[ckan-changes] commit/ckan: 2 new changesets

Bitbucket commits-noreply at bitbucket.org
Mon Sep 5 18:25:40 UTC 2011 

2 new changesets in ckan:

http://bitbucket.org/okfn/ckan/changeset/b3f4e8d3177b/
changeset:   b3f4e8d3177b
branch:      release-v1.4.3
user:        zephod
date:        2011-09-05 20:07:47
summary:     [captcha][m]: Implement recaptcha for user signup.
affected #:  4 files (1.1 KB)

--- a/ckan/config/deployment.ini_tmpl	Mon Sep 05 18:17:37 2011 +0100
+++ b/ckan/config/deployment.ini_tmpl	Mon Sep 05 19:07:47 2011 +0100
@@ -168,6 +168,10 @@
 #ckan.default_roles.System = {"visitor": ["anon_editor"], "logged_in": ["editor"]}
 #ckan.default_roles.AuthorizationGroup = {"visitor": ["reader"], "logged_in": ["reader"]}
 
+## Ckan public and private recaptcha keys [localhost]
+#ckan.recaptcha.publickey = 
+#ckan.recaptcha.privatekey = 
+
 # Logging configuration
 [loggers]
 keys = root, ckan, ckanext


--- a/ckan/controllers/user.py	Mon Sep 05 18:17:37 2011 +0100
+++ b/ckan/controllers/user.py	Mon Sep 05 19:07:47 2011 +0100
@@ -11,6 +11,7 @@
 from ckan.logic import NotFound, NotAuthorized, ValidationError
 from ckan.logic import tuplize_dict, clean_dict, parse_params
 from ckan.logic.schema import user_new_form_schema, user_edit_form_schema 
+from ckan.lib.captcha import check_recaptcha, CaptchaError
 
 import ckan.logic.action.get as get
 import ckan.logic.action.create as create
@@ -128,6 +129,7 @@
             data_dict = clean_dict(unflatten(
                 tuplize_dict(parse_params(request.params))))
             context['message'] = data_dict.get('log_message', '')
+            check_recaptcha(request)
             user = create.user_create(context, data_dict)
             h.redirect_to(controller='user', action='read', id=user['name'])
         except NotAuthorized:
@@ -136,6 +138,10 @@
             abort(404, _('User not found'))
         except DataError:
             abort(400, _(u'Integrity Error'))
+        except CaptchaError:
+            error_msg = _(u'Bad Captcha. Please try again.')
+            h.flash_error(error_msg)
+            return self.new(data_dict)
         except ValidationError, e:
             errors = e.error_dict
             error_summary = e.error_summary


--- a/ckan/lib/app_globals.py	Mon Sep 05 18:17:37 2011 +0100
+++ b/ckan/lib/app_globals.py	Mon Sep 05 19:07:47 2011 +0100
@@ -34,4 +34,7 @@
         self.package_hide_extras = config.get('package_hide_extras', '').split()
 
         self.openid_enabled = asbool(config.get('openid_enabled', 'true'))
+
+        self.recaptcha_publickey = config.get('ckan.recaptcha.publickey', '')
+        self.recaptcha_privatekey = config.get('ckan.recaptcha.privatekey', '')
         


--- a/ckan/templates/user/new_user_form.html	Mon Sep 05 18:17:37 2011 +0100
+++ b/ckan/templates/user/new_user_form.html	Mon Sep 05 19:07:47 2011 +0100
@@ -34,6 +34,18 @@
         <dt><label class="field_opt" for="password2">Password (repeat):</label></dt><dd><input type="password" name="password2" value="" /></dd>
 
+        <dd py:if="g.recaptcha_publickey">
+          <script type="text/javascript"
+            src="http://www.google.com/recaptcha/api/challenge?k=${g.recaptcha_publickey}">
+          </script>
+          <noscript>
+            <iframe src="http://www.google.com/recaptcha/api/noscript?k=${g.recaptcha_publickey}"
+              height="300" width="500" frameborder="0"></iframe><br/>
+            <textarea name="recaptcha_challenge_field" rows="3" cols="40"></textarea>
+            <input type="hidden" name="recaptcha_response_field" value="manual_challenge" />
+          </noscript>
+        </dd>
+
     </dl></fieldset>
 


http://bitbucket.org/okfn/ckan/changeset/cf421deaeba9/
changeset:   cf421deaeba9
branch:      release-v1.4.3
user:        zephod
date:        2011-09-05 20:19:47
summary:     [recaptcha][xs]: Brown paper bag error.
affected #:  1 file (1.1 KB)

--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/ckan/lib/captcha.py	Mon Sep 05 19:19:47 2011 +0100
@@ -0,0 +1,31 @@
+from pylons import config
+
+import urllib
+import urllib2
+
+def check_recaptcha(request):
+    '''Check a user's recaptcha submission is valid, and raise CaptchaError on failure.'''
+    recaptcha_private_key = config.get('ckan.recaptcha.privatekey', '')
+    if not recaptcha_private_key:
+        # Recaptcha not enabled
+        return
+    
+    client_ip_address = request.environ.get('REMOTE_ADDR', 'Unknown IP Address')
+    recaptcha_challenge_field = request.params.get('recaptcha_challenge_field')
+    recaptcha_response_field = request.params.get('recaptcha_response_field')
+
+    recaptcha_server_name = 'http://api-verify.recaptcha.net/verify'
+
+    params = urllib.urlencode(dict(privatekey=recaptcha_private_key,
+                                   remoteip=client_ip_address,
+                                   challenge=recaptcha_challenge_field,
+                                   response=recaptcha_response_field))
+    f = urllib2.urlopen(recaptcha_server_name, params)
+    data = f.read()
+    f.close()
+    if not data.lower().startswith('true'):
+        raise CaptchaError()
+
+class CaptchaError(ValueError):
+    pass
+

Repository URL: https://bitbucket.org/okfn/ckan/

--

This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.

More information about the ckan-changes mailing list