Add base CAPTCHA support (currently only kocaptcha)

author: Ekaterina Vaartis <vaartis@cock.li> 2018-12-15 01:31:19 +0300
committer: Ekaterina Vaartis <vaartis@cock.li> 2018-12-15 03:12:44 +0300
commit: a2399c1c7c17ee1c8e85ae0b6095405c7cb9f6f1 (patch)
tree: dfeb13506c7cd497fc0eb68d187a72793eeaa612 /lib/pleroma/web/twitter_api/twitter_api.ex
parent: e74f384b685edff5e4fac9da788a7516dd83fe94 (diff)
download: pleroma-a2399c1c7c17ee1c8e85ae0b6095405c7cb9f6f1.tar.gz
1 files changed, 28 insertions, 19 deletions
diff --git a/lib/pleroma/web/twitter_api/twitter_api.ex b/lib/pleroma/web/twitter_api/twitter_api.ex
index 1e764f24a..c9e8fbcbb 100644
--- a/lib/pleroma/web/twitter_api/twitter_api.ex
+++ b/lib/pleroma/web/twitter_api/twitter_api.ex
@@ -132,38 +132,47 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do
       bio: User.parse_bio(params["bio"]),
       email: params["email"],
       password: params["password"],
-      password_confirmation: params["confirm"]
+      password_confirmation: params["confirm"],
+      captcha_solution: params["captcha_solution"],
+      captcha_token: params["captcha_token"]
     }
 
-    registrations_open = Pleroma.Config.get([:instance, :registrations_open])
+    # Captcha invalid
+    if not Pleroma.Captcha.validate(params[:captcha_token], params[:captcha_solution]) do
+      # I have no idea how this error handling works
+      {:error, %{error: Jason.encode!(%{captcha: ["Invalid CAPTCHA"]})}}
+    else
+      registrations_open = Pleroma.Config.get([:instance, :registrations_open])
 
-    # no need to query DB if registration is open
-    token =
-      unless registrations_open || is_nil(tokenString) do
+      # no need to query DB if registration is open
+      token =
+        unless registrations_open || is_nil(tokenString) do
         Repo.get_by(UserInviteToken, %{token: tokenString})
       end
 
-    cond do
-      registrations_open || (!is_nil(token) && !token.used) ->
-        changeset = User.register_changeset(%User{info: %{}}, params)
+      cond do
+        registrations_open || (!is_nil(token) && !token.used) ->
+          changeset = User.register_changeset(%User{info: %{}}, params)
 
-        with {:ok, user} <- Repo.insert(changeset) do
-          !registrations_open && UserInviteToken.mark_as_used(token.token)
-          {:ok, user}
-        else
-          {:error, changeset} ->
-            errors =
+          with {:ok, user} <- Repo.insert(changeset) do
+            !registrations_open && UserInviteToken.mark_as_used(token.token)
+            {:ok, user}
+          else
+            {:error, changeset} ->
+              errors =
               Ecto.Changeset.traverse_errors(changeset, fn {msg, _opts} -> msg end)
               |> Jason.encode!()
 
             {:error, %{error: errors}}
-        end
+          end
+
 
-      !registrations_open && is_nil(token) ->
-        {:error, "Invalid token"}
+        !registrations_open && is_nil(token) ->
+            {:error, "Invalid token"}
 
-      !registrations_open && token.used ->
-        {:error, "Expired token"}
+        !registrations_open && token.used ->
+            {:error, "Expired token"}
+      end
     end
   end
author	Ekaterina Vaartis <vaartis@cock.li>	2018-12-15 01:31:19 +0300
committer	Ekaterina Vaartis <vaartis@cock.li>	2018-12-15 03:12:44 +0300
commit	a2399c1c7c17ee1c8e85ae0b6095405c7cb9f6f1 (patch)
tree	dfeb13506c7cd497fc0eb68d187a72793eeaa612 /lib/pleroma/web/twitter_api/twitter_api.ex
parent	e74f384b685edff5e4fac9da788a7516dd83fe94 (diff)
download	pleroma-a2399c1c7c17ee1c8e85ae0b6095405c7cb9f6f1.tar.gz