Add capcha to address spam

Gemfile

@@ -50,7 +50,7 @@ gem 'jquery-rails'
 gem 'js_cookie_rails'
 # as templating language
 gem 'haml-rails'
-# as authentification framework
+# as authentication framework
 gem 'devise'
 gem 'devise_ichain_authenticatable'
 # as authorization framework
@@ -87,7 +87,9 @@ gem 'rails-controller-testing', group: %i[development test]
 gem 'rspec-rails', group: %i[development test]
 # as deployer
 gem 'mina'
-# as the log formater
+# as the log formatter
 gem 'lograge'
 # for listening to file modifications
 gem 'listen'
+# capcha
+gem 'rucaptcha'

Gemfile.lock

@@ -268,6 +268,7 @@ GEM
     rb-fsevent (0.11.2)
     rb-inotify (0.11.1)
       ffi (~> 1.0)
+    rb_sys (0.9.102)
     redcarpet (3.6.0)
     regexp_parser (2.9.2)
     request_store (1.7.0)
@@ -322,6 +323,9 @@ GEM
       rubocop (~> 1.61)
     ruby-progressbar (1.13.0)
     rubyzip (2.3.2)
+    rucaptcha (3.2.3)
+      railties (>= 3.2)
+      rb_sys (>= 0.9.86)
     sass-rails (6.0.0)
       sassc-rails (~> 2.1, >= 2.1.1)
     sassc (2.4.0)
@@ -436,6 +440,7 @@ DEPENDENCIES
   rubocop-factory_bot
   rubocop-rails
   rubocop-rspec
+  rucaptcha
   sass-rails
   selectize-rails
   sentry-rails

app/controllers/comments_controller.rb

@@ -13,7 +13,7 @@ def create
     @comment = @parent.comments.build(comment_params)
     @comment.commenter = current_user
 
-    if @comment.save
+    if verify_rucaptcha? && @comment.save
       @comment.send_notification(current_user,
                                  " commented on #{@comment.project.aasm_state}: #{@comment.project.title}")
       redirect_to project_path(@comment.project), notice: 'Thank you for your comment!'

app/views/comments/_form.html.haml

@@ -19,5 +19,7 @@
             = icon('fas', 'spinner pulse 3x')
           .preview-contents.hidden
     %p
+      = rucaptcha_input_tag(class: 'form-control', placeholder: 'Input Captcha', required: 'required')
+      = rucaptcha_image_tag(alt: 'Captcha')
       = f.submit(class: "btn btn-success pull-right")
        

config/environments/development.rb

@@ -60,6 +60,6 @@
   # Uncomment if you wish to allow Action Cable access from any origin.
   # config.action_cable.disable_request_forgery_protection = true
 
-  # Enable authentification test mode
+  # Enable authentication test mode
   config.devise.ichain_test_mode = true
 end

config/initializers/rucaptcha.rb

@@ -0,0 +1,31 @@
+RuCaptcha.configure do
+  # Custom captcha code expire time if you need, default: 2 minutes
+  # self.expires_in = 120
+
+  # [Requirement / 重要]
+  # Store Captcha code where, this config more like Rails config.cache_store
+  # default: Read config info from `Rails.application.config.cache_store`
+  # But RuCaptcha requirements cache_store not in [:null_store, :memory_store, :file_store]
+  # 默认：会从 Rails 配置的 cache_store 里面读取相同的配置信息，并尝试用可以运行的方式，用于存储验证码字符
+  # 但如果是 [:null_store, :memory_store, :file_store] 之类的，你可以通过下面的配置项单独给 RuCaptcha 配置 cache_store
+  self.cache_store = :file_store
+
+  # If you wants disable `cache_store` check warning, you can do it, default: false
+  # 如果想要 disable cache_store 的 warning，就设置为 true，default false
+  # self.skip_cache_store_check = true
+
+  # Chars length, default: 5, allows: [3 - 7]
+  # self.length = 5
+
+  # Enable or disable Strikethrough, default: true
+  # self.line = true
+
+  # Enable or disable noise, default: false
+  # self.noise = false
+
+  # Set the image format, default: png, allows: [jpeg, png, webp]
+  # self.format = 'png'
+
+  # Custom mount path, default: '/rucaptcha'
+  # self.mount_path = '/rucaptcha'
+end