From: Aidan Cornelius-Bell Date: Mon, 7 Oct 2024 22:01:19 +0000 (+1030) Subject: Added hCaptcha, sadly, because of spam X-Git-Url: https://gitweb.mndrdr.org/?a=commitdiff_plain;h=20284cdecdc008d23b6602230482186d5f6cf4b5;p=arelpe.git Added hCaptcha, sadly, because of spam --- diff --git a/Gemfile b/Gemfile index 65bc375..59be3ae 100644 --- a/Gemfile +++ b/Gemfile @@ -20,6 +20,8 @@ gem "rouge" gem "httparty" #environment stuff gem "dotenv" +#humanity verification +gem "hcaptcha" # Use Kredis to get higher-level data types in Redis [https://github.com/rails/kredis] # gem "kredis" #api stuff diff --git a/Gemfile.lock b/Gemfile.lock index 23fc602..fae35dc 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -113,6 +113,8 @@ GEM erubi (1.13.0) globalid (1.2.1) activesupport (>= 6.1) + hcaptcha (7.1.0) + json httparty (0.22.0) csv mini_mime (>= 1.0.0) @@ -326,6 +328,7 @@ DEPENDENCIES debug devise dotenv + hcaptcha httparty jsonapi-serializer kaminari diff --git a/app/controllers/users/registrations_controller.rb b/app/controllers/users/registrations_controller.rb new file mode 100644 index 0000000..837c1c3 --- /dev/null +++ b/app/controllers/users/registrations_controller.rb @@ -0,0 +1,19 @@ +class Users::RegistrationsController < Devise::RegistrationsController + prepend_before_action :check_captcha, only: [:create] + + private + + def check_captcha + unless verify_hcaptcha + self.resource = resource_class.new sign_up_params + resource.validate + set_minimum_password_length + resource.errors.add(:base, 'Please verify that you are not a robot') + respond_with_navigational(resource) { render :new } + end + end + + def sign_up_params + params.require(:user).permit(:first_name, :last_name, :email, :password, :password_confirmation) + end +end \ No newline at end of file diff --git a/app/models/user.rb b/app/models/user.rb index 163501f..9c650ff 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -1,7 +1,7 @@ class User < ApplicationRecord # Include default devise modules. Others available are: # :confirmable, :lockable, :timeoutable, :trackable and :omniauthable - devise :database_authenticatable, # :registerable, + devise :database_authenticatable, :registerable, :recoverable, :rememberable, :validatable, :confirmable diff --git a/app/views/devise/registrations/new.html.erb b/app/views/devise/registrations/new.html.erb index a466cde..c9efc47 100644 --- a/app/views/devise/registrations/new.html.erb +++ b/app/views/devise/registrations/new.html.erb @@ -31,6 +31,10 @@ <%= f.label :password_confirmation %> <%= f.password_field :password_confirmation, autocomplete: "new-password" %> + +
+ <%= hcaptcha_tags %> +
<%= f.submit "Sign up" %> diff --git a/config/routes.rb b/config/routes.rb index 9e62840..ff3554d 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -16,7 +16,7 @@ Rails.application.routes.draw do get 'export', to: 'posts#export' post 'import', to: 'posts#import' resources :api_keys - devise_for :users + devise_for :users, controllers: { registrations: 'users/registrations' } resources :posts get '/feed', to: 'pubview#rss', as: 'rss', defaults: { format: 'rss' } get '/feed/dispatches', to: 'pubview#dispatches_rss', as: 'dispatches_rss', defaults: { format: 'rss' }