | ||
398 | 156 | gargoyle.is_active('CAPTCHA_NEW_ACCOUNT', request)) | ||
399 | 157 | context = add_captcha_settings(context) | ||
400 | 158 | context['create_account_form'] = create_account_form | 148 | context['create_account_form'] = create_account_form |
401 | 159 | return context | 149 | return context |
402 | 160 | 150 | ||
403 | @@ -503,30 +493,6 @@ | |||
404 | 503 | return registration.new_account(request, token) | 493 | return registration.new_account(request, token) |
405 | 504 | 494 | ||
406 | 505 | 495 | ||
407 | 506 | def _verify_captcha_response(template, request, form): | ||
408 | 507 | captcha = Captcha(request.POST.get('recaptcha_challenge_field')) | ||
409 | 508 | captcha_solution = request.POST.get('recaptcha_response_field') | ||
410 | 509 | email = request.POST.get('email', '') | ||
411 | 510 | ip_addr = request.environ["REMOTE_ADDR"] | ||
412 | 511 | try: | ||
413 | 512 | timer_fn = get_request_timing_function(request) | ||
414 | 513 | verified = captcha.verify(captcha_solution, ip_addr, email, | ||
415 | 514 | timer=timer_fn) | ||
416 | 515 | if verified: | ||
417 | 516 | return None | ||
418 | 517 | except VerifyCaptchaError: | ||
419 | 518 | logger.exception("reCaptcha connection error") | ||
420 | 519 | |||
421 | 520 | # not verified | ||
422 | 521 | return render( | ||
423 | 522 | request, | ||
424 | 523 | template, | ||
425 | 524 | add_captcha_settings({ | ||
426 | 525 | 'form': form, | ||
427 | 526 | 'captcha_error': ('&error=%s' % captcha.message), | ||
428 | 527 | 'captcha_required': True})) | ||
429 | 528 | |||
430 | 529 | |||
431 | 530 | @require_twofactor_authenticated( | 496 | @require_twofactor_authenticated( |
432 | 531 | _("Please log in to use this confirmation code")) | 497 | _("Please log in to use this confirmation code")) |
433 | 532 | def confirm_email(request, authtoken, email_address, token=None): | 498 | def confirm_email(request, authtoken, email_address, token=None): |
434 | 533 | 499 | ||
435 | === modified file 'src/webui/views/utils.py' | |||
436 | --- src/webui/views/utils.py 2015-05-08 19:25:27 +0000 | |||
437 | +++ src/webui/views/utils.py 2018-10-22 16:30:41 +0000 | |||
438 | @@ -43,10 +43,3 @@ | |||
439 | 43 | def set_session_email(session, email): | 43 | def set_session_email(session, email): |
440 | 44 | """Place information about the current token's email in the session""" | 44 | """Place information about the current token's email in the session""" |
441 | 45 | session['token_email'] = email | 45 | session['token_email'] = email |
442 | 46 | |||
443 | 47 | |||
444 | 48 | def add_captcha_settings(context): | ||
445 | 49 | d = {'CAPTCHA_PUBLIC_KEY': settings.CAPTCHA_PUBLIC_KEY, | ||
446 | 50 | 'CAPTCHA_API_URL_SECURE': settings.CAPTCHA_API_URL_SECURE} | ||
447 | 51 | d.update(context) | ||
448 | 52 | return d |
LGTM