Adding reCAPTCHA rather than the custom captcha.

Signed-off-by: Euan Torano <euantorano@gmail.com>
2017-03-07 18:57:05 +00:00 · 2017-03-07 18:57:05 +00:00 · c1bd44b997
commit c1bd44b997
parent d5892db647
8 changed files with 35 additions and 47 deletions
--- a/captchas.nim
+++ b/captchas.nim
@ -1,37 +0,0 @@
-#
-#
-#              The Nim Forum
-#        (c) Copyright 2012 Andreas Rumpf, Dominik Picheta
-#        Look at license.txt for more info.
-#        All rights reserved.
-#
-
-import cairo, os, strutils, jester
-
-proc getCaptchaFilename*(i: int): string {.inline.} =
-  result = "public/captchas/capture_" & $i & ".png"
-
-proc getCaptchaUrl*(req: Request, i: int): string =
-  result = req.makeUri("/captchas/capture_" & $i & ".png", absolute = false)
-
-proc createCaptcha*(file, text: string) =
-  var surface = imageSurfaceCreate(FORMAT_ARGB32, int32(10*text.len), int32(10))
-  var cr = create(surface)
-
-  selectFontFace(cr, "serif", FONT_SLANT_NORMAL, FONT_WEIGHT_BOLD)
-  setFontSize(cr, 12.0)
-
-  setSourceRgb(cr, 1.0, 0.5, 0.0)
-  moveTo(cr, 0.0, 10.0)
-  showText(cr, repeat('O', text.len))
-
-  setSourceRgb(cr, 0.0, 0.0, 1.0)
-  moveTo(cr, 0.0, 10.0)
-  showText(cr, text)
-
-  destroy(cr)
-  discard writeToPng(surface, file)
-  destroy(surface)
-
-when isMainModule:
-  createCaptcha("test.png", "1+33")
--- a/forms.tmpl
+++ b/forms.tmpl
@ -249,10 +249,12 @@
      <td>${fieldValid(c, "email", "E-Mail:")}</td>
      <td>${textWidget(c, "email", reuseText, maxlength=300)}</td>
    </tr>
+    #if useCaptcha:
    <tr>
-      <td>${fieldValid(c, "antibot", "What is " & antibot(c) & "?")}</td>
-      <td>${textWidget(c, "antibot", "", maxlength=4)}</td>
+      <td>${fieldValid(c, "g-recaptcha-response", "Captcha:")}</td>
+      <td>${captcha.render(includeNoScript=true)}</td>
    </tr>
+    #end if
  </table>
  #if c.errorMsg != "":
      <div style="float: left; width: 100%;">
--- a/forum.json.example
+++ b/forum.json.example
@ -0,0 +1,4 @@
+{
+    "recaptchaSecretKey": "",
+    "recaptchaSiteKey": ""
+}
--- a/forum.nim
+++ b/forum.nim
@ -8,8 +8,8 @@

 import
  os, strutils, times, md5, strtabs, cgi, math, db_sqlite,
-  captchas, scgi, jester, asyncdispatch, asyncnet, cache, sequtils,
-  parseutils, utils, random, rst, ranks
+  scgi, jester, asyncdispatch, asyncnet, cache, sequtils,
+  parseutils, utils, random, rst, ranks, recaptcha

 when not defined(windows):
  import bcrypt # TODO
@ -77,6 +77,8 @@ var
  db: DbConn
  isFTSAvailable: bool
  config: Config
+  useCaptcha: bool
+  captcha: ReCaptcha

 proc init(c: var TForumData) =
  c.userPass = ""
@ -314,8 +316,16 @@ proc register(c: var TForumData, name, pass, antibot,
    return setError(c, "new_password", "Invalid password!")

  # captcha validation:
-  if not isCaptchaCorrect(c, antibot):
-    return setError(c, "antibot", "Answer to captcha incorrect!")
+  if useCaptcha:
+    var captchaValid: bool = false
+    try:
+      captchaValid = waitFor captcha.verify(antibot)
+    except:
+      echo("[ERROR] Error checking captcha: " & getCurrentExceptionMsg())
+      captchaValid = false
+
+    if not captchaValid:
+      return setError(c, "antibot", "Answer to captcha incorrect!")

  # email validation
  if not ('@' in email and '.' in email):
@ -1123,7 +1133,7 @@ routes:

  post "/doregister":
    createTFD()
-    if c.register(@"name", @"new_password", @"antibot", @"email"):
+    if c.register(@"name", @"new_password", @"g-recaptcha-response", @"email"):
      resp genMain(c, "You are now registered. You must now confirm your" &
          " email address by clicking the link sent to " & @"email",
          "Registration successful - Nim Forum")
@ -1353,6 +1363,11 @@ when isMainModule:
  isFTSAvailable = db.getAllRows(sql("SELECT name FROM sqlite_master WHERE " &
      "type='table' AND name='post_fts'")).len == 1
  config = loadConfig()
+  if len(config.recaptchaSecretKey) > 0 and len(config.recaptchaSiteKey) > 0:
+    useCaptcha = true
+    captcha = initReCaptcha(config.recaptchaSecretKey, config.recaptchaSiteKey)
+  else:
+    useCaptcha = false
  var http = true
  if paramCount() > 0:
    if paramStr(1) == "scgi":
--- a/forum.nim.cfg
+++ b/forum.nim.cfg
@ -2,3 +2,5 @@
 # we need the documentation generator of the compiler:
 path="$lib/packages/docutils"
 path="$nim"
+
+-d:ssl
--- a/nimforum.nimble
+++ b/nimforum.nimble
@ -8,4 +8,4 @@ license       = "MIT"
 bin = "forum"

 [Deps]
-Requires: "nim >= 0.14.0, cairo#head, jester#head, bcrypt#head"
+Requires: "nim >= 0.14.0, cairo#head, jester#head, bcrypt#head, recaptcha >= 1.0.0"
--- a/public/captchas/.gitignore
+++ b/public/captchas/.gitignore
@ -1,2 +0,0 @@
-*
-!.gitignore
--- a/utils.nim
+++ b/utils.nim
@ -22,6 +22,8 @@ type
    smtpUser: string
    smtpPassword: string
    mlistAddress: string
+    recaptchaSecretKey*: string
+    recaptchaSiteKey*: string

 var docConfig: StringTableRef

@ -38,6 +40,8 @@ proc loadConfig*(filename = getCurrentDir() / "forum.json"): Config =
    result.smtpUser = root{"smtpUser"}.getStr("")
    result.smtpPassword = root{"smtpPassword"}.getStr("")
    result.mlistAddress = root{"mlistAddress"}.getStr("")
+    result.recaptchaSecretKey = root{"recaptchaSecretKey"}.getStr("")
+    result.recaptchaSiteKey = root{"recaptchaSiteKey"}.getStr("")
  except:
    echo("[WARNING] Couldn't read config file: ", filename)