Enable CAPTCHA

2025-04-19 02:07:31 +00:00 · 2023-01-30 22:46:59 +00:00 · 2023-01-30 22:46:59 +00:00 · e411bc9f19
commit e411bc9f19
parent c5b9e24604
6 changed files with 36 additions and 7 deletions
--- a/configs/development.py
+++ b/configs/development.py
@ -15,6 +15,17 @@ SQLA_DB_HOST = '127.0.0.1'
 SQLA_DB_NAME = 'pda'
 SQLALCHEMY_TRACK_MODIFICATIONS = True
 #CAPTCHA Config
 CAPTCHA_ENABLE = True
 CAPTCHA_LENGTH = 6
 CAPTCHA_WIDTH = 160
 CAPTCHA_HEIGHT = 60
 CAPTCHA_SESSION_KEY = 'captcha_image'
 #Server side sessions tracking
 #Set to TRUE for CAPTCHA, or enable another stateful session tracking system
 FILESYSTEM_SESSIONS_ENABLED = True
 ### DATABASE - MySQL
 #SQLALCHEMY_DATABASE_URI = 'mysql://{}:{}@{}/{}'.format(
 #    urllib.parse.quote_plus(SQLA_DB_USER),
--- a/powerdnsadmin/routes/init.py
+++ b/powerdnsadmin/routes/init.py
@ -1,5 +1,5 @@
 from .base import (
-    csrf, login_manager, handle_bad_request, handle_unauthorized_access,
+    captcha, csrf, login_manager, handle_bad_request, handle_unauthorized_access,
    handle_access_forbidden, handle_page_not_found, handle_internal_server_error
 )
@ -14,6 +14,7 @@ from .api import api_bp, apilist_bp
 def init_app(app):
    login_manager.init_app(app)
    csrf.init_app(app)
    captcha.init_app(app)
    app.register_blueprint(index_bp)
    app.register_blueprint(user_bp)
--- a/powerdnsadmin/routes/base.py
+++ b/powerdnsadmin/routes/base.py
@ -3,10 +3,12 @@ import base64
 from flask import render_template, url_for, redirect, session, request, current_app
 from flask_login import LoginManager
 from flask_seasurf import SeaSurf
 from flask_session_captcha import FlaskSessionCaptcha
 from ..models.user import User
 captcha = FlaskSessionCaptcha()
 csrf = SeaSurf()
 login_manager = LoginManager()
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@ -10,7 +10,7 @@ from yaml import Loader, load
 from flask import Blueprint, render_template, make_response, url_for, current_app, g, session, request, redirect, abort
 from flask_login import login_user, logout_user, login_required, current_user
-from .base import csrf, login_manager
+from .base import captcha, csrf, login_manager
 from ..lib import utils
 from ..decorators import dyndns_login_required
 from ..models.base import db
@ -651,9 +651,10 @@ def logout():
@index_bp.route('/register', methods=['GET', 'POST'])
 def register():
    CAPTCHA_ENABLE = current_app.config.get('CAPTCHA_ENABLE')
    if Setting().get('signup_enabled'):
        if request.method == 'GET':
-            return render_template('register.html')
+            return render_template('register.html', captcha_enable=CAPTCHA_ENABLE)
        elif request.method == 'POST':
            username = request.form.get('username', '').strip()
            password = request.form.get('password', '')
@ -664,12 +665,16 @@ def register():
            if not username or not password or not email:
                return render_template(
-                    'register.html', error='Please input required information')
+                    'register.html', error='Please input required information', captcha_enable=CAPTCHA_ENABLE)
            if password != rpassword:
                return render_template(
                    'register.html',
-                    error="Password confirmation does not match")
+                    error="Password confirmation does not match", captcha_enable=CAPTCHA_ENABLE)
            if not captcha.validate():
                return render_template(
                    'register.html', error='Invalid CAPTCHA answer', captcha_enable=CAPTCHA_ENABLE)
            user = User(username=username,
                        plain_text_password=password,
@ -690,9 +695,9 @@ def register():
                        return redirect(url_for('index.login'))
                else:
                    return render_template('register.html',
-                                           error=result['msg'])
+                                           error=result['msg'], captcha_enable=CAPTCHA_ENABLE)
            except Exception as e:
-                return render_template('register.html', error=e)
+                return render_template('register.html', error=e, captcha_enable=CAPTCHA_ENABLE)
    else:
        return render_template('errors/404.html'), 404
--- a/powerdnsadmin/templates/register.html
+++ b/powerdnsadmin/templates/register.html
@ -64,6 +64,15 @@
          <span class="glyphicon glyphicon-log-in form-control-feedback"></span>
          <span class="help-block with-errors"></span>
        </div>
        {% if captcha_enable %}
          <p class="login-box-msg">Please complete the CAPTCHA below</p>
          <div class="form-group has-feedback">
            {{ captcha() }}
            <input type="text" class="form-control" placeholder="CAPTCHA"  name="captcha"
              data-error="Please complete the CAPTCHA" required>
            <span class="help-block with-errors"></span>
          </div>
        {% endif %}
        <div class="row">
          <div class="col-xs-4 pull-left">
            <button type="button" class="btn btn-flat btn-block" id="button_back">Back</button>
--- a/requirements.txt
+++ b/requirements.txt
@ -31,3 +31,4 @@ Jinja2==3.0.3
 itsdangerous==2.0.1
 werkzeug==2.0.3
 cryptography==36.0.2
 flask_session_captcha==1.3.0