From b771dd6791cab4a2bd00ac400d00663c54310b7c Mon Sep 17 00:00:00 2001
From: Jesse <2302541+Kangaroux@users.noreply.github.com>
Date: Wed, 8 Jul 2020 04:38:47 -0400
Subject: [PATCH] Add config for enabling/disabling recaptcha
---
client/html/user_registration.tpl | 3 +--
client/js/api.js | 4 ++++
client/js/views/registration_view.js | 9 ++++++---
server/config.yaml.dist | 7 +++++++
server/szurubooru/api/info_api.py | 1 +
server/szurubooru/api/user_api.py | 2 +-
6 files changed, 20 insertions(+), 6 deletions(-)
diff --git a/client/html/user_registration.tpl b/client/html/user_registration.tpl
index fa0a5627..d2b008f2 100644
--- a/client/html/user_registration.tpl
+++ b/client/html/user_registration.tpl
@@ -38,8 +38,7 @@
diff --git a/client/js/api.js b/client/js/api.js
index 5bde6d81..a6bec97f 100644
--- a/client/js/api.js
+++ b/client/js/api.js
@@ -108,6 +108,10 @@ class Api extends events.EventTarget {
return !!remoteConfig.enableSafety;
}
+ recaptchaEnabled() {
+ return !!remoteConfig.enableRecaptcha;
+ }
+
hasPrivilege(lookup) {
let minViableRank = null;
for (let p of Object.keys(remoteConfig.privileges)) {
diff --git a/client/js/views/registration_view.js b/client/js/views/registration_view.js
index f2bbcb7d..4e29a07d 100644
--- a/client/js/views/registration_view.js
+++ b/client/js/views/registration_view.js
@@ -10,12 +10,17 @@ const RECAPTCHA_SITE_KEY = "site key";
class RegistrationView extends events.EventTarget {
constructor() {
super();
+
+ // Show the recaptcha only for anonymous users.
+ const showRecaptcha = (!api.isLoggedIn() && api.recaptchaEnabled());
+
this._hostNode = document.getElementById("content-holder");
views.replaceContent(
this._hostNode,
template({
userNamePattern: api.getUserNameRegex(),
passwordPattern: api.getPasswordRegex(),
+ enableRecaptcha: showRecaptcha,
})
);
views.syncScrollPosition();
@@ -23,8 +28,7 @@ class RegistrationView extends events.EventTarget {
this._formNode.addEventListener("submit", (e) => this._evtSubmit(e));
this.setRecaptchaToken = this.setRecaptchaToken.bind(this);
- // Show the recaptcha for anonymous users.
- if (!api.isLoggedIn())
+ if (showRecaptcha)
this.renderRecaptcha();
}
@@ -36,7 +40,6 @@ class RegistrationView extends events.EventTarget {
}
setRecaptchaToken(token) {
- console.log("Recaptcha token:", token);
this.recaptchaToken = token;
}
diff --git a/server/config.yaml.dist b/server/config.yaml.dist
index eec7d7fe..5758922e 100644
--- a/server/config.yaml.dist
+++ b/server/config.yaml.dist
@@ -7,6 +7,13 @@ name: szurubooru
domain: # example: http://example.com
# used to salt the users' password hashes and generate filenames for static content
secret: change
+
+# Whether solving a captcha is required for registration for anonymous users.
+enable_recaptcha: no
+
+# A reCAPTCHA v2 secret token.
+# https://developers.google.com/recaptcha/intro
+# https://developers.google.com/recaptcha/docs/display
recaptcha_secret: change
# Delete thumbnails and source files on post delete
diff --git a/server/szurubooru/api/info_api.py b/server/szurubooru/api/info_api.py
index 757b09cf..5574270c 100644
--- a/server/szurubooru/api/info_api.py
+++ b/server/szurubooru/api/info_api.py
@@ -49,6 +49,7 @@ def get_info(ctx: rest.Context, _params: Dict[str, str] = {}) -> rest.Response:
"privileges": util.snake_case_to_lower_camel_case_keys(
config.config["privileges"]
),
+ "enableRecaptcha": config.config["enable_recaptcha"],
},
}
if auth.has_privilege(ctx.user, "posts:view:featured"):
diff --git a/server/szurubooru/api/user_api.py b/server/szurubooru/api/user_api.py
index ee555117..588bcf6c 100644
--- a/server/szurubooru/api/user_api.py
+++ b/server/szurubooru/api/user_api.py
@@ -42,7 +42,7 @@ def create_user(
auth.verify_privilege(ctx.user, "users:create:any")
# Verify if the recaptcha was correct.
- if expect_recaptcha:
+ if expect_recaptcha and config.config["enable_recaptcha"]:
resp = requests.post("https://www.google.com/recaptcha/api/siteverify", data={
"secret": config.config["recaptcha_secret"],
"response": ctx.get_param_as_string("recaptchaToken", default=""),