From 46183cc69ff66af286c29c6f20a28086f93618a5 Mon Sep 17 00:00:00 2001 From: David Baker Date: Mon, 30 Mar 2015 18:18:19 +0100 Subject: Add original, unmodified CAPTCHA-SETUP from the webclient repo before modifying (captcha setup is now purely on the HS). --- CAPTCHA_SETUP | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 CAPTCHA_SETUP (limited to 'CAPTCHA_SETUP') diff --git a/CAPTCHA_SETUP b/CAPTCHA_SETUP new file mode 100644 index 0000000000..38089ce093 --- /dev/null +++ b/CAPTCHA_SETUP @@ -0,0 +1,46 @@ +Captcha can be enabled for this web client / home server. This file explains how to do that. +The captcha mechanism used is Google's ReCaptcha. This requires API keys from Google. + +Getting keys +------------ +Requires a public/private key pair from: + +https://developers.google.com/recaptcha/ + + +Setting Private ReCaptcha Key +----------------------------- +The private key is a config option on the home server config. If it is not +visible, you can generate it via --generate-config. Set the following value: + + recaptcha_private_key: YOUR_PRIVATE_KEY + +In addition, you MUST enable captchas via: + + enable_registration_captcha: true + +Setting Public ReCaptcha Key +---------------------------- +The web client will look for the global variable webClientConfig for config +options. You should put your ReCaptcha public key there like so: + +webClientConfig = { + useCaptcha: true, + recaptcha_public_key: "YOUR_PUBLIC_KEY" +}; + +This should be put in webclient/config.js which is already .gitignored, rather +than in the web client source files. You MUST set useCaptcha to true else a +ReCaptcha widget will not be generated. + +Configuring IP used for auth +---------------------------- +The ReCaptcha API requires that the IP address of the user who solved the +captcha is sent. If the client is connecting through a proxy or load balancer, +it may be required to use the X-Forwarded-For (XFF) header instead of the origin +IP address. This can be configured as an option on the home server like so: + + captcha_ip_origin_is_x_forwarded: true + + + -- cgit 1.4.1 From 4891c4ff72af2733627c4bfb29cc0fa5362ab617 Mon Sep 17 00:00:00 2001 From: David Baker Date: Mon, 30 Mar 2015 18:27:42 +0100 Subject: Update CAPTCHA_SETUP (it continues to ignore fallback, but I guess I should fix it so that doesn't need the key in two different places) --- CAPTCHA_SETUP | 27 ++++++--------------------- 1 file changed, 6 insertions(+), 21 deletions(-) (limited to 'CAPTCHA_SETUP') diff --git a/CAPTCHA_SETUP b/CAPTCHA_SETUP index 38089ce093..75ff80981b 100644 --- a/CAPTCHA_SETUP +++ b/CAPTCHA_SETUP @@ -1,4 +1,4 @@ -Captcha can be enabled for this web client / home server. This file explains how to do that. +Captcha can be enabled for this home server. This file explains how to do that. The captcha mechanism used is Google's ReCaptcha. This requires API keys from Google. Getting keys @@ -8,31 +8,18 @@ Requires a public/private key pair from: https://developers.google.com/recaptcha/ -Setting Private ReCaptcha Key ------------------------------ -The private key is a config option on the home server config. If it is not -visible, you can generate it via --generate-config. Set the following value: +Setting ReCaptcha Keys +---------------------- +The keys are a config option on the home server config. If they are not +visible, you can generate them via --generate-config. Set the following value: + recaptcha_public_key: YOUR_PUBLIC_KEY recaptcha_private_key: YOUR_PRIVATE_KEY In addition, you MUST enable captchas via: enable_registration_captcha: true -Setting Public ReCaptcha Key ----------------------------- -The web client will look for the global variable webClientConfig for config -options. You should put your ReCaptcha public key there like so: - -webClientConfig = { - useCaptcha: true, - recaptcha_public_key: "YOUR_PUBLIC_KEY" -}; - -This should be put in webclient/config.js which is already .gitignored, rather -than in the web client source files. You MUST set useCaptcha to true else a -ReCaptcha widget will not be generated. - Configuring IP used for auth ---------------------------- The ReCaptcha API requires that the IP address of the user who solved the @@ -42,5 +29,3 @@ IP address. This can be configured as an option on the home server like so: captcha_ip_origin_is_x_forwarded: true - - -- cgit 1.4.1