Added captcha support on both the HS and web client.
Merge branch 'captcha' of github.com:matrix-org/synapse into develop
1 files changed, 34 insertions, 2 deletions
diff --git a/synapse/rest/register.py b/synapse/rest/register.py
index b8de3b250d..48d3c6eca0 100644
--- a/synapse/rest/register.py
+++ b/synapse/rest/register.py
@@ -16,7 +16,7 @@
"""This module contains REST servlets to do with registration: /register"""
from twisted.internet import defer
-from synapse.api.errors import SynapseError
+from synapse.api.errors import SynapseError, Codes
from base import RestServlet, client_path_pattern
import json
@@ -50,12 +50,44 @@ class RegisterRestServlet(RestServlet):
threepidCreds = None
if 'threepidCreds' in register_json:
threepidCreds = register_json['threepidCreds']
+
+ captcha = {}
+ if self.hs.config.enable_registration_captcha:
+ challenge = None
+ user_response = None
+ try:
+ captcha_type = register_json["captcha"]["type"]
+ if captcha_type != "m.login.recaptcha":
+ raise SynapseError(400, "Sorry, only m.login.recaptcha " +
+ "requests are supported.")
+ challenge = register_json["captcha"]["challenge"]
+ user_response = register_json["captcha"]["response"]
+ except KeyError:
+ raise SynapseError(400, "Captcha response is required",
+ errcode=Codes.CAPTCHA_NEEDED)
+
+ # TODO determine the source IP : May be an X-Forwarding-For header depending on config
+ ip_addr = request.getClientIP()
+ if self.hs.config.captcha_ip_origin_is_x_forwarded:
+ # use the header
+ if request.requestHeaders.hasHeader("X-Forwarded-For"):
+ ip_addr = request.requestHeaders.getRawHeaders(
+ "X-Forwarded-For")[0]
+
+ captcha = {
+ "ip": ip_addr,
+ "private_key": self.hs.config.recaptcha_private_key,
+ "challenge": challenge,
+ "response": user_response
+ }
+
handler = self.handlers.registration_handler
(user_id, token) = yield handler.register(
localpart=desired_user_id,
password=password,
- threepidCreds=threepidCreds)
+ threepidCreds=threepidCreds,
+ captcha_info=captcha)
result = {
"user_id": user_id,
|
