Merge pull request #257 from kortirso/issue_256

IS-256 added recaptcha for users registration
kortirso · Feb 15, 2024 · 1ddad0a · 1ddad0a
2 parents 35413b7 + fad4019
commit 1ddad0a
Show file tree

Hide file tree

Showing 9 changed files with 25 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,9 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
 ## Unreleased
+### Added
+- recaptcha for users registration
+
 ### Modified
 - navigation styles for better mobile
 - closing dropdowns after outside click

diff --git a/Gemfile b/Gemfile
@@ -94,6 +94,9 @@ gem 'pagy', '~> 6.0'
 # notification layer
 gem 'active_delivery'
 
+# antibot captcha
+gem 'recaptcha', require: 'recaptcha/rails'
+
 group :development, :test do
  gem 'bullet', git: 'https://github.com/flyerhzm/bullet', branch: 'main'
  gem 'cypress-on-rails', '~> 1.0'

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -355,6 +355,7 @@ GEM
  rake (13.1.0)
  rdoc (6.6.2)
  psych (>= 4.0.0)
+ recaptcha (5.16.0)
  redis (5.1.0)
  redis-client (>= 0.17.0)
  redis-actionpack (5.4.0)
@@ -534,6 +535,7 @@ DEPENDENCIES
  rackup (~> 2.1)
  rails (~> 7.1)
  rails-controller-testing (= 1.0.5)
+ recaptcha
  redis (~> 5.0)
  redis-rack!
  redis-rails!

diff --git a/app/controllers/users/registrations_controller.rb b/app/controllers/users/registrations_controller.rb
@@ -9,6 +9,7 @@ class RegistrationsController < ApplicationController
 
  skip_before_action :authenticate
  skip_before_action :check_email_confirmation
+ before_action :check_recaptcha, only: %i[create]
 
  def new
  @user = User.new
@@ -25,6 +26,10 @@ def confirm; end
 
  private
 
+ def check_recaptcha
+ failed_create_response([t('controllers.users.registrations.failed_recaptcha')]) unless verify_recaptcha
+ end
+
  def success_create_response(user)
  cookies[:fantasy_sports_token] = {
  value: generate_token.call(user: user)[:result],

diff --git a/app/views/controllers/users/registrations/new.html.erb b/app/views/controllers/users/registrations/new.html.erb
@@ -21,6 +21,9 @@
  <%= t('views.users.registrations.new.have_account') %>
  <%= link_to t('components.page_wrappers.users_component.login'), users_login_path, class: 'underline text-blue-600' %>
  </div>
+ <div class="form-field">
+ <%= recaptcha_tags %>
+ </div>
  <%= form.submit t('views.users.registrations.new.create'), class: 'btn-primary' %>
  <% end %>
  </div>

diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
@@ -1 +1 @@
-f0zWXxgXhzXZRzu9f1XmacrOmRd5HlDSoPoqcYeAiZmc2bXhNsIBXPPuYTJJtUclwjd8Rd0FSc8WihK1hy7ljMYqjoZOB8Dnj1FvA1ce/UeMruo6yC0am9mjlOmCdop1mQBltJE5nL8O1QFhTaBdTTeHDplQdTdz75673Hfi3mu3cXUADBYdpk8FDRc1Q3+fwEYqAdJt0bZ0Nk0AiJy1+fsp2opNXWqFMkpHD+QLG3ta1/JnW6RkeEicLMzt74Ldop8pYPZkeV4Ew4AZIvbAML4MOe8QP38RNLhbIboHjaKmw7vWcT7QF8oM+hcowm77162yh5Khe9GLOy8TmoAaRNMxxkSeWx9RkUlWxg89otwno/h0AzV2bLd1ddbmOp43/6tx6YvBHc49RZgNVJUTB60igZN4Tby/igUu6PW5JvkiKukyTRUx7598bZLZMLyv+5nLQoSGkinwkWT4gsRR9imOgQST5eW7xQwUOGF03jn4CtlBztYucbsElEox3VNm2Jctxzd0eeadP9uWE4pBPFzYyTdX/GBrD8f2dyREyzYMjqKwC+naWEdyRa/FRI85sHfDey2MmmTIjWjBIh3bL74Z924jck9sGdq7oN5ftBwM5dM7U1SJBzLzjYczmv+qrR4HjsEPhUsDCW8k1u0XL00lwQugw9g6vtTGAB+3LLSsNKuDQq4SF2MGrv0YCTXQYBR0nKTGkhlPtSdmofzu+2RqVy+EAEEIOvOc9rZjTrfica25Su5MVnehn4dZSWfjyks4wPbcwx5o53cgYUwSVOKGv6D8i+NNC09yg/a8HU+2vjtSRdIpUvlGsWcmKf1I8rZw0pBZLgxUj5t2XAqhYRBxCGwy/X99TsyJ47lpUOP9JjmPmWkCM4QBuxJeHJRbOS708GnZaC1FwJ9Cugbt3ELX53g78mgFIxWBMTCTouDIcOxyLfpJ/9BnJJmLtNT97OlE+Xg55ZkxYlh2w9REUlp40eX3PCHRaJi/E/wolPTFVVJ85IaZpHhkp8NgTKJtnp8IUr74W04C8jwjza1MT8rPE565nXvqgf5PXSBLQQw1S1uOddE0RBiB11yevNduOkWUUsvbtDXDKuDhLKZkpCFlMK+IKJUlN6Gc1Hfu8mKPRBv7A9hQb6gnOVM6ofGIaxQsyF+ZQ9zd5YTc/wQ3G4Il4l8gG9FwW4UwvkMqhl9Wap854s/MCTXF/DrFJS+zMhUI0HVgwUsALxvv1n/OkuKQElbT0Ej9qjoLc/HgU6Zy9pYVMdce6zmXJRvuzP24eBsfhHl+4SOj8bocN4aNss6WW+p05DyvhNG/9wOaSngLP5MF4RkDrPgSlG+lxBeAdDC6AHksAu92S0CwCCvHf9RCWT1raTY2qcukzuY9D3IrzpiABQ9z//dvSHQRpHq52+CI6BUPqmWlUU9GCL2OfE25v6lZVy5zfWNcIOp4w2nvYKqngTTyk6TBbzY961Z7EE0ftGVRPxEfeW2yk4Bc8yKj55DC05SN3Uu9fpZvyBdlR0+AS67M/7k6oc8GPsvo7kMyuUKj1qszLGYuNQvVxlEtUNNKZ5we1hDG6+WUvfWDQyioI1WghCy141K/KDlhvNo5ln8v/uhNJIeKGMkTk5P58gaKxUCWAXfch8HV9UpmkpFdo8lzngv7R3au1I4bgFabkqIcUZLcIZz6qy7uStS48ZMMUAF35d8x5gTjVRWywtMZB9LoH5T3I2YyKcJhQGQamoz5ar4oh8Pi8vnQFOYTcR302K2e1tDzcd0qy0EoB3rVjrs2kcdnJeHfqR7t/nWu6x0LQJ61wuMLsC1wBS0H+VyGvTW0sbxPDvscEaklJDDOKmbz92qVi7659h0KR0j/H8CGqhcEFEzBNH0KPz3UxfWRBywFP8n4ci11bsnqyiOApBoFqlOCRA20HXs+9Mg8C0pk4kiybdmy0MELWRUDQtiKKMkvCXmZ0m+4usWDJQxRw88WNqeqG25T7l9n7MMX2u0Oy/b57ZFX7HWKL6ak0OKFZJoJfdCPKATt9gsvmV+11T7sWxxW+dM1XxqF/YWfVc8S4s2zVXa6myltzWRe3KKM1XZRcqHiMz9oxlg7l/GZL7T/2L5kuzc69pSqOa6k3jemFvrrnHTpcC3MZqDNI4ZvCoeQwHjXsd7A8ma+0JnH50LSPOwwUDUNORUxZ8g5rn8PnX4DI5FZ--TX+cj2LZ0G4O4ot+--T8DeoTqjNaU2tL1Y2LNehQ==
+yWrn/QRPVRUzn8J91ayTCnMTcaX4Kvu/Xf+V0NnsdefUcC1feFK6WBAbzcqyNJmhkq51wwP98F4ukHwT1gN6yUXA4cAA5cplLmjDA2VBp0NGbX/HIkO1duTwIJ/VKIE53KWCQHYSXtcPbxx9ycFXpPVMoQJNXjC5qETgpOr44OZJguGDMNWq68+K0j9T24l4tSyGcBskQEo6PD9VWsiVn9toxwo/YxV3YIm2lN5f1tmbpKsRNgjnLnXCnEli/qVONtua6+I/dGNd/DltmFR2yWbt3hYs+pCVIyQ4v0DMd9Si9SDigXNA5rQT6MSL5mc9tQJmjOc7eb44QoN83Ka9kD3FxduJwsE6Y5gSEyeidMuEvkXpJJF8Va4DeTvZ7EBmXqfCTuQWuDs4D1DoYGTx89FcXCcMWpyIJMKhT98MaINYJuOqMGkPpe20lFvcKDMBJhhkBvrVQkC3grJYZ1v+ajXrJBNKROkek1oEtEtcnZClW6lzJZccY8Qz187YZ6HME6v7tV1kli1jDvjDwN1NiXXDk4Wg0A1kisCMMO0cK9PulTvktVNJq0JMZJHGpzsMnNA0b9cjg5a9DmPYz4PWGd4+iSdCOQFYxr9Sy4GP8eiyg8gCgeBFCNhLZXji+7eSAocyTml6txQQVG5YUNVdVzKf/aZRCHTKcNm/eL4JO7R0QB/JaR0DjEfxR28JJ0Ytr3lZeM4xio2dgvV3yxrPeTBxG66cyA7kW4Lh6hZCuc0By1s994MCOw36aU8V+nssKufxLGq0XHS3lgFX3BUMiwYpe5sqaYhpXuimvz0z0IUH+3LKrsVJ+EVgdC3nVp7Y/0oEeG8LoP2uE5EqyXrYjmAioc0zd1gGPi7ZDgXwjezsWtpgZ2T0IN+MjXqcv92q3TZ2ozMWtKkkq142NUJLCT6maJkjms+S47n6Urwph2O0+umu38znXicPhG7yf0RNa7Xgq/qIpBsus1DjdTUEnkgTJhomgqAqH72sJ4SOmr6mbG3B4fENo4J2G0Ph85OOdAG9RUZRNI4mOCazvnp3wvM5lf7MUy46g9OVr54A2AgzaSwVd2XhrfJwXV5gfViUxQeftImP69rZBIo9Q3W1QVeDMXhY4r1/VzU/9z/uLErK3u/u6Wx7wic4sfSIdI3sGN+9BSakW7x/ff2hwbfDMnec0QWEKKI7r019Rhx6zDiP6Z90kCcLeRj08SRBSHr7dxf5kqwoVnVP5XnCajK6EO/XbxgXHOaGwvVNEW1nswoCbA06oDjxFv8Zpw2/NgNXHOF7ncKH+8RbnzLmjOsDbgTmvfmHz76OUP2gb+qwveUR+pn+hqUQeVZzESnpX3Hm3h2ueZWnl3NubN6lnoSlAlMbuvwJgM9uFsCHoxeAX+J0Jv4Nuh1Xywb5E+S2vegJXpSVlGu9LwPh5oPfvESKuXYkoi4GCn7y2wLfAnNVgG+ibXsNN8EZbWZbKaOsMkpjO/J8UsUDrIu4PLjVLdqdx15DW9xbxF8WybxwI9DpWH+pdCdEVi1/8Rt3ZE8jpNF9ndUoKH6g88XiO/S57JoG8t+uc1xfXFpR5p3NAcunU2k4gBT7a0pR6yHEwEoZXOhS3s8erqvz8MxEtMBEESxY2qDd2jO6WTbqixRIV0YuxdASDUtW4kmIDzP6TumSvChGdm0lL261Ne21CPcfVIkpA83rBcjnCXJ4cNtNMO4TuzRU3za8oxzPvQVCwjEgWYycbf5jrP67IigqUKN+rjWRUtpsF4mSXVnyOzYZtAPLrSUSgs/c6JYU6fIsWDXfMtupmg6wV/mfvZ+nNaxr/WC8qeiqs2ypCVM/NWpzKXM2Pkm1XtaWRo/q0NFhkbSwsUD6grIVNWmhaXQx5at82NGjXWE1IOecL+O6BrzzGgdggt9zkG+HF/lxkVDnt97lSJPhaa1ZvnWJteWImge1fRwOLBbetdiguTA2nxsfZSZjFMlZB0CkUd2qSbJgp5IcP2+R9S13G4sTijrb4JnvFSvK/C3p2oIDbZRBCkKO134WbGn7ZmfzEaAGvfYlo0q70/9vFVQQNHnTVK8YUHZhtHZJV4Y0anfVGdxorA2sK3MgU/Rs7FB1dvX6JaIBUD/968nIh3005uPAAyE8cAh/PnScyC8pM3JFVYJqkYOwANDE8rk1IAn9uOtO8RlRom1mn2jUJ90K6IZBXXWC9TeEGpBLP0w4KecUQXtVQsBUToS3HOfi8JFh+4uxf1gjAqJ74OJxLWtM5ZOCyui7OFK8JwgGgs7GbtCdpEQbMEpoZUNpkylHXlKUkpX/Yb2q2xAl19k7mVqBVQTHI2r+6U80PxfUHAn1oJKi7PUqrKsY5aZ5cw==--KJAL+Inihta1Z5yC--4zMeBuyffQpWpDvEZ4Gmxg==
diff --git a/config/initializers/recaptcha.rb b/config/initializers/recaptcha.rb
@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+Recaptcha.configure do |config|
+ config.site_key = Rails.application.credentials.dig(:recaptcha, :public)
+ config.secret_key = Rails.application.credentials.dig(:recaptcha, :private)
+end
diff --git a/config/locales/en.yml b/config/locales/en.yml
@@ -81,6 +81,7 @@ en:
  users:
  registrations:
  success_create: You are signed up
+ failed_recaptcha: Failed reCaptcha validation
  sessions:
  success_create: You are logged in
  success_destroy: You are logged out

diff --git a/config/locales/ru.yml b/config/locales/ru.yml
@@ -81,6 +81,7 @@ ru:
  users:
  registrations:
  success_create: Вы зарегистрированы
+ failed_recaptcha: Провалена проверка reCaptcha
  sessions:
  success_create: Вы вошли
  success_destroy: Вы вышли