Browse Source

deprecated hCaptcha patch

master
root 4 months ago
parent
commit
f354143954
  1. 205
      deploy/3.1.5_1-hcaptcha-registrations.patch

205
deploy/3.1.5_1-hcaptcha-registrations.patch

@ -1,205 +0,0 @@
--- untainted/Gemfile
+++ tainted/Gemfile
@@ -100,6 +100,8 @@
gem 'webpacker', '~> 4.2'
gem 'webpush'
+gem 'hcaptcha', git: 'https://github.com/firstmoversadvantage/hcaptcha', ref: 'e65246bea49374566a9dbaead59fdb35b46b086d', require: 'hcaptcha/rails'
+
gem 'json-ld'
gem 'json-ld-preloaded', '~> 3.1'
gem 'rdf-normalize', '~> 0.4'
--- untainted/Gemfile.lock
+++ tainted/Gemfile.lock
@@ -28,6 +28,13 @@
specs:
nilsimsa (1.1.2)
+GIT
+ remote: https://github.com/firstmoversadvantage/hcaptcha
+ revision: e65246bea49374566a9dbaead59fdb35b46b086d
+ ref: e65246bea49374566a9dbaead59fdb35b46b086d
+ specs:
+ hcaptcha (6.0.1)
+
GEM
remote: https://rubygems.org/
specs:
@@ -703,6 +710,7 @@
fuubar (~> 2.5)
goldfinger (~> 2.1)
hamlit-rails (~> 0.2)
+ hcaptcha
health_check!
hiredis (~> 0.6)
htmlentities (~> 4.3)
--- untainted/app/controllers/admin/dashboard_controller.rb
+++ tainted/app/controllers/admin/dashboard_controller.rb
@@ -36,6 +36,7 @@
@timeline_preview = Setting.timeline_preview
@spam_check_enabled = Setting.spam_check_enabled
@trends_enabled = Setting.trends
+ @hcaptcha_enabled = ENV['HCAPTCHA_ENABLED'] == 'true'
end
private
--- untainted/app/controllers/api/v1/accounts_controller.rb
+++ tainted/app/controllers/api/v1/accounts_controller.rb
@@ -21,13 +21,14 @@
end
def create
- token = AppSignUpService.new.call(doorkeeper_token.application, account_params)
- response = Doorkeeper::OAuth::TokenResponse.new(token)
+ not_found
+ #token = AppSignUpService.new.call(doorkeeper_token.application, account_params)
+ #response = Doorkeeper::OAuth::TokenResponse.new(token)
- headers.merge!(response.headers)
+ #headers.merge!(response.headers)
- self.response_body = Oj.dump(response.body)
- self.status = response.status
+ #self.response_body = Oj.dump(response.body)
+ #self.status = response.status
end
def follow
--- untainted/app/controllers/auth/registrations_controller.rb
+++ tainted/app/controllers/auth/registrations_controller.rb
@@ -11,6 +11,7 @@
before_action :set_body_classes, only: [:new, :create, :edit, :update]
before_action :require_not_suspended!, only: [:update]
before_action :set_cache_headers, only: [:edit, :update]
+ before_action :check_captcha, only: [:create]
skip_before_action :require_functional!, only: [:edit, :update]
@@ -91,6 +92,15 @@
end
private
+
+ def check_captcha
+ if ENV['HCAPTCHA_ENABLED'] == 'true' && !verify_hcaptcha
+ self.resource = resource_class.new sign_up_params
+ resource.validate
+ flash[:alert] = Hcaptcha::Helpers.to_error_message(:verification_failed)
+ respond_with_navigational(resource) { render :new }
+ end
+ end
def set_instance_presenter
@instance_presenter = InstancePresenter.new
--- untainted/app/javascript/styles/mastodon/forms.scss
+++ tainted/app/javascript/styles/mastodon/forms.scss
@@ -239,6 +239,9 @@
.input:last-child {
margin-bottom: 0;
}
+ .h-captcha {
+ text-align: center;
+ }
}
.fields-row {
--- untainted/app/views/about/_registration.html.haml
+++ tainted/app/views/about/_registration.html.haml
@@ -18,6 +18,10 @@
.fields-group
= f.input :agreement, as: :boolean, wrapper: :with_label, label: t('auth.checkbox_agreement_html', rules_path: about_more_path, terms_path: terms_path), disabled: closed_registrations?
+ - if ENV['HCAPTCHA_ENABLED'] == 'true'
+ .fields-group
+ = hcaptcha_tags
+
.actions
= f.button :button, sign_up_message, type: :submit, class: 'button button-primary', disabled: closed_registrations?
--- untainted/app/views/admin/dashboard/index.html.haml
+++ tainted/app/views/admin/dashboard/index.html.haml
@@ -121,6 +121,8 @@
%li
= feature_hint('PAM', @pam_enabled)
%li
+ = feature_hint(t('admin.dashboard.feature_hcaptcha'), @hcaptcha_enabled)
+ %li
= feature_hint(t('admin.dashboard.hidden_service'), @hidden_service)
.dashboard__widgets__trends
--- untainted/app/views/auth/registrations/new.html.haml
+++ tainted/app/views/auth/registrations/new.html.haml
@@ -35,6 +35,10 @@
.fields-group
= f.input :agreement, as: :boolean, wrapper: :with_label, label: whitelist_mode? ? t('auth.checkbox_agreement_without_rules_html', terms_path: terms_path) : t('auth.checkbox_agreement_html', rules_path: about_more_path, terms_path: terms_path)
+ - if ENV['HCAPTCHA_ENABLED'] == 'true'
+ .fields-group
+ = hcaptcha_tags
+
.actions
= f.button :button, @invite.present? ? t('auth.register') : sign_up_message, type: :submit
--- untainted/config/initializers/content_security_policy.rb
+++ tainted/config/initializers/content_security_policy.rb
@@ -16,27 +16,29 @@
media_host ||= host_to_url(ENV['S3_HOSTNAME']) if ENV['S3_ENABLED'] == 'true'
media_host ||= assets_host
+hcaptcha_hosts = ["https://hcaptcha.com", "https://*.hcaptcha.com"]
+
Rails.application.config.content_security_policy do |p|
p.base_uri :none
p.default_src :none
p.frame_ancestors :none
p.font_src :self, assets_host
p.img_src :self, :https, :data, :blob, assets_host
- p.style_src :self, assets_host
+ p.style_src :self, assets_host, *hcaptcha_hosts
p.media_src :self, :https, :data, assets_host
- p.frame_src :self, :https
+ p.frame_src :self, :https, *hcaptcha_hosts
p.manifest_src :self, assets_host
if Rails.env.development?
webpacker_urls = %w(ws http).map { |protocol| "#{protocol}#{Webpacker.dev_server.https? ? 's' : ''}://#{Webpacker.dev_server.host_with_port}" }
p.connect_src :self, :data, :blob, assets_host, media_host, Rails.configuration.x.streaming_api_base_url, *webpacker_urls
- p.script_src :self, :unsafe_inline, :unsafe_eval, assets_host
+ p.script_src :self, :unsafe_inline, :unsafe_eval, assets_host, *hcaptcha_hosts
p.child_src :self, :blob, assets_host
p.worker_src :self, :blob, assets_host
else
p.connect_src :self, :data, :blob, assets_host, media_host, Rails.configuration.x.streaming_api_base_url
- p.script_src :self, assets_host
+ p.script_src :self, assets_host, *hcaptcha_hosts
p.child_src :self, :blob, assets_host
p.worker_src :self, :blob, assets_host
end
--- /dev/null
+++ tainted/config/initializers/hcaptcha.rb
@@ -0,0 +1,5 @@
+Hcaptcha.configure do |config|
+ config.site_key = ENV.fetch('HCAPTCHA_SITE_KEY') { '10000000-ffff-ffff-ffff-000000000001' }
+ config.secret_key = ENV.fetch('HCAPTCHA_SECRET_KEY') { '0x0000000000000000000000000000000000000000' }
+end
+
--- untainted/config/locales/en.yml
+++ tainted/config/locales/en.yml
@@ -324,6 +324,7 @@
backlog: backlogged jobs
config: Configuration
feature_deletions: Account deletions
+ feature_hcaptcha: hCaptcha
feature_invites: Invite links
feature_profile_directory: Profile directory
feature_registrations: Registrations
@@ -535,6 +536,8 @@
deletion:
desc_html: Allow anyone to delete their account
title: Open account deletion
+ errors:
+ captcha_fail: Captcha verification failed
min_invite_role:
disabled: No one
title: Allow invitations by
Loading…
Cancel
Save