Validate recaptcha for registration

This commit is contained in:
James Wang 2015-12-23 23:31:50 -05:00
parent 5194830e0d
commit cfc413f782
3 changed files with 22 additions and 4 deletions

View file

@ -3,3 +3,4 @@ mysql-python
Flask-SQLAlchemy Flask-SQLAlchemy
SQLAlchemy SQLAlchemy
gunicorn gunicorn
requests

View file

@ -4,6 +4,7 @@ from flask import current_app as app
from models import db, Users from models import db, Users
from utils import api_wrapper from utils import api_wrapper
import requests
import utils import utils
blueprint = Blueprint("user", __name__) blueprint = Blueprint("user", __name__)
@ -11,6 +12,9 @@ blueprint = Blueprint("user", __name__)
@blueprint.route("/register", methods=["POST"]) @blueprint.route("/register", methods=["POST"])
@api_wrapper @api_wrapper
def user_register(): def user_register():
if not validate_captcha(request.form):
return { "success": 0, "message": "Please do the captcha." }
name = request.form["name"] name = request.form["name"]
username = request.form["username"] username = request.form["username"]
password = request.form["password"] password = request.form["password"]
@ -59,3 +63,13 @@ def add_user(name, username, email, password):
user = Users(name, username, email, password) user = Users(name, username, email, password)
db.session.add(user) db.session.add(user)
db.session.commit() db.session.commit()
def validate_captcha(form):
if "captcha_response" not in form:
return False
captcha_response = form["captcha_response"]
data = {"secret": "6Lc4xhMTAAAAACFaG2NyuKoMdZQtSa_1LI76BCEu", "response": captcha_response}
response = requests.post("https://www.google.com/recaptcha/api/siteverify", data=data)
if response.json()["success"]:
return True
return False

View file

@ -1,19 +1,22 @@
$("#registration-form").on("submit", function(e) { $("#registration-form").on("submit", function(e) {
e.preventDefault(); e.preventDefault();
register($("#name").val(), $("#username").val(), $("#password").val(), $("#password_confirm").val(), $("#email").val()); register($("#name").val(), $("#username").val(), $("#password").val(), $("#password_confirm").val(), $("#email").val(), $("#g-recaptcha-response").val());
}); });
function register(name, username, password, password_confirm, email) { function register(name, username, password, password_confirm, email, captcha_response) {
$.post("/api/user/register", { $.post("/api/user/register", {
name: name, name: name,
username: username, username: username,
password: password, password: password,
password_confirm: password_confirm, password_confirm: password_confirm,
email: email email: email,
captcha_response: captcha_response
}, function(data) { }, function(data) {
$("#status").text(data.message); $("#status").text(data.message);
if (data.success == 1) { if (data.success == 1) {
// wait then redirect or whatever // wait then redirect or whatever
} else {
grecaptcha.reset();
} }
}); });
} }