Add support for Google reCAPTCHA in user registration to prevent spammers
This commit is contained in:
parent
a52746649d
commit
9f7d379c2a
9 changed files with 59 additions and 6 deletions
|
@ -1,6 +1,7 @@
|
|||
Please view this file on the master branch, on stable branches it's out of date.
|
||||
|
||||
v 8.4.0 (unreleased)
|
||||
- Add support for Google reCAPTCHA in user registration to prevent spammers (Stan Hu)
|
||||
- Implement new UI for group page
|
||||
- Implement search inside emoji picker
|
||||
- Add API support for looking up a user by username (Stan Hu)
|
||||
|
|
3
Gemfile
3
Gemfile
|
@ -35,6 +35,9 @@ gem 'omniauth-twitter', '~> 1.2.0'
|
|||
gem 'omniauth_crowd'
|
||||
gem 'rack-oauth2', '~> 1.2.1'
|
||||
|
||||
# reCAPTCHA protection
|
||||
gem 'recaptcha', require: 'recaptcha/rails'
|
||||
|
||||
# Two-factor authentication
|
||||
gem 'devise-two-factor', '~> 2.0.0'
|
||||
gem 'rqrcode-rails3', '~> 0.1.7'
|
||||
|
|
|
@ -566,6 +566,8 @@ GEM
|
|||
trollop
|
||||
rdoc (3.12.2)
|
||||
json (~> 1.4)
|
||||
recaptcha (1.0.2)
|
||||
json
|
||||
redcarpet (3.3.3)
|
||||
redis (3.2.2)
|
||||
redis-actionpack (4.0.1)
|
||||
|
@ -924,6 +926,7 @@ DEPENDENCIES
|
|||
raphael-rails (~> 2.1.2)
|
||||
rblineprof
|
||||
rdoc (~> 3.6)
|
||||
recaptcha
|
||||
redcarpet (~> 3.3.3)
|
||||
redis-namespace
|
||||
redis-rails (~> 4.0.0)
|
||||
|
|
|
@ -1,10 +1,21 @@
|
|||
class RegistrationsController < Devise::RegistrationsController
|
||||
before_action :signup_enabled?
|
||||
include Recaptcha::Verify
|
||||
|
||||
def new
|
||||
redirect_to(new_user_session_path)
|
||||
end
|
||||
|
||||
def create
|
||||
if !Gitlab.config.recaptcha.enabled || verify_recaptcha
|
||||
super
|
||||
else
|
||||
flash[:alert] = "There was an error with the reCAPTCHA code below. Please re-enter the code."
|
||||
flash.delete :recaptcha_error
|
||||
render action: 'new'
|
||||
end
|
||||
end
|
||||
|
||||
def destroy
|
||||
DeleteUserService.new(current_user).execute(current_user)
|
||||
|
||||
|
@ -38,4 +49,16 @@ class RegistrationsController < Devise::RegistrationsController
|
|||
def sign_up_params
|
||||
params.require(:user).permit(:username, :email, :name, :password, :password_confirmation)
|
||||
end
|
||||
|
||||
def resource_name
|
||||
:user
|
||||
end
|
||||
|
||||
def resource
|
||||
@resource ||= User.new
|
||||
end
|
||||
|
||||
def devise_mapping
|
||||
@devise_mapping ||= Devise.mappings[:user]
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
class SessionsController < Devise::SessionsController
|
||||
include AuthenticatesWithTwoFactor
|
||||
include Recaptcha::ClientHelper
|
||||
|
||||
prepend_before_action :authenticate_with_two_factor, only: [:create]
|
||||
prepend_before_action :store_redirect_path, only: [:new]
|
||||
|
|
|
@ -17,6 +17,9 @@
|
|||
= f.email_field :email, class: "form-control middle", placeholder: "Email", required: true
|
||||
.form-group.append-bottom-20#password-strength
|
||||
= f.password_field :password, class: "form-control bottom", id: "user_password_sign_up", placeholder: "Password", required: true
|
||||
%div
|
||||
- if Gitlab.config.recaptcha.enabled
|
||||
= recaptcha_tags
|
||||
%div
|
||||
= f.submit "Sign up", class: "btn-create btn"
|
||||
|
||||
|
|
|
@ -346,6 +346,12 @@ production: &base
|
|||
# cas3:
|
||||
# session_duration: 28800
|
||||
|
||||
# reCAPTCHA settings. See: http://www.google.com/recaptcha
|
||||
recaptcha:
|
||||
enabled: false
|
||||
public_key: 'YOUR_PUBLIC_KEY'
|
||||
private_key: 'YOUR_PRIVATE_KEY'
|
||||
|
||||
# Shared file storage settings
|
||||
shared:
|
||||
# path: /mnt/gitlab # Default: shared
|
||||
|
|
|
@ -131,6 +131,13 @@ Settings.omniauth.cas3['session_duration'] ||= 8.hours
|
|||
Settings.omniauth['session_tickets'] ||= Settingslogic.new({})
|
||||
Settings.omniauth.session_tickets['cas3'] = 'ticket'
|
||||
|
||||
# ReCAPTCHA settings
|
||||
Settings['recaptcha'] ||= Settingslogic.new({})
|
||||
Settings.recaptcha['enabled'] = false if Settings.recaptcha['enabled'].nil?
|
||||
Settings.recaptcha['public_key'] ||= Settings.recaptcha['public_key']
|
||||
Settings.recaptcha['private_key'] ||= Settings.recaptcha['private_key']
|
||||
|
||||
|
||||
Settings['shared'] ||= Settingslogic.new({})
|
||||
Settings.shared['path'] = File.expand_path(Settings.shared['path'] || "shared", Rails.root)
|
||||
|
||||
|
|
6
config/initializers/recaptcha.rb
Normal file
6
config/initializers/recaptcha.rb
Normal file
|
@ -0,0 +1,6 @@
|
|||
if Gitlab.config.recaptcha.enabled
|
||||
Recaptcha.configure do |config|
|
||||
config.public_key = Gitlab.config.recaptcha['public_key']
|
||||
config.private_key = Gitlab.config.recaptcha['private_key']
|
||||
end
|
||||
end
|
Loading…
Reference in a new issue