-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
4 changed files
with
189 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
#!/usr/bin/python | ||
# -*- coding: utf-8 -*- | ||
|
||
# Hive Appier Framework | ||
# Copyright (c) 2008-2019 Hive Solutions Lda. | ||
# | ||
# This file is part of Hive Appier Framework. | ||
# | ||
# Hive Appier Framework is free software: you can redistribute it and/or modify | ||
# it under the terms of the Apache License as published by the Apache | ||
# Foundation, either version 2.0 of the License, or (at your option) any | ||
# later version. | ||
# | ||
# Hive Appier Framework is distributed in the hope that it will be useful, | ||
# but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
# Apache License for more details. | ||
# | ||
# You should have received a copy of the Apache License along with | ||
# Hive Appier Framework. If not, see <http://www.apache.org/licenses/>. | ||
|
||
__version__ = "1.0.0" | ||
""" The version of the module """ | ||
|
||
__revision__ = "$LastChangedRevision$" | ||
""" The revision number of the module """ | ||
|
||
__date__ = "$LastChangedDate$" | ||
""" The last change date of the module """ | ||
|
||
__copyright__ = "Copyright (c) 2008-2019 Hive Solutions Lda." | ||
""" The copyright for the module """ | ||
|
||
__license__ = "Apache License, Version 2.0" | ||
""" The license for the module """ | ||
|
||
from . import part | ||
from . import util | ||
|
||
from .part import ReCaptchaPart | ||
from .util import recaptcha_protect, recaptcha_ensure |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,75 @@ | ||
#!/usr/bin/python | ||
# -*- coding: utf-8 -*- | ||
|
||
# Hive Appier Framework | ||
# Copyright (c) 2008-2019 Hive Solutions Lda. | ||
# | ||
# This file is part of Hive Appier Framework. | ||
# | ||
# Hive Appier Framework is free software: you can redistribute it and/or modify | ||
# it under the terms of the Apache License as published by the Apache | ||
# Foundation, either version 2.0 of the License, or (at your option) any | ||
# later version. | ||
# | ||
# Hive Appier Framework is distributed in the hope that it will be useful, | ||
# but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
# Apache License for more details. | ||
# | ||
# You should have received a copy of the Apache License along with | ||
# Hive Appier Framework. If not, see <http://www.apache.org/licenses/>. | ||
|
||
__author__ = "João Magalhães <joamag@hive.pt>" | ||
""" The author(s) of the module """ | ||
|
||
__version__ = "1.0.0" | ||
""" The version of the module """ | ||
|
||
__revision__ = "$LastChangedRevision$" | ||
""" The revision number of the module """ | ||
|
||
__date__ = "$LastChangedDate$" | ||
""" The last change date of the module """ | ||
|
||
__copyright__ = "Copyright (c) 2008-2019 Hive Solutions Lda." | ||
""" The copyright for the module """ | ||
|
||
__license__ = "Apache License, Version 2.0" | ||
""" The license for the module """ | ||
|
||
import appier | ||
|
||
from appier_extras import base | ||
|
||
class ReCaptchaPart(appier.Part): | ||
""" | ||
Modular part class that provides the required infra-structure | ||
for the control of Google's reCAPTCHA service. | ||
Should be used with proper knowledge of the inner workings of | ||
the captcha mechanism to avoid any security problems. | ||
:see: https://developers.google.com/recaptcha | ||
""" | ||
|
||
def version(self): | ||
return base.VERSION | ||
|
||
def load(self): | ||
appier.Part.load(self) | ||
|
||
self.owner.context["recaptcha"] = self.recaptcha | ||
|
||
def recaptcha(self, scope = "homepage", name = "recaptcha_token"): | ||
recaptcha_key = appier.conf("RECAPTCHA_KEY", None) | ||
appier.verify(recaptcha_key, message = "No reCAPTCHA site key provided") | ||
return self.owner.escape_template( | ||
"<input type=\"hidden\" id=\"recaptcha-token\" name=\"%s\" />" % name + | ||
"<script src=\"https://www.google.com/recaptcha/api.js?render=%s\"></script>" % recaptcha_key + | ||
"<script>grecaptcha.ready(function() {" + | ||
"grecaptcha.execute(\"%s\", {action: \"%s\"}).then(function(token) {" % (recaptcha_key, scope) + | ||
"document.getElementById(\"recaptcha-token\").value = token;" | ||
"});" + | ||
"});" + | ||
"</script>" | ||
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,71 @@ | ||
#!/usr/bin/python | ||
# -*- coding: utf-8 -*- | ||
|
||
# Hive Appier Framework | ||
# Copyright (c) 2008-2019 Hive Solutions Lda. | ||
# | ||
# This file is part of Hive Appier Framework. | ||
# | ||
# Hive Appier Framework is free software: you can redistribute it and/or modify | ||
# it under the terms of the Apache License as published by the Apache | ||
# Foundation, either version 2.0 of the License, or (at your option) any | ||
# later version. | ||
# | ||
# Hive Appier Framework is distributed in the hope that it will be useful, | ||
# but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
# Apache License for more details. | ||
# | ||
# You should have received a copy of the Apache License along with | ||
# Hive Appier Framework. If not, see <http://www.apache.org/licenses/>. | ||
|
||
__author__ = "João Magalhães <joamag@hive.pt>" | ||
""" The author(s) of the module """ | ||
|
||
__version__ = "1.0.0" | ||
""" The version of the module """ | ||
|
||
__revision__ = "$LastChangedRevision$" | ||
""" The revision number of the module """ | ||
|
||
__date__ = "$LastChangedDate$" | ||
""" The last change date of the module """ | ||
|
||
__copyright__ = "Copyright (c) 2008-2019 Hive Solutions Lda." | ||
""" The copyright for the module """ | ||
|
||
__license__ = "Apache License, Version 2.0" | ||
""" The license for the module """ | ||
|
||
import functools | ||
|
||
import appier | ||
|
||
def recaptcha_protect(): | ||
|
||
def decorator(function): | ||
|
||
@functools.wraps(function) | ||
def interceptor(self, *args, **kwargs): | ||
token = self.field("recaptcha_token", None) | ||
recaptcha_ensure(self, token) | ||
return appier.call_safe(function, self, *args, **kwargs) | ||
return interceptor | ||
|
||
return decorator | ||
|
||
def recaptcha_ensure(self, token): | ||
secret = appier.conf("RECAPTCHA_SECRET", None) | ||
min_score = appier.conf("RECAPTCHA_MIN", 0.5) | ||
result = appier.post( | ||
"https://www.google.com/recaptcha/api/siteverify", | ||
params = dict( | ||
secret = secret, | ||
response = token | ||
) | ||
) | ||
if result["score"] >= min_score: return token | ||
raise appier.AppierException( | ||
message = "Invalid reCAPTCHA score", | ||
code = 403 | ||
) |