Commit 9f7d379c authored by Stan Hu's avatar Stan Hu

Add support for Google reCAPTCHA in user registration to prevent spammers

parent a5274664
Please view this file on the master branch, on stable branches it's out of date.
v 8.4.0 (unreleased)
- Add support for Google reCAPTCHA in user registration to prevent spammers (Stan Hu)
- Implement new UI for group page
- Implement search inside emoji picker
- Add API support for looking up a user by username (Stan Hu)
......
......@@ -35,6 +35,9 @@ gem 'omniauth-twitter', '~> 1.2.0'
gem 'omniauth_crowd'
gem 'rack-oauth2', '~> 1.2.1'
# reCAPTCHA protection
gem 'recaptcha', require: 'recaptcha/rails'
# Two-factor authentication
gem 'devise-two-factor', '~> 2.0.0'
gem 'rqrcode-rails3', '~> 0.1.7'
......
......@@ -566,6 +566,8 @@ GEM
trollop
rdoc (3.12.2)
json (~> 1.4)
recaptcha (1.0.2)
json
redcarpet (3.3.3)
redis (3.2.2)
redis-actionpack (4.0.1)
......@@ -924,6 +926,7 @@ DEPENDENCIES
raphael-rails (~> 2.1.2)
rblineprof
rdoc (~> 3.6)
recaptcha
redcarpet (~> 3.3.3)
redis-namespace
redis-rails (~> 4.0.0)
......
class RegistrationsController < Devise::RegistrationsController
before_action :signup_enabled?
include Recaptcha::Verify
def new
redirect_to(new_user_session_path)
end
def create
if !Gitlab.config.recaptcha.enabled || verify_recaptcha
super
else
flash[:alert] = "There was an error with the reCAPTCHA code below. Please re-enter the code."
flash.delete :recaptcha_error
render action: 'new'
end
end
def destroy
DeleteUserService.new(current_user).execute(current_user)
......@@ -38,4 +49,16 @@ class RegistrationsController < Devise::RegistrationsController
def sign_up_params
params.require(:user).permit(:username, :email, :name, :password, :password_confirmation)
end
def resource_name
:user
end
def resource
@resource ||= User.new
end
def devise_mapping
@devise_mapping ||= Devise.mappings[:user]
end
end
class SessionsController < Devise::SessionsController
include AuthenticatesWithTwoFactor
include Recaptcha::ClientHelper
prepend_before_action :authenticate_with_two_factor, only: [:create]
prepend_before_action :store_redirect_path, only: [:new]
......@@ -40,7 +41,7 @@ class SessionsController < Devise::SessionsController
User.find(session[:otp_user_id])
end
end
def store_redirect_path
redirect_path =
if request.referer.present? && (params['redirect_to_referer'] == 'yes')
......@@ -87,14 +88,14 @@ class SessionsController < Devise::SessionsController
provider = Gitlab.config.omniauth.auto_sign_in_with_provider
return unless provider.present?
# Auto sign in with an Omniauth provider only if the standard "you need to sign-in" alert is
# registered or no alert at all. In case of another alert (such as a blocked user), it is safer
# Auto sign in with an Omniauth provider only if the standard "you need to sign-in" alert is
# registered or no alert at all. In case of another alert (such as a blocked user), it is safer
# to do nothing to prevent redirection loops with certain Omniauth providers.
return unless flash[:alert].blank? || flash[:alert] == I18n.t('devise.failure.unauthenticated')
# Prevent alert from popping up on the first page shown after authentication.
flash[:alert] = nil
flash[:alert] = nil
redirect_to user_omniauth_authorize_path(provider.to_sym)
end
......
......@@ -17,6 +17,9 @@
= f.email_field :email, class: "form-control middle", placeholder: "Email", required: true
.form-group.append-bottom-20#password-strength
= f.password_field :password, class: "form-control bottom", id: "user_password_sign_up", placeholder: "Password", required: true
%div
- if Gitlab.config.recaptcha.enabled
= recaptcha_tags
%div
= f.submit "Sign up", class: "btn-create btn"
......
......@@ -346,6 +346,12 @@ production: &base
# cas3:
# session_duration: 28800
# reCAPTCHA settings. See: http://www.google.com/recaptcha
recaptcha:
enabled: false
public_key: 'YOUR_PUBLIC_KEY'
private_key: 'YOUR_PRIVATE_KEY'
# Shared file storage settings
shared:
# path: /mnt/gitlab # Default: shared
......
......@@ -131,6 +131,13 @@ Settings.omniauth.cas3['session_duration'] ||= 8.hours
Settings.omniauth['session_tickets'] ||= Settingslogic.new({})
Settings.omniauth.session_tickets['cas3'] = 'ticket'
# ReCAPTCHA settings
Settings['recaptcha'] ||= Settingslogic.new({})
Settings.recaptcha['enabled'] = false if Settings.recaptcha['enabled'].nil?
Settings.recaptcha['public_key'] ||= Settings.recaptcha['public_key']
Settings.recaptcha['private_key'] ||= Settings.recaptcha['private_key']
Settings['shared'] ||= Settingslogic.new({})
Settings.shared['path'] = File.expand_path(Settings.shared['path'] || "shared", Rails.root)
......
if Gitlab.config.recaptcha.enabled
Recaptcha.configure do |config|
config.public_key = Gitlab.config.recaptcha['public_key']
config.private_key = Gitlab.config.recaptcha['private_key']
end
end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment