diff options
author | Kegan Dougal <kegan@matrix.org> | 2014-09-05 22:51:11 -0700 |
---|---|---|
committer | Kegan Dougal <kegan@matrix.org> | 2014-09-05 22:51:11 -0700 |
commit | 37e53513b6789b4f9f845a26b64933f1c533ed62 (patch) | |
tree | 9ed0634ce25b52e46ca7a5b7135c1fee2f769fc8 | |
parent | Captchas now work on registration. Missing x-forwarded-for config arg support... (diff) | |
download | synapse-37e53513b6789b4f9f845a26b64933f1c533ed62.tar.xz |
Add config opion for XFF headers when performing ReCaptcha auth.
-rw-r--r-- | synapse/config/captcha.py | 6 | ||||
-rw-r--r-- | synapse/handlers/register.py | 1 | ||||
-rw-r--r-- | synapse/rest/register.py | 7 |
3 files changed, 12 insertions, 2 deletions
diff --git a/synapse/config/captcha.py b/synapse/config/captcha.py index 021da5c69b..a97a5bab1e 100644 --- a/synapse/config/captcha.py +++ b/synapse/config/captcha.py @@ -20,6 +20,7 @@ class CaptchaConfig(Config): super(CaptchaConfig, self).__init__(args) self.recaptcha_private_key = args.recaptcha_private_key self.enable_registration_captcha = args.enable_registration_captcha + self.captcha_ip_origin_is_x_forwarded = args.captcha_ip_origin_is_x_forwarded @classmethod def add_arguments(cls, parser): @@ -33,4 +34,9 @@ class CaptchaConfig(Config): "--enable-registration-captcha", type=bool, default=False, help="Enables ReCaptcha checks when registering, preventing signup "+ "unless a captcha is answered. Requires a valid ReCaptcha public/private key." + ) + group.add_argument( + "--captcha_ip_origin_is_x_forwarded", type=bool, default=False, + help="When checking captchas, use the X-Forwarded-For (XFF) header as the client IP "+ + "and not the actual client IP." ) \ No newline at end of file diff --git a/synapse/handlers/register.py b/synapse/handlers/register.py index cf20b4efd3..6b55775de0 100644 --- a/synapse/handlers/register.py +++ b/synapse/handlers/register.py @@ -59,6 +59,7 @@ class RegistrationHandler(BaseHandler): captcha_info["response"] ) if not captcha_response["valid"]: + logger.info("Invalid captcha entered from %s", captcha_info["ip"]) raise InvalidCaptchaError( error_url=captcha_response["error_url"] ) diff --git a/synapse/rest/register.py b/synapse/rest/register.py index 3c8929cf9b..5872a11d80 100644 --- a/synapse/rest/register.py +++ b/synapse/rest/register.py @@ -66,8 +66,11 @@ class RegisterRestServlet(RestServlet): # TODO determine the source IP : May be an X-Forwarding-For header depending on config ip_addr = request.getClientIP() - #if self.hs.config.captcha_ip_origin_is_x_forwarded: - # # use the header + if self.hs.config.captcha_ip_origin_is_x_forwarded: + # use the header + if request.requestHeaders.hasHeader("X-Forwarded-For"): + ip_addr = request.requestHeaders.getRawHeaders( + "X-Forwarded-For")[0] captcha = { "ip": ip_addr, |