From fad4019ad66f0579dcd709001bfbfd5f1dee18a2 Mon Sep 17 00:00:00 2001 From: Bogdanov Anton Date: Thu, 15 Feb 2024 12:12:05 +0300 Subject: [PATCH] added recaptcha for users registration --- CHANGELOG.md | 3 +++ Gemfile | 3 +++ Gemfile.lock | 2 ++ app/controllers/users/registrations_controller.rb | 5 +++++ app/views/controllers/users/registrations/new.html.erb | 3 +++ config/credentials.yml.enc | 2 +- config/initializers/recaptcha.rb | 6 ++++++ config/locales/en.yml | 1 + config/locales/ru.yml | 1 + 9 files changed, 25 insertions(+), 1 deletion(-) create mode 100644 config/initializers/recaptcha.rb diff --git a/CHANGELOG.md b/CHANGELOG.md index 51c5203b..c7eb7ddb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,9 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). ## Unreleased +### Added +- recaptcha for users registration + ### Modified - navigation styles for better mobile - closing dropdowns after outside click diff --git a/Gemfile b/Gemfile index c991b752..26a793cc 100644 --- a/Gemfile +++ b/Gemfile @@ -94,6 +94,9 @@ gem 'pagy', '~> 6.0' # notification layer gem 'active_delivery' +# antibot captcha +gem 'recaptcha', require: 'recaptcha/rails' + group :development, :test do gem 'bullet', git: 'https://github.com/flyerhzm/bullet', branch: 'main' gem 'cypress-on-rails', '~> 1.0' diff --git a/Gemfile.lock b/Gemfile.lock index fce81e97..2a6097f6 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -355,6 +355,7 @@ GEM rake (13.1.0) rdoc (6.6.2) psych (>= 4.0.0) + recaptcha (5.16.0) redis (5.1.0) redis-client (>= 0.17.0) redis-actionpack (5.4.0) @@ -534,6 +535,7 @@ DEPENDENCIES rackup (~> 2.1) rails (~> 7.1) rails-controller-testing (= 1.0.5) + recaptcha redis (~> 5.0) redis-rack! redis-rails! diff --git a/app/controllers/users/registrations_controller.rb b/app/controllers/users/registrations_controller.rb index eb09b609..60d788cd 100644 --- a/app/controllers/users/registrations_controller.rb +++ b/app/controllers/users/registrations_controller.rb @@ -9,6 +9,7 @@ class RegistrationsController < ApplicationController skip_before_action :authenticate skip_before_action :check_email_confirmation + before_action :check_recaptcha, only: %i[create] def new @user = User.new @@ -25,6 +26,10 @@ def confirm; end private + def check_recaptcha + failed_create_response([t('controllers.users.registrations.failed_recaptcha')]) unless verify_recaptcha + end + def success_create_response(user) cookies[:fantasy_sports_token] = { value: generate_token.call(user: user)[:result], diff --git a/app/views/controllers/users/registrations/new.html.erb b/app/views/controllers/users/registrations/new.html.erb index 39dd5325..a5a61d46 100644 --- a/app/views/controllers/users/registrations/new.html.erb +++ b/app/views/controllers/users/registrations/new.html.erb @@ -21,6 +21,9 @@ <%= t('views.users.registrations.new.have_account') %> <%= link_to t('components.page_wrappers.users_component.login'), users_login_path, class: 'underline text-blue-600' %> +
+ <%= recaptcha_tags %> +
<%= form.submit t('views.users.registrations.new.create'), class: 'btn-primary' %> <% end %> diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc index 8857eccc..d113d8e5 100644 --- a/config/credentials.yml.enc +++ b/config/credentials.yml.enc @@ -1 +1 @@ -f0zWXxgXhzXZRzu9f1XmacrOmRd5HlDSoPoqcYeAiZmc2bXhNsIBXPPuYTJJtUclwjd8Rd0FSc8WihK1hy7ljMYqjoZOB8Dnj1FvA1ce/UeMruo6yC0am9mjlOmCdop1mQBltJE5nL8O1QFhTaBdTTeHDplQdTdz75673Hfi3mu3cXUADBYdpk8FDRc1Q3+fwEYqAdJt0bZ0Nk0AiJy1+fsp2opNXWqFMkpHD+QLG3ta1/JnW6RkeEicLMzt74Ldop8pYPZkeV4Ew4AZIvbAML4MOe8QP38RNLhbIboHjaKmw7vWcT7QF8oM+hcowm77162yh5Khe9GLOy8TmoAaRNMxxkSeWx9RkUlWxg89otwno/h0AzV2bLd1ddbmOp43/6tx6YvBHc49RZgNVJUTB60igZN4Tby/igUu6PW5JvkiKukyTRUx7598bZLZMLyv+5nLQoSGkinwkWT4gsRR9imOgQST5eW7xQwUOGF03jn4CtlBztYucbsElEox3VNm2Jctxzd0eeadP9uWE4pBPFzYyTdX/GBrD8f2dyREyzYMjqKwC+naWEdyRa/FRI85sHfDey2MmmTIjWjBIh3bL74Z924jck9sGdq7oN5ftBwM5dM7U1SJBzLzjYczmv+qrR4HjsEPhUsDCW8k1u0XL00lwQugw9g6vtTGAB+3LLSsNKuDQq4SF2MGrv0YCTXQYBR0nKTGkhlPtSdmofzu+2RqVy+EAEEIOvOc9rZjTrfica25Su5MVnehn4dZSWfjyks4wPbcwx5o53cgYUwSVOKGv6D8i+NNC09yg/a8HU+2vjtSRdIpUvlGsWcmKf1I8rZw0pBZLgxUj5t2XAqhYRBxCGwy/X99TsyJ47lpUOP9JjmPmWkCM4QBuxJeHJRbOS708GnZaC1FwJ9Cugbt3ELX53g78mgFIxWBMTCTouDIcOxyLfpJ/9BnJJmLtNT97OlE+Xg55ZkxYlh2w9REUlp40eX3PCHRaJi/E/wolPTFVVJ85IaZpHhkp8NgTKJtnp8IUr74W04C8jwjza1MT8rPE565nXvqgf5PXSBLQQw1S1uOddE0RBiB11yevNduOkWUUsvbtDXDKuDhLKZkpCFlMK+IKJUlN6Gc1Hfu8mKPRBv7A9hQb6gnOVM6ofGIaxQsyF+ZQ9zd5YTc/wQ3G4Il4l8gG9FwW4UwvkMqhl9Wap854s/MCTXF/DrFJS+zMhUI0HVgwUsALxvv1n/OkuKQElbT0Ej9qjoLc/HgU6Zy9pYVMdce6zmXJRvuzP24eBsfhHl+4SOj8bocN4aNss6WW+p05DyvhNG/9wOaSngLP5MF4RkDrPgSlG+lxBeAdDC6AHksAu92S0CwCCvHf9RCWT1raTY2qcukzuY9D3IrzpiABQ9z//dvSHQRpHq52+CI6BUPqmWlUU9GCL2OfE25v6lZVy5zfWNcIOp4w2nvYKqngTTyk6TBbzY961Z7EE0ftGVRPxEfeW2yk4Bc8yKj55DC05SN3Uu9fpZvyBdlR0+AS67M/7k6oc8GPsvo7kMyuUKj1qszLGYuNQvVxlEtUNNKZ5we1hDG6+WUvfWDQyioI1WghCy141K/KDlhvNo5ln8v/uhNJIeKGMkTk5P58gaKxUCWAXfch8HV9UpmkpFdo8lzngv7R3au1I4bgFabkqIcUZLcIZz6qy7uStS48ZMMUAF35d8x5gTjVRWywtMZB9LoH5T3I2YyKcJhQGQamoz5ar4oh8Pi8vnQFOYTcR302K2e1tDzcd0qy0EoB3rVjrs2kcdnJeHfqR7t/nWu6x0LQJ61wuMLsC1wBS0H+VyGvTW0sbxPDvscEaklJDDOKmbz92qVi7659h0KR0j/H8CGqhcEFEzBNH0KPz3UxfWRBywFP8n4ci11bsnqyiOApBoFqlOCRA20HXs+9Mg8C0pk4kiybdmy0MELWRUDQtiKKMkvCXmZ0m+4usWDJQxRw88WNqeqG25T7l9n7MMX2u0Oy/b57ZFX7HWKL6ak0OKFZJoJfdCPKATt9gsvmV+11T7sWxxW+dM1XxqF/YWfVc8S4s2zVXa6myltzWRe3KKM1XZRcqHiMz9oxlg7l/GZL7T/2L5kuzc69pSqOa6k3jemFvrrnHTpcC3MZqDNI4ZvCoeQwHjXsd7A8ma+0JnH50LSPOwwUDUNORUxZ8g5rn8PnX4DI5FZ--TX+cj2LZ0G4O4ot+--T8DeoTqjNaU2tL1Y2LNehQ== \ No newline at end of file +yWrn/QRPVRUzn8J91ayTCnMTcaX4Kvu/Xf+V0NnsdefUcC1feFK6WBAbzcqyNJmhkq51wwP98F4ukHwT1gN6yUXA4cAA5cplLmjDA2VBp0NGbX/HIkO1duTwIJ/VKIE53KWCQHYSXtcPbxx9ycFXpPVMoQJNXjC5qETgpOr44OZJguGDMNWq68+K0j9T24l4tSyGcBskQEo6PD9VWsiVn9toxwo/YxV3YIm2lN5f1tmbpKsRNgjnLnXCnEli/qVONtua6+I/dGNd/DltmFR2yWbt3hYs+pCVIyQ4v0DMd9Si9SDigXNA5rQT6MSL5mc9tQJmjOc7eb44QoN83Ka9kD3FxduJwsE6Y5gSEyeidMuEvkXpJJF8Va4DeTvZ7EBmXqfCTuQWuDs4D1DoYGTx89FcXCcMWpyIJMKhT98MaINYJuOqMGkPpe20lFvcKDMBJhhkBvrVQkC3grJYZ1v+ajXrJBNKROkek1oEtEtcnZClW6lzJZccY8Qz187YZ6HME6v7tV1kli1jDvjDwN1NiXXDk4Wg0A1kisCMMO0cK9PulTvktVNJq0JMZJHGpzsMnNA0b9cjg5a9DmPYz4PWGd4+iSdCOQFYxr9Sy4GP8eiyg8gCgeBFCNhLZXji+7eSAocyTml6txQQVG5YUNVdVzKf/aZRCHTKcNm/eL4JO7R0QB/JaR0DjEfxR28JJ0Ytr3lZeM4xio2dgvV3yxrPeTBxG66cyA7kW4Lh6hZCuc0By1s994MCOw36aU8V+nssKufxLGq0XHS3lgFX3BUMiwYpe5sqaYhpXuimvz0z0IUH+3LKrsVJ+EVgdC3nVp7Y/0oEeG8LoP2uE5EqyXrYjmAioc0zd1gGPi7ZDgXwjezsWtpgZ2T0IN+MjXqcv92q3TZ2ozMWtKkkq142NUJLCT6maJkjms+S47n6Urwph2O0+umu38znXicPhG7yf0RNa7Xgq/qIpBsus1DjdTUEnkgTJhomgqAqH72sJ4SOmr6mbG3B4fENo4J2G0Ph85OOdAG9RUZRNI4mOCazvnp3wvM5lf7MUy46g9OVr54A2AgzaSwVd2XhrfJwXV5gfViUxQeftImP69rZBIo9Q3W1QVeDMXhY4r1/VzU/9z/uLErK3u/u6Wx7wic4sfSIdI3sGN+9BSakW7x/ff2hwbfDMnec0QWEKKI7r019Rhx6zDiP6Z90kCcLeRj08SRBSHr7dxf5kqwoVnVP5XnCajK6EO/XbxgXHOaGwvVNEW1nswoCbA06oDjxFv8Zpw2/NgNXHOF7ncKH+8RbnzLmjOsDbgTmvfmHz76OUP2gb+qwveUR+pn+hqUQeVZzESnpX3Hm3h2ueZWnl3NubN6lnoSlAlMbuvwJgM9uFsCHoxeAX+J0Jv4Nuh1Xywb5E+S2vegJXpSVlGu9LwPh5oPfvESKuXYkoi4GCn7y2wLfAnNVgG+ibXsNN8EZbWZbKaOsMkpjO/J8UsUDrIu4PLjVLdqdx15DW9xbxF8WybxwI9DpWH+pdCdEVi1/8Rt3ZE8jpNF9ndUoKH6g88XiO/S57JoG8t+uc1xfXFpR5p3NAcunU2k4gBT7a0pR6yHEwEoZXOhS3s8erqvz8MxEtMBEESxY2qDd2jO6WTbqixRIV0YuxdASDUtW4kmIDzP6TumSvChGdm0lL261Ne21CPcfVIkpA83rBcjnCXJ4cNtNMO4TuzRU3za8oxzPvQVCwjEgWYycbf5jrP67IigqUKN+rjWRUtpsF4mSXVnyOzYZtAPLrSUSgs/c6JYU6fIsWDXfMtupmg6wV/mfvZ+nNaxr/WC8qeiqs2ypCVM/NWpzKXM2Pkm1XtaWRo/q0NFhkbSwsUD6grIVNWmhaXQx5at82NGjXWE1IOecL+O6BrzzGgdggt9zkG+HF/lxkVDnt97lSJPhaa1ZvnWJteWImge1fRwOLBbetdiguTA2nxsfZSZjFMlZB0CkUd2qSbJgp5IcP2+R9S13G4sTijrb4JnvFSvK/C3p2oIDbZRBCkKO134WbGn7ZmfzEaAGvfYlo0q70/9vFVQQNHnTVK8YUHZhtHZJV4Y0anfVGdxorA2sK3MgU/Rs7FB1dvX6JaIBUD/968nIh3005uPAAyE8cAh/PnScyC8pM3JFVYJqkYOwANDE8rk1IAn9uOtO8RlRom1mn2jUJ90K6IZBXXWC9TeEGpBLP0w4KecUQXtVQsBUToS3HOfi8JFh+4uxf1gjAqJ74OJxLWtM5ZOCyui7OFK8JwgGgs7GbtCdpEQbMEpoZUNpkylHXlKUkpX/Yb2q2xAl19k7mVqBVQTHI2r+6U80PxfUHAn1oJKi7PUqrKsY5aZ5cw==--KJAL+Inihta1Z5yC--4zMeBuyffQpWpDvEZ4Gmxg== \ No newline at end of file diff --git a/config/initializers/recaptcha.rb b/config/initializers/recaptcha.rb new file mode 100644 index 00000000..017a16a9 --- /dev/null +++ b/config/initializers/recaptcha.rb @@ -0,0 +1,6 @@ +# frozen_string_literal: true + +Recaptcha.configure do |config| + config.site_key = Rails.application.credentials.dig(:recaptcha, :public) + config.secret_key = Rails.application.credentials.dig(:recaptcha, :private) +end diff --git a/config/locales/en.yml b/config/locales/en.yml index dea3f3ae..715166a0 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -81,6 +81,7 @@ en: users: registrations: success_create: You are signed up + failed_recaptcha: Failed reCaptcha validation sessions: success_create: You are logged in success_destroy: You are logged out diff --git a/config/locales/ru.yml b/config/locales/ru.yml index 3d1491fa..21c8a640 100644 --- a/config/locales/ru.yml +++ b/config/locales/ru.yml @@ -81,6 +81,7 @@ ru: users: registrations: success_create: Вы зарегистрированы + failed_recaptcha: Провалена проверка reCaptcha sessions: success_create: Вы вошли success_destroy: Вы вышли