Merge pull request 'feature/MAPG-242-add-captcha-for-signup-and-password-reset' (!54) from feature/MAPG-242-add-captcha-for-signup-and-password-reset into develop
All checks were successful
mapguesser/pipeline/head This commit looks good
All checks were successful
mapguesser/pipeline/head This commit looks good
Reviewed-on: https://gitea.e5tv.hu/esoko/mapguesser/pulls/54
This commit is contained in:
Gitea
commit
d30ec3a3a0
@ -21,3 +21,5 @@ MULTI_INTERNAL_PORT=5000
|
||||
MULTI_WS_URL=mapguesser-dev.ch:8090
|
||||
MULTI_WS_PORT=8090
|
||||
ENABLE_GAME_FOR_GUESTS=0
|
||||
RECAPTCHA_SITEKEY=your_recaptcha_sitekey
|
||||
RECAPTCHA_SECRET=your_recaptcha_secret
|
||||
|
||||
@ -19,6 +19,7 @@ use MapGuesser\Repository\UserRepository;
|
||||
use MapGuesser\Response\HtmlContent;
|
||||
use MapGuesser\Response\JsonContent;
|
||||
use MapGuesser\Response\Redirect;
|
||||
use MapGuesser\Util\CaptchaValidator;
|
||||
use MapGuesser\Util\JwtParser;
|
||||
|
||||
class LoginController
|
||||
@ -285,6 +286,18 @@ class LoginController
|
||||
return new JsonContent($data);
|
||||
}
|
||||
|
||||
if (!empty($_ENV['RECAPTCHA_SITEKEY'])) {
|
||||
if (!$this->request->post('g-recaptcha-response')) {
|
||||
return new JsonContent(['error' => ['errorText' => 'Please check "I\'m not a robot" in the reCAPTCHA box!']]);
|
||||
}
|
||||
|
||||
$captchaValidator = new CaptchaValidator();
|
||||
$captchaResponse = $captchaValidator->validate($this->request->post('g-recaptcha-response'));
|
||||
if (!$captchaResponse['success']) {
|
||||
return new JsonContent(['error' => ['errorText' => 'reCAPTCHA challenge failed. Please try again!']]);
|
||||
}
|
||||
}
|
||||
|
||||
if (filter_var($this->request->post('email'), FILTER_VALIDATE_EMAIL) === false) {
|
||||
return new JsonContent(['error' => ['errorText' => 'The given email address is not valid.']]);
|
||||
}
|
||||
@ -455,6 +468,18 @@ class LoginController
|
||||
]);
|
||||
}
|
||||
|
||||
if (!empty($_ENV['RECAPTCHA_SITEKEY'])) {
|
||||
if (!$this->request->post('g-recaptcha-response')) {
|
||||
return new JsonContent(['error' => ['errorText' => 'Please check "I\'m not a robot" in the reCAPTCHA box!']]);
|
||||
}
|
||||
|
||||
$captchaValidator = new CaptchaValidator();
|
||||
$captchaResponse = $captchaValidator->validate($this->request->post('g-recaptcha-response'));
|
||||
if (!$captchaResponse['success']) {
|
||||
return new JsonContent(['error' => ['errorText' => 'reCAPTCHA challenge failed. Please try again!']]);
|
||||
}
|
||||
}
|
||||
|
||||
$user = $this->userRepository->getByEmail($this->request->post('email'));
|
||||
|
||||
if ($user === null) {
|
||||
|
||||
19
src/Util/CaptchaValidator.php
Normal file
19
src/Util/CaptchaValidator.php
Normal file
@ -0,0 +1,19 @@
|
||||
<?php namespace MapGuesser\Util;
|
||||
|
||||
use MapGuesser\Http\Request;
|
||||
|
||||
class CaptchaValidator
|
||||
{
|
||||
public function validate(string $response)
|
||||
{
|
||||
$request = new Request('https://www.google.com/recaptcha/api/siteverify', Request::HTTP_GET);
|
||||
$request->setQuery([
|
||||
'secret' => $_ENV['RECAPTCHA_SECRET'],
|
||||
'response' => $response
|
||||
]);
|
||||
|
||||
$response = $request->send();
|
||||
|
||||
return json_decode($response->getBody(), true);
|
||||
}
|
||||
}
|
||||
@ -1,3 +1,5 @@
|
||||
@js(https://www.google.com/recaptcha/api.js)
|
||||
|
||||
@extends(templates/layout_normal)
|
||||
|
||||
@section(main)
|
||||
@ -5,6 +7,11 @@
|
||||
<div class="box">
|
||||
<form id="passwordResetForm" action="/password/requestReset" method="post" data-redirect-on-success="/password/requestReset/success">
|
||||
<input type="email" class="text big fullWidth" name="email" placeholder="Email address" value="<?= isset($email) ? $email : '' ?>" required autofocus>
|
||||
<?php if (!empty($_ENV['RECAPTCHA_SITEKEY'])): ?>
|
||||
<div class="marginTop">
|
||||
<div class="g-recaptcha" data-sitekey="<?= $_ENV['RECAPTCHA_SITEKEY'] ?>"></div>
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
<p id="passwordResetFormError" class="formError justify marginTop"></p>
|
||||
<div class="right marginTop">
|
||||
<button type="submit">Continue</button>
|
||||
|
||||
@ -1,3 +1,4 @@
|
||||
@js(https://www.google.com/recaptcha/api.js)
|
||||
@js(js/login/signup.js)
|
||||
|
||||
@extends(templates/layout_normal)
|
||||
@ -15,6 +16,11 @@
|
||||
<input type="password" class="text big fullWidth marginTop" name="password" placeholder="Password" required minlength="6">
|
||||
<input type="password" class="text big fullWidth marginTop" name="password_confirm" placeholder="Password confirmation" minlength="6">
|
||||
<?php endif; ?>
|
||||
<?php if (!empty($_ENV['RECAPTCHA_SITEKEY'])): ?>
|
||||
<div class="marginTop">
|
||||
<div class="g-recaptcha" data-sitekey="<?= $_ENV['RECAPTCHA_SITEKEY'] ?>"></div>
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
<p id="signupFormError" class="formError justify marginTop"></p>
|
||||
<div class="right">
|
||||
<button class="marginTop" type="submit">Sign up</button><!--
|
||||
|
||||
Loading…
Reference in New Issue
Block a user