diff options
author | Mark Haines <mark.haines@matrix.org> | 2015-05-29 12:11:40 +0100 |
---|---|---|
committer | Mark Haines <mark.haines@matrix.org> | 2015-05-29 12:11:40 +0100 |
commit | d94590ed4855691e54655396e45e3e275f9c1860 (patch) | |
tree | 16f255e2f9c550e47863a049789b7bc1d0404e57 /synapse | |
parent | Merge branch 'release-v0.9.1' of github.com:matrix-org/synapse into develop (diff) | |
download | synapse-d94590ed4855691e54655396e45e3e275f9c1860.tar.xz |
Add config for setting the recaptcha verify api endpoint, so we can test it in sytest
Diffstat (limited to '')
-rw-r--r-- | synapse/config/captcha.py | 4 | ||||
-rw-r--r-- | synapse/handlers/auth.py | 6 |
2 files changed, 7 insertions, 3 deletions
diff --git a/synapse/config/captcha.py b/synapse/config/captcha.py index d8fe577e34..ba221121cb 100644 --- a/synapse/config/captcha.py +++ b/synapse/config/captcha.py @@ -26,6 +26,7 @@ class CaptchaConfig(Config): config["captcha_ip_origin_is_x_forwarded"] ) self.captcha_bypass_secret = config.get("captcha_bypass_secret") + self.recaptcha_siteverify_api = config["recaptcha_siteverify_api"] def default_config(self, config_dir_path, server_name): return """\ @@ -48,4 +49,7 @@ class CaptchaConfig(Config): # A secret key used to bypass the captcha test entirely. #captcha_bypass_secret: "YOUR_SECRET_HERE" + + # The API endpoint to use for verifying m.login.recaptcha responses. + recaptcha_siteverify_api: "https://www.google.com/recaptcha/api/siteverify" """ diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py index 4e2e50345e..4b442a8358 100644 --- a/synapse/handlers/auth.py +++ b/synapse/handlers/auth.py @@ -187,8 +187,8 @@ class AuthHandler(BaseHandler): # each request try: client = SimpleHttpClient(self.hs) - data = yield client.post_urlencoded_get_json( - "https://www.google.com/recaptcha/api/siteverify", + resp_body = yield client.post_urlencoded_get_json( + self.hs.config.recaptcha_siteverify_api, args={ 'secret': self.hs.config.recaptcha_private_key, 'response': user_response, @@ -198,7 +198,7 @@ class AuthHandler(BaseHandler): except PartialDownloadError as pde: # Twisted is silly data = pde.response - resp_body = simplejson.loads(data) + resp_body = simplejson.loads(data) if 'success' in resp_body and resp_body['success']: defer.returnValue(True) raise LoginError(401, "", errcode=Codes.UNAUTHORIZED) |