github/overleaf
1
0
Fork 0
mirror of https://github.com/overleaf/overleaf.git synced 2024-11-21 20:47:08 -05:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #1702 from sharelatex/revert-1650-ns-toggle-captchas

Browse source 
Revert "allow toggling of captchas via setting"

GitOrigin-RevId: 422daf84d2b02a10dd9b771e5c0f672139da0613
This commit is contained in:
nate stemen 2019-04-08 16:04:44 +01:00 committed by sharelatex
parent 5aac144d5b
commit 2ae27fbc6a
5 changed files with 82 additions and 96 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

39
services/web/app/coffee/Features/Captcha/CaptchaMiddleware.coffee
View file

@ -3,26 +3,21 @@ logger = require 'logger-sharelatex'
Settings = require 'settings-sharelatex' Settings = require 'settings-sharelatex'
module.exports = CaptchaMiddleware = module.exports = CaptchaMiddleware =
validateCaptcha: (action) -> validateCaptcha: (req, res, next) ->
return (req, res, next) -> if !Settings.recaptcha?
if !Settings.recaptcha?.siteKey? return next()
response = req.body['g-recaptcha-response']
options =
form:
secret: Settings.recaptcha.secretKey
response: response
json: true
request.post "https://www.google.com/recaptcha/api/siteverify", options, (error, response, body) ->
return next(error) if error?
if !body?.success
logger.warn {statusCode: response.statusCode, body: body}, 'failed recaptcha siteverify request'
return res.status(400).send({errorReason:"cannot_verify_user_not_robot", message:
{text:"Sorry, we could not verify that you are not a robot. Please check that Google reCAPTCHA is not being blocked by an ad blocker or firewall."}
})
else
return next() return next()
inviteAndCaptchaDisabled = action == 'invite' and Settings.recaptcha.disabled.invite
registerAndCaptchaDisabled = action == 'register' and Settings.recaptcha.disabled.register
if inviteAndCaptchaDisabled or registerAndCaptchaDisabled
return next()
response = req.body['g-recaptcha-response']
options =
form:
secret: Settings.recaptcha.secretKey
response: response
json: true
request.post "https://www.google.com/recaptcha/api/siteverify", options, (error, response, body) ->
return next(error) if error?
if !body?.success
logger.warn {statusCode: response.statusCode, body: body}, 'failed recaptcha siteverify request'
return res.status(400).send({errorReason:"cannot_verify_user_not_robot", message:
{text:"Sorry, we could not verify that you are not a robot. Please check that Google reCAPTCHA is not being blocked by an ad blocker or firewall."}
})
else
return next()

2
services/web/app/coffee/Features/Collaborators/CollaboratorsRouter.coffee
View file

@ -33,7 +33,7 @@ module.exports =
maxRequests: 100 maxRequests: 100
timeInterval: 60 * 10 timeInterval: 60 * 10
}), }),
CaptchaMiddleware.validateCaptcha('invite'), CaptchaMiddleware.validateCaptcha,
AuthenticationController.requireLogin(), AuthenticationController.requireLogin(),
AuthorizationMiddleware.ensureUserCanAdminProject, AuthorizationMiddleware.ensureUserCanAdminProject,
CollaboratorsInviteController.inviteToProject CollaboratorsInviteController.inviteToProject

1
services/web/app/coffee/infrastructure/ExpressLocals.coffee
View file

@ -374,5 +374,4 @@ module.exports = (app, webRouter, privateApiRouter, publicApiRouter)->
appName: Settings.appName appName: Settings.appName
siteUrl: Settings.siteUrl siteUrl: Settings.siteUrl
recaptchaSiteKeyV3: Settings.recaptcha?.siteKeyV3 recaptchaSiteKeyV3: Settings.recaptcha?.siteKeyV3
recaptchaDisabled: Settings.recaptcha?.disabled
next() next()

5
services/web/config/settings.defaults.coffee
View file

@ -420,11 +420,6 @@ module.exports = settings =
# Example: # Example:
# header_extras: [{text: "Some Page", url: "http://example.com/some/page", class: "subdued"}] # header_extras: [{text: "Some Page", url: "http://example.com/some/page", class: "subdued"}]
recaptcha:
disabled:
invite: false
register: false
customisation: {} customisation: {}
# templates: [{ # templates: [{

131
services/web/public/src/ide/share/controllers/ShareProjectModalController.js
View file

@ -164,77 +164,74 @@ define(['base'], App =>
// do v3 captcha to collect data only // do v3 captcha to collect data only
validateCaptchaV3('invite') validateCaptchaV3('invite')
// do v2 captcha // do v2 captcha
const ExposedSettings = window.ExposedSettings return validateCaptcha(function(response) {
if (!ExposedSettings.recaptchaDisabled.invite) { let inviteId, request
return validateCaptcha(function(response) { $scope.grecaptchaResponse = response
let inviteId, request if (
$scope.grecaptchaResponse = response Array.from(currentInviteEmails).includes(email) &&
if ( (inviteId = __guard__(
Array.from(currentInviteEmails).includes(email) && _.find(
(inviteId = __guard__( $scope.project.invites || [],
_.find( invite => invite.email === email
$scope.project.invites || [], ),
invite => invite.email === email x => x._id
), ))
x => x._id ) {
)) request = projectInvites.resendInvite(inviteId)
) { } else {
request = projectInvites.resendInvite(inviteId) request = projectInvites.sendInvite(
} else { email,
request = projectInvites.sendInvite( $scope.inputs.privileges,
email, $scope.grecaptchaResponse
$scope.inputs.privileges, )
$scope.grecaptchaResponse }
)
}
return request return request
.then(function(response) { .then(function(response) {
const { data } = response const { data } = response
if (data.error) { if (data.error) {
$scope.state.error = true
$scope.state.errorReason = `${data.error}`
$scope.state.inflight = false
} else {
if (data.invite) {
const { invite } = data
$scope.project.invites.push(invite)
} else {
let users
if (data.users != null) {
;({ users } = data)
} else if (data.user != null) {
users = [data.user]
} else {
users = []
}
$scope.project.members.push(...Array.from(users || []))
}
}
return setTimeout(
() =>
// Give $scope a chance to update $scope.canAddCollaborators
// with new collaborator information.
addNextMember(),
0
)
})
.catch(function(httpResponse) {
const { data, status, headers, config } = httpResponse
$scope.state.inflight = false
$scope.state.error = true $scope.state.error = true
$scope.state.errorReason = `${data.error}`
if ((data != null ? data.errorReason : undefined) != null) { $scope.state.inflight = false
return ($scope.state.errorReason = } else {
data != null ? data.errorReason : undefined) if (data.invite) {
const { invite } = data
$scope.project.invites.push(invite)
} else { } else {
return ($scope.state.errorReason = null) let users
if (data.users != null) {
;({ users } = data)
} else if (data.user != null) {
users = [data.user]
} else {
users = []
}
$scope.project.members.push(...Array.from(users || []))
} }
}) }
})
} return setTimeout(
() =>
// Give $scope a chance to update $scope.canAddCollaborators
// with new collaborator information.
addNextMember(),
0
)
})
.catch(function(httpResponse) {
const { data, status, headers, config } = httpResponse
$scope.state.inflight = false
$scope.state.error = true
if ((data != null ? data.errorReason : undefined) != null) {
return ($scope.state.errorReason =
data != null ? data.errorReason : undefined)
} else {
return ($scope.state.errorReason = null)
}
})
})
})() })()
} }