Implement optional reCAPTCHA for registrations

author: Chaoyi Zha <summermontreal@gmail.com> 2017-05-18 00:08:45 +0300
committer: Chaoyi Zha <summermontreal@gmail.com> 2017-05-18 00:08:45 +0300
commit: 6e28bf83942382ab81bd8b45b49eecb8995a3d40 (patch)
tree: dbb26ba3f2d3c740b091b15a4c5bbead59f1d648 /resources
parent: 3c669ee1ca49bd5bef5af8e9e9a1ba2f464afe66 (diff)
3 files changed, 48 insertions, 1 deletions
diff --git a/resources/views/env.blade.php b/resources/views/env.blade.php
index 7bfd358..0b2b834 100644
--- a/resources/views/env.blade.php
+++ b/resources/views/env.blade.php
@@ -51,6 +51,11 @@ POLR_ALLOW_ACCT_CREATION={{$POLR_ALLOW_ACCT_CREATION}}
 # Set to true to require activation by email (e.g true/false)
 POLR_ACCT_ACTIVATION={{$POLR_ACCT_ACTIVATION}}
 
+# Set to true to require reCAPTCHAs on sign up pages
+# If this setting is enabled, you must also provide your reCAPTCHA keys
+# in POLR_RECAPTCHA_SITE_KEY and POLR_RECAPTCHA_SECRET_KEY
+POLR_ACCT_CREATION_RECAPTCHA={{$POLR_ACCT_CREATION_RECAPTCHA}}
+
 # Set to true to require users to be logged in before shortening URLs
 SETTING_SHORTEN_PERMISSION={{$ST_SHORTEN_PERMISSION}}
 
@@ -86,6 +91,12 @@ SETTING_RESTRICT_EMAIL_DOMAIN={{$ST_RESTRICT_EMAIL_DOMAIN}}
 # A comma-separated list of permitted email domains
 SETTING_ALLOWED_EMAIL_DOMAINS={{$ST_ALLOWED_EMAIL_DOMAINS}}
 
+# reCAPTCHA site key
+POLR_RECAPTCHA_SITE_KEY={{$POLR_RECAPTCHA_SITE_KEY}}
+
+# reCAPTCHA secret key
+POLR_RECAPTCHA_SECRET_KEY={{$POLR_RECAPTCHA_SECRET}}
+
 # Set each to blank to disable mail
 @if($MAIL_ENABLED)
 MAIL_DRIVER=smtp
diff --git a/resources/views/setup.blade.php b/resources/views/setup.blade.php
index c94ec85..c50b045 100644
--- a/resources/views/setup.blade.php
+++ b/resources/views/setup.blade.php
@@ -207,6 +207,34 @@ Setup
                 Please ensure SMTP is properly set up before enabling password recovery.
             </p>
 
+            <p>
+                Require reCAPTCHA for Registrations
+                <setup-tooltip content="You must provide your reCAPTCHA keys to use this feature."></setup-tooltip>
+            </p>
+            <select name='setting:acct_registration_recaptcha' class='form-control'>
+                <option value='false'>Do not require reCAPTCHA for registration</option>
+                <option value='true'>Require reCATPCHA for registration</option>
+            </select>
+
+            <p>
+                reCAPTCHA Configuration:
+                <setup-tooltip content="You must provide reCAPTCHA keys if you intend to use any reCAPTCHA-dependent features."></setup-tooltip>
+            </p>
+
+            <p>
+                reCAPTCHA Site Key
+            </p>
+            <input type='text' class='form-control' name='setting:recaptcha_site_key'>
+
+            <p>
+                reCAPTCHA Secret Key
+            </p>
+            <input type='text' class='form-control' name='setting:recaptcha_secret_key'>
+
+            <p class='text-muted'>
+                You can obtain reCAPTCHA keys from <a href="https://www.google.com/recaptcha/admin">Google's reCAPTCHA website</a>.
+            </p>
+
             <p>Theme (<a href='https://github.com/cydrobolt/polr/wiki/Themes-Screenshots'>screenshots</a>):</p>
             <select name='app:stylesheet' class='form-control'>
                 <option value=''>Modern (default)</option>
diff --git a/resources/views/signup.blade.php b/resources/views/signup.blade.php
index 0523ef5..d0bf3ea 100644
--- a/resources/views/signup.blade.php
+++ b/resources/views/signup.blade.php
@@ -12,6 +12,11 @@
         Username: <input type='text' name='username' class='form-control form-field' placeholder='Username' />
         Password: <input type='password' name='password' class='form-control form-field' placeholder='Password' />
         Email: <input type='email' name='email' class='form-control form-field' placeholder='Email' />
+
+        @if (env('POLR_ACCT_CREATION_RECAPTCHA'))
+        <div class="g-recaptcha" data-sitekey="{{env('POLR_RECAPTCHA_SITE_KEY')}}"></div>
+        @endif
+
         <input type="hidden" name='_token' value='{{csrf_token()}}' />
         <input type="submit" class="btn btn-default btn-success" value="Register"/>
         <p class='login-prompt'>
@@ -34,6 +39,9 @@
         <h4>Email</h4>
         <p>The email you will use to verify your account or to recover your account.</p>
     </p>
-
 </div>
 @endsection
+
+@section('js')
+<script src="https://www.google.com/recaptcha/api.js" async defer></script>
+@endsection
author	Chaoyi Zha <summermontreal@gmail.com>	2017-05-18 00:08:45 +0300
committer	Chaoyi Zha <summermontreal@gmail.com>	2017-05-18 00:08:45 +0300
commit	6e28bf83942382ab81bd8b45b49eecb8995a3d40 (patch)
tree	dbb26ba3f2d3c740b091b15a4c5bbead59f1d648 /resources
parent	3c669ee1ca49bd5bef5af8e9e9a1ba2f464afe66 (diff)