From a0963475f5f4d432dd3f503568ddf7c623ece7a3 Mon Sep 17 00:00:00 2001 From: Simon Knox Date: Fri, 9 Jun 2017 23:13:20 +1000 Subject: use invisible recaptcha on register form update gem --- Gemfile | 2 +- Gemfile.lock | 4 ++-- app/assets/javascripts/dispatcher.js | 3 +++ app/assets/stylesheets/pages/issues.scss | 4 ++++ app/models/application_setting.rb | 2 +- app/views/devise/shared/_signup_box.html.haml | 4 +--- lib/gitlab/recaptcha.rb | 4 ++-- 7 files changed, 14 insertions(+), 9 deletions(-) diff --git a/Gemfile b/Gemfile index 71d2eb1557c..e01d7a64a12 100644 --- a/Gemfile +++ b/Gemfile @@ -43,7 +43,7 @@ gem 'rack-oauth2', '~> 1.2.1' gem 'jwt', '~> 1.5.6' # Spam and anti-bot protection -gem 'recaptcha', '~> 3.0', require: 'recaptcha/rails' +gem 'recaptcha', '~> 4.0', require: 'recaptcha/rails' gem 'akismet', '~> 2.0' # Two-factor authentication diff --git a/Gemfile.lock b/Gemfile.lock index f4ddd30da1b..5bae794b574 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -664,7 +664,7 @@ GEM debugger-ruby_core_source (~> 1.3) rdoc (4.2.2) json (~> 1.4) - recaptcha (3.0.0) + recaptcha (4.3.1) json recursive-open-struct (1.0.0) redcarpet (3.4.0) @@ -1064,7 +1064,7 @@ DEPENDENCIES rainbow (~> 2.2) rblineprof (~> 0.3.6) rdoc (~> 4.2) - recaptcha (~> 3.0) + recaptcha (~> 4.0) redcarpet (~> 3.4) redis (~> 3.2) redis-namespace (~> 1.5.2) diff --git a/app/assets/javascripts/dispatcher.js b/app/assets/javascripts/dispatcher.js index 31a86090242..5f990dc58ff 100644 --- a/app/assets/javascripts/dispatcher.js +++ b/app/assets/javascripts/dispatcher.js @@ -127,6 +127,9 @@ import initExperimentalFlags from './experimental_flags'; case 'sessions:new': new UsernameValidator(); new ActiveTabMemoizer(); + window.submitInvisibleRecaptchaForm = function() { + document.querySelector('.new_new_user').submit(); + }; break; case 'projects:boards:show': case 'projects:boards:index': diff --git a/app/assets/stylesheets/pages/issues.scss b/app/assets/stylesheets/pages/issues.scss index 8cdb3f34ae5..3dee6761de5 100644 --- a/app/assets/stylesheets/pages/issues.scss +++ b/app/assets/stylesheets/pages/issues.scss @@ -177,6 +177,10 @@ ul.related-merge-requests > li { } } +.grecaptcha-badge { + z-index: 200; +} + .recaptcha { margin-bottom: 30px; } diff --git a/app/models/application_setting.rb b/app/models/application_setting.rb index 668caef0d2c..58b6f4974ba 100644 --- a/app/models/application_setting.rb +++ b/app/models/application_setting.rb @@ -236,7 +236,7 @@ class ApplicationSetting < ActiveRecord::Base max_attachment_size: Settings.gitlab['max_attachment_size'], plantuml_enabled: false, plantuml_url: nil, - recaptcha_enabled: false, + recaptcha_enabled: true, repository_checks_enabled: true, repository_storages: ['default'], require_two_factor_authentication: false, diff --git a/app/views/devise/shared/_signup_box.html.haml b/app/views/devise/shared/_signup_box.html.haml index d696577278d..4aee5bd02ed 100644 --- a/app/views/devise/shared/_signup_box.html.haml +++ b/app/views/devise/shared/_signup_box.html.haml @@ -24,9 +24,7 @@ %p.gl-field-hint Minimum length is #{@minimum_password_length} characters %div - if Gitlab::Recaptcha.enabled? - = recaptcha_tags - %div - = f.submit "Register", class: "btn-register btn" + = invisible_recaptcha_tags callback: 'submitInvisibleRecaptchaForm', text: "Register", class: "btn-register btn btn-block" .clearfix.submit-container %p %span.light Didn't receive a confirmation email? diff --git a/lib/gitlab/recaptcha.rb b/lib/gitlab/recaptcha.rb index 4bc76ea033f..a690e4bc42a 100644 --- a/lib/gitlab/recaptcha.rb +++ b/lib/gitlab/recaptcha.rb @@ -3,8 +3,8 @@ module Gitlab def self.load_configurations! if current_application_settings.recaptcha_enabled ::Recaptcha.configure do |config| - config.public_key = current_application_settings.recaptcha_site_key - config.private_key = current_application_settings.recaptcha_private_key + config.site_key = current_application_settings.recaptcha_site_key + config.secret_key = current_application_settings.recaptcha_private_key end true -- cgit v1.2.1