Show a reCAPTCHA on signin page if custom header is set

This will only be displayed if `X-GitLab-Show-Login-Captcha` is set as an HTTP header.
author: Stan Hu <stanhu@gmail.com> 2018-06-21 21:13:08 +0300
committer: Stan Hu <stanhu@gmail.com> 2018-06-22 01:37:34 +0300
commit: 9b48d9f43f237ccf87594a944a00896996cadf55 (patch)
tree: 68213b3bda01cc793903ee91c6505294f0a1abca /doc/integration
parent: 6d2a48d52fc3b32eedd64d15cc23906f1871be7b (diff)
1 files changed, 18 insertions, 1 deletions
diff --git a/doc/integration/recaptcha.md b/doc/integration/recaptcha.md
index a301d1a613c..932cd479d56 100644
--- a/doc/integration/recaptcha.md
+++ b/doc/integration/recaptcha.md
@@ -20,4 +20,21 @@ To use reCAPTCHA, first you must create a site and private key.
 
 6. Check the `Enable reCAPTCHA` checkbox
 
-7.  Save the configuration.
+7. Save the configuration.
+
+## Enabling reCAPTCHA for user logins via passwords
+
+By default, reCAPTCHA is only enabled for user registrations. To enable it for
+user logins via passwords, the `X-GitLab-Show-Login-Captcha` HTTP header must
+be set. For example, in NGINX, this can be done via the `proxy_set_header`
+configuration variable:
+
+```
+proxy_set_header X-GitLab-Show-Login-Captcha 1;
+```
+
+In GitLab Omnibus, this can be configured via `/etc/gitlab/gitlab.rb`:
+
+```ruby
+nginx['proxy_set_headers'] = { 'X-GitLab-Show-Login-Captcha' => 1 }
+```
author	Stan Hu <stanhu@gmail.com>	2018-06-21 21:13:08 +0300
committer	Stan Hu <stanhu@gmail.com>	2018-06-22 01:37:34 +0300
commit	9b48d9f43f237ccf87594a944a00896996cadf55 (patch)
tree	68213b3bda01cc793903ee91c6505294f0a1abca /doc/integration
parent	6d2a48d52fc3b32eedd64d15cc23906f1871be7b (diff)