Added captcha support on both the HS and web client.

Merge branch 'captcha' of github.com:matrix-org/synapse into develop
author: Kegan Dougal <kegan@matrix.org> 2014-09-05 23:32:51 -0700
committer: Kegan Dougal <kegan@matrix.org> 2014-09-05 23:32:51 -0700
commit: 1a298aad9c3bbc1f0c80c40a1518c29c511f9fb4 (patch)
tree: 8c27ca9b59021a5f9211cfb2c167ceaf083987d2 /synapse/rest
parent: Fix generation of event ids so that they are consistent between local and rem... (diff)
parent: Added instructions for setting up captcha in an obviously named file. (diff)
download: synapse-1a298aad9c3bbc1f0c80c40a1518c29c511f9fb4.tar.xz
1 files changed, 34 insertions, 2 deletions
diff --git a/synapse/rest/register.py b/synapse/rest/register.py
index b8de3b250d..48d3c6eca0 100644
--- a/synapse/rest/register.py
+++ b/synapse/rest/register.py
@@ -16,7 +16,7 @@
 """This module contains REST servlets to do with registration: /register"""
 from twisted.internet import defer
 
-from synapse.api.errors import SynapseError
+from synapse.api.errors import SynapseError, Codes
 from base import RestServlet, client_path_pattern
 
 import json
@@ -50,12 +50,44 @@ class RegisterRestServlet(RestServlet):
         threepidCreds = None
         if 'threepidCreds' in register_json:
             threepidCreds = register_json['threepidCreds']
+            
+        captcha = {}
+        if self.hs.config.enable_registration_captcha:
+            challenge = None
+            user_response = None
+            try:
+                captcha_type = register_json["captcha"]["type"]
+                if captcha_type != "m.login.recaptcha":
+                    raise SynapseError(400, "Sorry, only m.login.recaptcha " +
+                                       "requests are supported.")
+                challenge = register_json["captcha"]["challenge"]
+                user_response = register_json["captcha"]["response"]
+            except KeyError:
+                raise SynapseError(400, "Captcha response is required",
+                                   errcode=Codes.CAPTCHA_NEEDED)
+            
+            # TODO determine the source IP : May be an X-Forwarding-For header depending on config
+            ip_addr = request.getClientIP()
+            if self.hs.config.captcha_ip_origin_is_x_forwarded:
+                # use the header
+                if request.requestHeaders.hasHeader("X-Forwarded-For"):
+                    ip_addr = request.requestHeaders.getRawHeaders(
+                        "X-Forwarded-For")[0]
+            
+            captcha = {
+                "ip": ip_addr,
+                "private_key": self.hs.config.recaptcha_private_key,
+                "challenge": challenge,
+                "response": user_response
+            }
+            
 
         handler = self.handlers.registration_handler
         (user_id, token) = yield handler.register(
             localpart=desired_user_id,
             password=password,
-            threepidCreds=threepidCreds)
+            threepidCreds=threepidCreds,
+            captcha_info=captcha)
 
         result = {
             "user_id": user_id,
author	Kegan Dougal <kegan@matrix.org>	2014-09-05 23:32:51 -0700
committer	Kegan Dougal <kegan@matrix.org>	2014-09-05 23:32:51 -0700
commit	1a298aad9c3bbc1f0c80c40a1518c29c511f9fb4 (patch)
tree	8c27ca9b59021a5f9211cfb2c167ceaf083987d2 /synapse/rest
parent	Fix generation of event ids so that they are consistent between local and rem... (diff)
parent	Added instructions for setting up captcha in an obviously named file. (diff)
download	synapse-1a298aad9c3bbc1f0c80c40a1518c29c511f9fb4.tar.xz