Add config for enabling/disabling recaptcha

client/html/user_registration.tpl

@@ -38,8 +38,7 @@
 
         <div class='messages'></div>
         <div class='buttons'>
-            <div id="recaptcha"></div>
+            <% if(ctx.enableRecaptcha) print(`<div id="recaptcha"></div><br>`); %>
-            <br>
             <input type='submit' value='Create an account'/>
         </div>
     </form>

client/js/api.js

@@ -108,6 +108,10 @@ class Api extends events.EventTarget {
         return !!remoteConfig.enableSafety;
     }
 
+    recaptchaEnabled() {
+        return !!remoteConfig.enableRecaptcha;
+    }
+
     hasPrivilege(lookup) {
         let minViableRank = null;
         for (let p of Object.keys(remoteConfig.privileges)) {

client/js/views/registration_view.js

@@ -10,12 +10,17 @@ const RECAPTCHA_SITE_KEY = "site key";
 class RegistrationView extends events.EventTarget {
     constructor() {
         super();
+
+        // Show the recaptcha only for anonymous users.
+        const showRecaptcha = (!api.isLoggedIn() && api.recaptchaEnabled());
+
         this._hostNode = document.getElementById("content-holder");
         views.replaceContent(
             this._hostNode,
             template({
                 userNamePattern: api.getUserNameRegex(),
                 passwordPattern: api.getPasswordRegex(),
+                enableRecaptcha: showRecaptcha,
             })
         );
         views.syncScrollPosition();
@@ -23,8 +28,7 @@ class RegistrationView extends events.EventTarget {
         this._formNode.addEventListener("submit", (e) => this._evtSubmit(e));
         this.setRecaptchaToken = this.setRecaptchaToken.bind(this);
 
-        // Show the recaptcha for anonymous users.
+        if (showRecaptcha)
-        if (!api.isLoggedIn())
             this.renderRecaptcha();
     }
 
@@ -36,7 +40,6 @@ class RegistrationView extends events.EventTarget {
     }
 
     setRecaptchaToken(token) {
-        console.log("Recaptcha token:", token);
         this.recaptchaToken = token;
     }
 

server/config.yaml.dist

@@ -7,6 +7,13 @@ name: szurubooru
 domain: # example: http://example.com
 # used to salt the users' password hashes and generate filenames for static content
 secret: change
+
+# Whether solving a captcha is required for registration for anonymous users.
+enable_recaptcha: no
+
+# A reCAPTCHA v2 secret token.
+# https://developers.google.com/recaptcha/intro
+# https://developers.google.com/recaptcha/docs/display
 recaptcha_secret: change
 
 # Delete thumbnails and source files on post delete

server/szurubooru/api/info_api.py

@@ -49,6 +49,7 @@ def get_info(ctx: rest.Context, _params: Dict[str, str] = {}) -> rest.Response:
             "privileges": util.snake_case_to_lower_camel_case_keys(
                 config.config["privileges"]
             ),
+            "enableRecaptcha": config.config["enable_recaptcha"],
         },
     }
     if auth.has_privilege(ctx.user, "posts:view:featured"):

server/szurubooru/api/user_api.py

@@ -42,7 +42,7 @@ def create_user(
         auth.verify_privilege(ctx.user, "users:create:any")
 
     # Verify if the recaptcha was correct.
-    if expect_recaptcha:
+    if expect_recaptcha and config.config["enable_recaptcha"]:
         resp = requests.post("https://www.google.com/recaptcha/api/siteverify", data={
             "secret": config.config["recaptcha_secret"],
             "response": ctx.get_param_as_string("recaptchaToken", default=""),