Merge pull request #78 from DarkflameUniverse/captcha

feat: add recaptcha support
DarkflameUniverse · Nov 18, 2023 · 5ae2769 · 5ae2769
2 parents 13376d0 + b7e48bb
commit 5ae2769
Show file tree

Hide file tree

Showing 8 changed files with 93 additions and 245 deletions.
diff --git a/app/__init__.py b/app/__init__.py
@@ -204,19 +204,23 @@ def register_settings(app):
     # Load environment specific settings
     app.config['TESTING'] = False
     app.config['DEBUG'] = False
+    app.config['SQLALCHEMY_ENGINE_OPTIONS'] = {
+        "pool_pre_ping": True,
+        "pool_size": 10,
+        "max_overflow": 2,
+        "pool_recycle": 300,
+        "pool_pre_ping": True,
+        "pool_use_lifo": True
+    }
 
-    # always pull these two from the env
     app.config['SECRET_KEY'] = os.getenv(
         'APP_SECRET_KEY',
         app.config['APP_SECRET_KEY']
-
     )
     app.config['SQLALCHEMY_DATABASE_URI'] = os.getenv(
         'APP_DATABASE_URI',
         app.config['APP_DATABASE_URI']
     )
-
-    # try to get overides, otherwise just use what we have already
     app.config['USER_ENABLE_REGISTER'] = os.getenv(
         'USER_ENABLE_REGISTER',
         app.config['USER_ENABLE_REGISTER']
@@ -241,14 +245,6 @@ def register_settings(app):
         'USER_REQUIRE_INVITATION',
         app.config['USER_REQUIRE_INVITATION']
     )
-    app.config['SQLALCHEMY_ENGINE_OPTIONS'] = {
-        "pool_pre_ping": True,
-        "pool_size": 10,
-        "max_overflow": 2,
-        "pool_recycle": 300,
-        "pool_pre_ping": True,
-        "pool_use_lifo": True
-    }
     app.config['MAIL_SERVER'] = os.getenv(
         'MAIL_SERVER',
         app.config['MAIL_SERVER']
@@ -312,6 +308,42 @@ def register_settings(app):
         app.config['CACHE_LOCATION']
     )
 
+    # Recaptcha settings
+    if "RECAPTCHA_ENABLE" not in app.config:
+        app.config['RECAPTCHA_ENABLE'] = False
+    app.config['RECAPTCHA_ENABLE'] = os.getenv(
+        'RECAPTCHA_ENABLE',
+        app.config['RECAPTCHA_ENABLE']
+    )
+    if "RECAPTCHA_PUBLIC_KEY" not in app.config:
+        app.config['RECAPTCHA_PUBLIC_KEY'] = ''
+    app.config['RECAPTCHA_PUBLIC_KEY'] = os.getenv(
+        'RECAPTCHA_PUBLIC_KEY',
+        app.config['RECAPTCHA_PUBLIC_KEY']
+    )
+    if "RECAPTCHA_PRIVATE_KEY" not in app.config:
+        app.config['RECAPTCHA_PRIVATE_KEY'] = ''
+    app.config['RECAPTCHA_PRIVATE_KEY'] = os.getenv(
+        'RECAPTCHA_PRIVATE_KEY',
+        app.config['RECAPTCHA_PRIVATE_KEY']
+    )
+    # Optional
+    if "RECAPTCHA_API_SERVER" in app.config:
+        app.config['RECAPTCHA_API_SERVER'] = os.getenv(
+            'RECAPTCHA_API_SERVER',
+            app.config['RECAPTCHA_API_SERVER']
+        )
+    if "RECAPTCHA_PARAMETERS" in app.config:
+        app.config['RECAPTCHA_PARAMETERS'] = os.getenv(
+            'RECAPTCHA_PARAMETERS',
+            app.config['RECAPTCHA_PARAMETERS']
+        )
+    if "RECAPTCHA_DATA_ATTRS" in app.config:
+        app.config['RECAPTCHA_DATA_ATTRS'] = os.getenv(
+            'RECAPTCHA_DATA_ATTRS',
+            app.config['RECAPTCHA_DATA_ATTRS']
+        )
+
 
 
 def gm_level(gm_level):

diff --git a/app/forms.py b/app/forms.py
@@ -1,17 +1,15 @@
-from flask_wtf import FlaskForm
+from flask_wtf import FlaskForm, Recaptcha, RecaptchaField
 from flask import current_app
 
 from flask_user.forms import (
     unique_email_validator,
-    password_validator,
-    unique_username_validator
+    LoginForm,
+    RegisterForm
 )
 from flask_user import UserManager
 from wtforms.widgets import TextArea, NumberInput
 from wtforms import (
     StringField,
-    HiddenField,
-    PasswordField,
     BooleanField,
     SubmitField,
     validators,
@@ -36,57 +34,34 @@ def validate_play_key(form, field):
         field.data = PlayKey.key_is_valid(key_string=field.data)
     return
 
+class CustomRecaptcha(Recaptcha):
+    def __call__(self, form, field):
+        if not current_app.config.get("RECAPTCHA_ENABLE", False):
+            return True
+        return super(CustomRecaptcha, self).__call__(form, field)
+
 
 class CustomUserManager(UserManager):
     def customize(self, app):
         self.RegisterFormClass = CustomRegisterForm
+        self.LoginFormClass = CustomLoginForm
 
-
-class CustomRegisterForm(FlaskForm):
-    """Registration form"""
-    next = HiddenField()
-    reg_next = HiddenField()
-
-    # Login Info
-    email = StringField(
-        'E-Mail',
-        validators=[
-            Optional(),
-            validators.Email('Invalid email address'),
-            unique_email_validator,
-        ]
-    )
-
-    username = StringField(
-        'Username',
-        validators=[
-            DataRequired(),
-            unique_username_validator,
-        ]
-    )
-
+class CustomRegisterForm(RegisterForm):
     play_key_id = StringField(
         'Play Key',
         validators=[
             Optional(),
             validate_play_key,
         ]
     )
+    recaptcha = RecaptchaField(
+        validators=[CustomRecaptcha()]
+    )
 
-    password = PasswordField('Password', validators=[
-        DataRequired(),
-        password_validator,
-        validators.length(max=40, message="The maximum length of the password is 40 characters due to game client limitations")
-    ])
-    retype_password = PasswordField('Retype Password', validators=[
-        validators.EqualTo('password', message='Passwords did not match'),
-        validators.length(max=40, message="The maximum length of the password is 40 characters due to game client limitations")
-    ])
-
-    invite_token = HiddenField('Token')
-
-    submit = SubmitField('Register')
-
+class CustomLoginForm(LoginForm):
+    recaptcha = RecaptchaField(
+        validators=[CustomRecaptcha()]
+    )
 
 class CreatePlayKeyForm(FlaskForm):
 

diff --git a/app/settings_example.py b/app/settings_example.py
@@ -61,3 +61,13 @@
 
 # Option will be removed once this feature is full implemeted
 ENABLE_CHAR_XML_UPLOAD = False
+
+# Recaptcha settings
+# See: https://flask-wtf.readthedocs.io/en/1.2.x/form/#recaptcha
+RECAPTCHA_ENABLE = False
+RECAPTCHA_PUBLIC_KEY = ''
+RECAPTCHA_PRIVATE_KEY = ''
+# Optional
+# RECAPTCHA_API_SERVER = ''
+# RECAPTCHA_PARAMETERS = ''
+RECAPTCHA_DATA_ATTRS = {'theme': 'white', 'size': 'invisible'}
diff --git a/app/templates/admin/dashboard.html.j2 b/app/templates/admin/dashboard.html.j2
diff --git a/app/templates/flask_user/login.html b/app/templates/flask_user/login.html
@@ -60,7 +60,12 @@ <h1>{%trans%}Sign in{%endtrans%}</h1>
 
     {# Remember me #}
     {% if user_manager.USER_ENABLE_REMEMBER_ME %}
-    {{ render_checkbox_field(login_form.remember_me, tabindex=130) }}
+        {{ render_checkbox_field(login_form.remember_me, tabindex=130) }}
+    {% endif %}
+
+    {# recaptcha #}
+    {% if config.RECAPTCHA_ENABLE %}
+        {{ render_field(form.recaptcha, tabindex=250) }}
     {% endif %}
 
     {# Submit button #}