diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index edb2a3b..dfa8961 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,3 +1,5 @@
+require 'net/https'
+
class ApplicationController < BaseController
protect_from_forgery with: :exception, except: [:do_confirm, :js_error, :admin_update]
@@ -6,6 +8,17 @@ class ApplicationController < BaseController
helper_method :protect, :policies
+ RECAPTCHA_MINIMUM_SCORE = 0.5
+
+ def verify_recaptcha?(token, recaptcha_action)
+ recaptcha_secret_key = config.app_config['recaptcha_secret_key']
+
+ uri = URI.parse("https://www.google.com/recaptcha/api/siteverify?secret=#{recaptcha_secret_key}&response=#{token}")
+ response = Net::HTTP.get_response(uri)
+ json = JSON.parse(response.body)
+ json['success'] && json['score'] > RECAPTCHA_MINIMUM_SCORE && json['action'] == recaptcha_action
+ end
+
def default_url_options
{ host: "#{request.protocol}#{request.host_with_port}", trailing_slash: true }
end
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index 563131d..fc99ae5 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -10,6 +10,8 @@ module ApplicationHelper
include TableHelper
include AdminHelper
+ RECAPTCHA_SITE_KEY = ENV['RECAPTCH_SITE_KEY']
+
def is_production?
Rails.env == 'production' || Rails.env == 'preview'
end
@@ -21,4 +23,26 @@ module ApplicationHelper
def generate_confirmation(user, url, expiry = nil)
ApplicationController::generate_confirmation(user, url, expiry)
end
+
+ def include_recaptcha_js
+ raw %Q{
+
+ }
+ end
+
+ def recaptcha_execute(action)
+ id = "recaptcha_token_#{SecureRandom.hex(10)}"
+
+ raw %Q{
+
+
+ }
+ end
+
end
diff --git a/app/views/layouts/application.html.haml b/app/views/layouts/application.html.haml
index 21735a7..c47f9bb 100644
--- a/app/views/layouts/application.html.haml
+++ b/app/views/layouts/application.html.haml
@@ -20,6 +20,7 @@
%meta{property: 'og:type', content: 'website'}
%meta{property: 'og:image', content: og_image}
%meta{name: "theme-color", content: @theme_colour}
+ %script{src: "https://www.google.com/recaptcha/api.js?render=6LcWZFAnAAAAANKko--rHWo2iAkfGdcbkHKtF1-A}" }
= yield :head
%body{ class: page_style }
@@ -53,7 +54,7 @@
.dlg-inner
%p.message=''
%a.button.confirm=_'modals.yes_button'
- %button.delete.close=_'modals.no_button'
+ %button.delete.close=_'modals.no_button'
- if @info_dlg.present?
.dlg#info-dlg
.dlg-content
@@ -69,6 +70,8 @@
.message=''
%button.close=_'modals.done_button'
- if @login_dlg.present?
+ = content_for :recaptcha_js do
+ = include_recaptcha_js
.dlg#login-dlg
.dlg-content
%h2.title=_'forms.actions.generic.login'
@@ -77,10 +80,11 @@
= hidden_field_tag :dest, settings_path
= emailfield :email, nil, big: true
= button :continue, value: :confirm_email
+ = recaptcha_execute('sign_in')
.flex-form
= link_to (_'forms.actions.generic.facebook_sign_in','Facebook Sign In'), auth_at_provider_path(provider: :facebook, dest: settings_path), class: [:button, :facebook]
%button.close.subdued=_'forms.actions.generic.cancel'
-
+
- if @event_dlg.present?
.event-dlg#event-dlg{ data: { type: :event } }
.event-details
diff --git a/config/app_config.yml b/config/app_config.yml
index 3098fc1..737fefc 100644
--- a/config/app_config.yml
+++ b/config/app_config.yml
@@ -6,6 +6,8 @@ default: &default
smtp_password: <%= ENV['SMTP_PASSWORD'] %>
smtp_ssl: <%= ENV['SMTP_SSL'] %>
default_url: <%= ENV['DEFAULT_URL'] %>
+ recaptcha_secret_key: <%= ENV['RECAPTCHA_SECRET_KEY'] %>
+ recaptcha_site_key: 'hello'
development:
<<: *default
diff --git a/docker-compose.yml b/docker-compose.yml
index 7907e08..bd0326d 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -104,6 +104,8 @@ services:
- ADMIN_EMAIL=${ADMIN_EMAIL:-info@bikebike.org}
- DEFAULT_URL=${DEFAULT_URL:-bikebike.org}
- REDIS_URL=redis://redis:6379
+ - RECAPTCHA_SECRET_KEY=${RECAPTCHA_SECRET_KEY:-123456789}
+ - RECAPTCHA_SITE_KEY=${RECAPTCHA_SITE_KEY:-123456789}
volumes:
- bikebikebike:/app/BikeBike
- bikebikebike_bundle:/usr/local/bundle