Log the hostname the reCAPTCHA was completed on #946

dbkr · Jul 22, 2016

This could be useful information to have in the logs. Also comment about how & why we don't verify the hostname.

Maybe use .get to default the 'hostname' key here?

 resp_body.get('hostname', "<missing hostname key>")

NegativeMjark · Jul 22, 2016

LGTM other than the possibility for KeyErrors
(Which is probably what's causing the test failures)

dbkr · Jul 22, 2016

Done. Are these tests still 'expected' to fail?

NegativeMjark · Jul 22, 2016

Done. Are these tests still 'expected' to fail?

No, but they're now failing due to changes that were snuck in while the CI was broken :(.

NegativeMjark · Jul 25, 2016

LGTM

dbkr assigned NegativeMjark Jul 22, 2016

richvdh deleted the dbkr/log_recaptcha_hostname branch Dec 1, 2016

@@ -279,8 +279,17 @@ def _check_recaptcha(self, authdict, clientip):
                  data = pde.response
                  resp_body = simplejson.loads(data)
-    -        if 'success' in resp_body and resp_body['success']:
-    -            defer.returnValue(True)
+    +        if 'success' in resp_body:
+    +            # Note that we do NOT check the hostname here: we explicitly
+    +            # intend the CAPTCHA to be presented by whatever client the
+    +            # user is using, we just care that they have completed a CAPTCHA.
+    +            logger.info(
+    +                "%s reCAPTCHA from hostname %s",
+    +                "Successful" if resp_body['success'] else "Failed",
+    +                resp_body['hostname']

matrix-org/synapse