mirror of
https://github.com/cwinfo/powerdns-admin.git
synced 2024-11-08 14:40:27 +00:00
Enable CAPTCHA
This commit is contained in:
Tyler Todd
parent
c5b9e24604
commit
e411bc9f19
@ -15,6 +15,17 @@ SQLA_DB_HOST = '127.0.0.1'
|
||||
SQLA_DB_NAME = 'pda'
|
||||
SQLALCHEMY_TRACK_MODIFICATIONS = True
|
||||
|
||||
#CAPTCHA Config
|
||||
CAPTCHA_ENABLE = True
|
||||
CAPTCHA_LENGTH = 6
|
||||
CAPTCHA_WIDTH = 160
|
||||
CAPTCHA_HEIGHT = 60
|
||||
CAPTCHA_SESSION_KEY = 'captcha_image'
|
||||
|
||||
#Server side sessions tracking
|
||||
#Set to TRUE for CAPTCHA, or enable another stateful session tracking system
|
||||
FILESYSTEM_SESSIONS_ENABLED = True
|
||||
|
||||
### DATABASE - MySQL
|
||||
#SQLALCHEMY_DATABASE_URI = 'mysql://{}:{}@{}/{}'.format(
|
||||
# urllib.parse.quote_plus(SQLA_DB_USER),
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
from .base import (
|
||||
csrf, login_manager, handle_bad_request, handle_unauthorized_access,
|
||||
captcha, csrf, login_manager, handle_bad_request, handle_unauthorized_access,
|
||||
handle_access_forbidden, handle_page_not_found, handle_internal_server_error
|
||||
)
|
||||
|
||||
@ -14,6 +14,7 @@ from .api import api_bp, apilist_bp
|
||||
def init_app(app):
|
||||
login_manager.init_app(app)
|
||||
csrf.init_app(app)
|
||||
captcha.init_app(app)
|
||||
|
||||
app.register_blueprint(index_bp)
|
||||
app.register_blueprint(user_bp)
|
||||
|
||||
@ -3,10 +3,12 @@ import base64
|
||||
from flask import render_template, url_for, redirect, session, request, current_app
|
||||
from flask_login import LoginManager
|
||||
from flask_seasurf import SeaSurf
|
||||
from flask_session_captcha import FlaskSessionCaptcha
|
||||
|
||||
from ..models.user import User
|
||||
|
||||
|
||||
captcha = FlaskSessionCaptcha()
|
||||
csrf = SeaSurf()
|
||||
login_manager = LoginManager()
|
||||
|
||||
|
||||
@ -10,7 +10,7 @@ from yaml import Loader, load
|
||||
from flask import Blueprint, render_template, make_response, url_for, current_app, g, session, request, redirect, abort
|
||||
from flask_login import login_user, logout_user, login_required, current_user
|
||||
|
||||
from .base import csrf, login_manager
|
||||
from .base import captcha, csrf, login_manager
|
||||
from ..lib import utils
|
||||
from ..decorators import dyndns_login_required
|
||||
from ..models.base import db
|
||||
@ -651,9 +651,10 @@ def logout():
|
||||
|
||||
@index_bp.route('/register', methods=['GET', 'POST'])
|
||||
def register():
|
||||
CAPTCHA_ENABLE = current_app.config.get('CAPTCHA_ENABLE')
|
||||
if Setting().get('signup_enabled'):
|
||||
if request.method == 'GET':
|
||||
return render_template('register.html')
|
||||
return render_template('register.html', captcha_enable=CAPTCHA_ENABLE)
|
||||
elif request.method == 'POST':
|
||||
username = request.form.get('username', '').strip()
|
||||
password = request.form.get('password', '')
|
||||
@ -664,12 +665,16 @@ def register():
|
||||
|
||||
if not username or not password or not email:
|
||||
return render_template(
|
||||
'register.html', error='Please input required information')
|
||||
'register.html', error='Please input required information', captcha_enable=CAPTCHA_ENABLE)
|
||||
|
||||
if password != rpassword:
|
||||
return render_template(
|
||||
'register.html',
|
||||
error="Password confirmation does not match")
|
||||
error="Password confirmation does not match", captcha_enable=CAPTCHA_ENABLE)
|
||||
|
||||
if not captcha.validate():
|
||||
return render_template(
|
||||
'register.html', error='Invalid CAPTCHA answer', captcha_enable=CAPTCHA_ENABLE)
|
||||
|
||||
user = User(username=username,
|
||||
plain_text_password=password,
|
||||
@ -690,9 +695,9 @@ def register():
|
||||
return redirect(url_for('index.login'))
|
||||
else:
|
||||
return render_template('register.html',
|
||||
error=result['msg'])
|
||||
error=result['msg'], captcha_enable=CAPTCHA_ENABLE)
|
||||
except Exception as e:
|
||||
return render_template('register.html', error=e)
|
||||
return render_template('register.html', error=e, captcha_enable=CAPTCHA_ENABLE)
|
||||
else:
|
||||
return render_template('errors/404.html'), 404
|
||||
|
||||
|
||||
@ -64,6 +64,15 @@
|
||||
<span class="glyphicon glyphicon-log-in form-control-feedback"></span>
|
||||
<span class="help-block with-errors"></span>
|
||||
</div>
|
||||
{% if captcha_enable %}
|
||||
<p class="login-box-msg">Please complete the CAPTCHA below</p>
|
||||
<div class="form-group has-feedback">
|
||||
{{ captcha() }}
|
||||
<input type="text" class="form-control" placeholder="CAPTCHA" name="captcha"
|
||||
data-error="Please complete the CAPTCHA" required>
|
||||
<span class="help-block with-errors"></span>
|
||||
</div>
|
||||
{% endif %}
|
||||
<div class="row">
|
||||
<div class="col-xs-4 pull-left">
|
||||
<button type="button" class="btn btn-flat btn-block" id="button_back">Back</button>
|
||||
|
||||
@ -31,3 +31,4 @@ Jinja2==3.0.3
|
||||
itsdangerous==2.0.1
|
||||
werkzeug==2.0.3
|
||||
cryptography==36.0.2
|
||||
flask_session_captcha==1.3.0
|
||||
Loading…
Reference in New Issue
Block a user