diff options
Diffstat (limited to 'app/controllers/concerns/invisible_captcha_on_signup.rb')
-rw-r--r-- | app/controllers/concerns/invisible_captcha_on_signup.rb | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/app/controllers/concerns/invisible_captcha_on_signup.rb b/app/controllers/concerns/invisible_captcha_on_signup.rb new file mode 100644 index 00000000000..9bea6145ff3 --- /dev/null +++ b/app/controllers/concerns/invisible_captcha_on_signup.rb @@ -0,0 +1,51 @@ +# frozen_string_literal: true + +module InvisibleCaptchaOnSignup + extend ActiveSupport::Concern + + included do + invisible_captcha only: :create, on_spam: :on_honeypot_spam_callback, on_timestamp_spam: :on_timestamp_spam_callback + end + + def on_honeypot_spam_callback + return unless Feature.enabled?(:invisible_captcha) + + invisible_captcha_honeypot_counter.increment + log_request('Invisible_Captcha_Honeypot_Request') + + head(200) + end + + def on_timestamp_spam_callback + return unless Feature.enabled?(:invisible_captcha) + + invisible_captcha_timestamp_counter.increment + log_request('Invisible_Captcha_Timestamp_Request') + + redirect_to new_user_session_path, alert: InvisibleCaptcha.timestamp_error_message + end + + def invisible_captcha_honeypot_counter + @invisible_captcha_honeypot_counter ||= + Gitlab::Metrics.counter(:bot_blocked_by_invisible_captcha_honeypot, + 'Counter of blocked sign up attempts with filled honeypot') + end + + def invisible_captcha_timestamp_counter + @invisible_captcha_timestamp_counter ||= + Gitlab::Metrics.counter(:bot_blocked_by_invisible_captcha_timestamp, + 'Counter of blocked sign up attempts with invalid timestamp') + end + + def log_request(message) + request_information = { + message: message, + env: :invisible_captcha_signup_bot_detected, + remote_ip: request.ip, + request_method: request.request_method, + path: request.fullpath + } + + Gitlab::AuthLogger.error(request_information) + end +end |