From 0280176ccddb9a1f142ad14a9a8a6e97686b0a4d Mon Sep 17 00:00:00 2001 From: Kegan Dougal Date: Fri, 5 Sep 2014 13:31:47 -0700 Subject: Added basic captcha, not hooked up --- webclient/login/register-controller.js | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'webclient/login/register-controller.js') diff --git a/webclient/login/register-controller.js b/webclient/login/register-controller.js index 5a14964248..1c1f4c42f3 100644 --- a/webclient/login/register-controller.js +++ b/webclient/login/register-controller.js @@ -142,6 +142,20 @@ angular.module('RegisterController', ['matrixService']) } ); }; + + var setupCaptcha = function() { + console.log("Setting up ReCaptcha") + Recaptcha.create("6Le31_kSAAAAAK-54VKccKamtr-MFA_3WS1d_fGV", + "regcaptcha", + { + theme: "red", + callback: Recaptcha.focus_response_field + }); + }; + $scope.init = function() { + setupCaptcha(); + }; + }]); -- cgit 1.4.1 From 130458385e919d886fcdfc4203354e93e9e8f1b1 Mon Sep 17 00:00:00 2001 From: Kegan Dougal Date: Fri, 5 Sep 2014 13:56:36 -0700 Subject: Modified matrixService.register to specify if captcha results should be sent with the registration request. This is toggleable via useCaptcha in register-controller. --- webclient/components/matrix/matrix-service.js | 26 ++++++++++++++++++++++---- webclient/login/register-controller.js | 8 ++++++-- 2 files changed, 28 insertions(+), 6 deletions(-) (limited to 'webclient/login/register-controller.js') diff --git a/webclient/components/matrix/matrix-service.js b/webclient/components/matrix/matrix-service.js index 8a0223979c..4754dc87da 100644 --- a/webclient/components/matrix/matrix-service.js +++ b/webclient/components/matrix/matrix-service.js @@ -84,15 +84,33 @@ angular.module('matrixService', []) prefix: prefixPath, // Register an user - register: function(user_name, password, threepidCreds) { + register: function(user_name, password, threepidCreds, useCaptcha) { // The REST path spec var path = "/register"; - - return doRequest("POST", path, undefined, { + + var data = { user_id: user_name, password: password, threepidCreds: threepidCreds - }); + }; + + if (useCaptcha) { + // Not all home servers will require captcha on signup, but if this flag is checked, + // send captcha information. + // TODO: Might be nice to make this a bit more flexible.. + var challengeToken = Recaptcha.get_challenge(); + var captchaEntry = Recaptcha.get_response(); + var captchaType = "m.login.recaptcha"; + + data.captcha = { + type: captchaType, + challenge: challengeToken, + response: captchaEntry + }; + console.log("Sending Captcha info: " + JSON.stringify(data.captcha)); + } + + return doRequest("POST", path, undefined, data); }, // Create a room diff --git a/webclient/login/register-controller.js b/webclient/login/register-controller.js index 1c1f4c42f3..9d02f274df 100644 --- a/webclient/login/register-controller.js +++ b/webclient/login/register-controller.js @@ -19,6 +19,8 @@ angular.module('RegisterController', ['matrixService']) function($scope, $rootScope, $location, matrixService, eventStreamService) { 'use strict'; + var useCaptcha = false; + // FIXME: factor out duplication with login-controller.js // Assume that this is hosted on the home server, in which case the URL @@ -87,7 +89,7 @@ angular.module('RegisterController', ['matrixService']) }; $scope.registerWithMxidAndPassword = function(mxid, password, threepidCreds) { - matrixService.register(mxid, password, threepidCreds).then( + matrixService.register(mxid, password, threepidCreds, useCaptcha).then( function(response) { $scope.feedback = "Success"; // Update the current config @@ -154,7 +156,9 @@ angular.module('RegisterController', ['matrixService']) }; $scope.init = function() { - setupCaptcha(); + if (useCaptcha) { + setupCaptcha(); + } }; }]); -- cgit 1.4.1 From c80f7394617dcc44c3a608a3a51acde0f255f623 Mon Sep 17 00:00:00 2001 From: Kegan Dougal Date: Fri, 5 Sep 2014 17:36:09 -0700 Subject: Added webclient config.js for storing recaptcha public key. --- .gitignore | 2 ++ webclient/README | 18 +++++++++++++++--- webclient/index.html | 1 + webclient/login/register-controller.js | 15 +++++++++++++-- 4 files changed, 31 insertions(+), 5 deletions(-) (limited to 'webclient/login/register-controller.js') diff --git a/.gitignore b/.gitignore index d2b93ef61f..dfe8dfedbf 100644 --- a/.gitignore +++ b/.gitignore @@ -24,4 +24,6 @@ graph/*.svg graph/*.png graph/*.dot +webclient/config.js + uploads diff --git a/webclient/README b/webclient/README index 0f893b1712..9750d2706a 100644 --- a/webclient/README +++ b/webclient/README @@ -1,12 +1,24 @@ Basic Usage ----------- -The Synapse web client needs to be hosted by a basic HTTP server. - -You can use the Python simple HTTP server:: +The web client should automatically run when running the home server. Alternatively, you can run +it stand-alone: $ python -m SimpleHTTPServer Then, open this URL in a WEB browser:: http://127.0.0.1:8000/ + + +ReCaptcha Keys +-------------- +The web client will look for the global variable webClientConfig for config options. You should +put your ReCaptcha public key there like so: + +webClientConfig = { + recaptcha_public_key: "YOUR_PUBLIC_KEY" +} + +This should be put in webclient/config.js which is already .gitignored, rather than in the web +client source files. diff --git a/webclient/index.html b/webclient/index.html index fe62d95bb8..0981373134 100644 --- a/webclient/index.html +++ b/webclient/index.html @@ -17,6 +17,7 @@ + diff --git a/webclient/login/register-controller.js b/webclient/login/register-controller.js index 9d02f274df..96fffb364d 100644 --- a/webclient/login/register-controller.js +++ b/webclient/login/register-controller.js @@ -19,7 +19,7 @@ angular.module('RegisterController', ['matrixService']) function($scope, $rootScope, $location, matrixService, eventStreamService) { 'use strict'; - var useCaptcha = false; + var useCaptcha = true; // FIXME: factor out duplication with login-controller.js @@ -147,7 +147,18 @@ angular.module('RegisterController', ['matrixService']) var setupCaptcha = function() { console.log("Setting up ReCaptcha") - Recaptcha.create("6Le31_kSAAAAAK-54VKccKamtr-MFA_3WS1d_fGV", + var config = window.webClientConfig; + var public_key = undefined; + if (config === undefined) { + console.error("Couldn't find webClientConfig. Cannot get public key for captcha."); + } + else { + public_key = webClientConfig.recaptcha_public_key; + if (public_key === undefined) { + console.error("No public key defined for captcha!") + } + } + Recaptcha.create(public_key, "regcaptcha", { theme: "red", -- cgit 1.4.1 From b5749c75d90247ff2f7960fad909b7b4fb694b67 Mon Sep 17 00:00:00 2001 From: Kegan Dougal Date: Fri, 5 Sep 2014 23:08:39 -0700 Subject: Reload captchas when they fail. Cleanup on success. --- synapse/handlers/register.py | 4 ++-- webclient/login/register-controller.js | 9 +++++++++ 2 files changed, 11 insertions(+), 2 deletions(-) (limited to 'webclient/login/register-controller.js') diff --git a/synapse/handlers/register.py b/synapse/handlers/register.py index 0693112ba8..0b841d6d3a 100644 --- a/synapse/handlers/register.py +++ b/synapse/handlers/register.py @@ -62,8 +62,8 @@ class RegistrationHandler(BaseHandler): captcha_info["response"] ) if not captcha_response["valid"]: - logger.info("Invalid captcha entered from %s", - captcha_info["ip"]) + logger.info("Invalid captcha entered from %s. Error: %s", + captcha_info["ip"], captcha_response["error_url"]) raise InvalidCaptchaError( error_url=captcha_response["error_url"] ) diff --git a/webclient/login/register-controller.js b/webclient/login/register-controller.js index 96fffb364d..1ab50888df 100644 --- a/webclient/login/register-controller.js +++ b/webclient/login/register-controller.js @@ -92,6 +92,9 @@ angular.module('RegisterController', ['matrixService']) matrixService.register(mxid, password, threepidCreds, useCaptcha).then( function(response) { $scope.feedback = "Success"; + if (useCaptcha) { + Recaptcha.destroy(); + } // Update the current config var config = matrixService.config(); angular.extend(config, { @@ -118,11 +121,17 @@ angular.module('RegisterController', ['matrixService']) }, function(error) { console.trace("Registration error: "+error); + if (useCaptcha) { + Recaptcha.reload(); + } if (error.data) { if (error.data.errcode === "M_USER_IN_USE") { $scope.feedback = "Username already taken."; $scope.reenter_username = true; } + else if (error.data.errcode == "M_CAPTCHA_INVALID") { + $scope.feedback = "Failed captcha."; + } } else if (error.status === 0) { $scope.feedback = "Unable to talk to the server."; -- cgit 1.4.1 From a342867d3f86096d53a59b0e09d6ac6121bfaa6f Mon Sep 17 00:00:00 2001 From: Kegan Dougal Date: Fri, 5 Sep 2014 23:32:07 -0700 Subject: Added instructions for setting up captcha in an obviously named file. --- webclient/CAPTCHA_SETUP | 46 ++++++++++++++++++++++++++++++++++ webclient/README | 11 -------- webclient/login/register-controller.js | 8 ++++++ 3 files changed, 54 insertions(+), 11 deletions(-) create mode 100644 webclient/CAPTCHA_SETUP (limited to 'webclient/login/register-controller.js') diff --git a/webclient/CAPTCHA_SETUP b/webclient/CAPTCHA_SETUP new file mode 100644 index 0000000000..ebc8a5f3b0 --- /dev/null +++ b/webclient/CAPTCHA_SETUP @@ -0,0 +1,46 @@ +Captcha can be enabled for this web client / home server. This file explains how to do that. +The captcha mechanism used is Google's ReCaptcha. This requires API keys from Google. + +Getting keys +------------ +Requires a public/private key pair from: + +https://developers.google.com/recaptcha/ + + +Setting Private ReCaptcha Key +----------------------------- +The private key is a config option on the home server config. If it is not +visible, you can generate it via --generate-config. Set the following value: + + recaptcha_private_key: YOUR_PRIVATE_KEY + +In addition, you MUST enable captchas via: + + enable_registration_captcha: true + +Setting Public ReCaptcha Key +---------------------------- +The web client will look for the global variable webClientConfig for config +options. You should put your ReCaptcha public key there like so: + +webClientConfig = { + useCaptcha: true, + recaptcha_public_key: "YOUR_PUBLIC_KEY" +} + +This should be put in webclient/config.js which is already .gitignored, rather +than in the web client source files. You MUST set useCaptcha to true else a +ReCaptcha widget will not be generated. + +Configuring IP used for auth +---------------------------- +The ReCaptcha API requires that the IP address of the user who solved the +captcha is sent. If the client is connecting through a proxy or load balancer, +it may be required to use the X-Forwarded-For (XFF) header instead of the origin +IP address. This can be configured as an option on the home server like so: + + captcha_ip_origin_is_x_forwarded: true + + + diff --git a/webclient/README b/webclient/README index 9750d2706a..13224c3d07 100644 --- a/webclient/README +++ b/webclient/README @@ -11,14 +11,3 @@ Then, open this URL in a WEB browser:: http://127.0.0.1:8000/ -ReCaptcha Keys --------------- -The web client will look for the global variable webClientConfig for config options. You should -put your ReCaptcha public key there like so: - -webClientConfig = { - recaptcha_public_key: "YOUR_PUBLIC_KEY" -} - -This should be put in webclient/config.js which is already .gitignored, rather than in the web -client source files. diff --git a/webclient/login/register-controller.js b/webclient/login/register-controller.js index 1ab50888df..b3c0c21335 100644 --- a/webclient/login/register-controller.js +++ b/webclient/login/register-controller.js @@ -19,7 +19,11 @@ angular.module('RegisterController', ['matrixService']) function($scope, $rootScope, $location, matrixService, eventStreamService) { 'use strict'; + var config = window.webClientConfig; var useCaptcha = true; + if (config !== undefined) { + useCaptcha = config.useCaptcha; + } // FIXME: factor out duplication with login-controller.js @@ -132,6 +136,10 @@ angular.module('RegisterController', ['matrixService']) else if (error.data.errcode == "M_CAPTCHA_INVALID") { $scope.feedback = "Failed captcha."; } + else if (error.data.errcode == "M_CAPTCHA_NEEDED") { + $scope.feedback = "Captcha is required on this home " + + "server."; + } } else if (error.status === 0) { $scope.feedback = "Unable to talk to the server."; -- cgit 1.4.1