Recaptcha support
Added configuration options to allow reCAPTCHA to be integrated into the registration process. reCAPTCHA response is validated on sign-up if enabled.
This commit is contained in:
parent
1a08ef1828
commit
821bfceb09
1
.gitignore
vendored
1
.gitignore
vendored
@ -5,3 +5,4 @@
|
|||||||
Homestead.json
|
Homestead.json
|
||||||
Homestead.yaml
|
Homestead.yaml
|
||||||
.env
|
.env
|
||||||
|
composer.phar
|
@ -59,6 +59,9 @@ class ConfigHelper
|
|||||||
'date_format' => $this->allowedDateFormats()[0],
|
'date_format' => $this->allowedDateFormats()[0],
|
||||||
'items_per_page' => 12,
|
'items_per_page' => 12,
|
||||||
'items_per_page_admin' => 10,
|
'items_per_page_admin' => 10,
|
||||||
|
'recaptcha_enabled_registration' => false,
|
||||||
|
'recaptcha_secret_key' => '',
|
||||||
|
'recaptcha_site_key' => '',
|
||||||
'require_email_verification' => true,
|
'require_email_verification' => true,
|
||||||
'sender_address' => sprintf('hostmaster@%s', (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'localhost')),
|
'sender_address' => sprintf('hostmaster@%s', (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'localhost')),
|
||||||
'sender_name' => (is_null($currentAppName) ? trans('global.app_name') : $currentAppName),
|
'sender_name' => (is_null($currentAppName) ? trans('global.app_name') : $currentAppName),
|
||||||
|
36
app/Helpers/RecaptchaHelper.php
Normal file
36
app/Helpers/RecaptchaHelper.php
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace App\Helpers;
|
||||||
|
|
||||||
|
use App\Facade\UserConfig;
|
||||||
|
|
||||||
|
class RecaptchaHelper
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* Validates the given reCAPTCHA response against the reCAPTCHA servers to see if the user was validated successfully.
|
||||||
|
* @param string $response Response from the g-recaptcha-response POST variable
|
||||||
|
* @param string $clientIpAddress Client's IP address
|
||||||
|
* @return mixed Returns true or false depending on the reCAPTCHA server's response
|
||||||
|
* @throws \Exception Thrown when the reCAPTCHA server could not be reached, or it didn't return a valid JSON response.
|
||||||
|
*/
|
||||||
|
public static function validateResponse($response, $clientIpAddress)
|
||||||
|
{
|
||||||
|
$ch = curl_init(config('services.recaptcha.verify_url'));
|
||||||
|
curl_setopt($ch, CURLOPT_POST, true);
|
||||||
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
||||||
|
curl_setopt($ch, CURLOPT_POSTFIELDS, array(
|
||||||
|
'secret' => UserConfig::get('recaptcha_secret_key'),
|
||||||
|
'response' => $response,
|
||||||
|
'remoteip' => $clientIpAddress
|
||||||
|
));
|
||||||
|
|
||||||
|
$return = json_decode(curl_exec($ch));
|
||||||
|
|
||||||
|
if (is_null($return))
|
||||||
|
{
|
||||||
|
throw new \Exception('Error while communicating with the reCAPTCHA service.');
|
||||||
|
}
|
||||||
|
|
||||||
|
return $return->success;
|
||||||
|
}
|
||||||
|
}
|
@ -40,7 +40,8 @@ class DefaultController extends Controller
|
|||||||
$checkboxKeys = [
|
$checkboxKeys = [
|
||||||
'allow_self_registration',
|
'allow_self_registration',
|
||||||
'require_email_verification',
|
'require_email_verification',
|
||||||
'smtp_encryption'
|
'smtp_encryption',
|
||||||
|
'recaptcha_enabled_registration'
|
||||||
];
|
];
|
||||||
$updateKeys = [
|
$updateKeys = [
|
||||||
'app_name',
|
'app_name',
|
||||||
@ -51,7 +52,9 @@ class DefaultController extends Controller
|
|||||||
'smtp_port',
|
'smtp_port',
|
||||||
'smtp_username',
|
'smtp_username',
|
||||||
'smtp_password',
|
'smtp_password',
|
||||||
'theme'
|
'theme',
|
||||||
|
'recaptcha_site_key',
|
||||||
|
'recaptcha_secret_key'
|
||||||
];
|
];
|
||||||
|
|
||||||
$defaults = UserConfig::defaults();
|
$defaults = UserConfig::defaults();
|
||||||
|
@ -5,6 +5,7 @@ namespace App\Http\Controllers\Auth;
|
|||||||
use App\Facade\Theme;
|
use App\Facade\Theme;
|
||||||
use App\Facade\UserConfig;
|
use App\Facade\UserConfig;
|
||||||
use App\Helpers\MiscHelper;
|
use App\Helpers\MiscHelper;
|
||||||
|
use App\Helpers\RecaptchaHelper;
|
||||||
use App\Mail\UserActivationRequired;
|
use App\Mail\UserActivationRequired;
|
||||||
use App\User;
|
use App\User;
|
||||||
use Illuminate\Http\Request;
|
use Illuminate\Http\Request;
|
||||||
@ -51,13 +52,27 @@ class RegisterController extends Controller
|
|||||||
* @param array $data
|
* @param array $data
|
||||||
* @return \Illuminate\Contracts\Validation\Validator
|
* @return \Illuminate\Contracts\Validation\Validator
|
||||||
*/
|
*/
|
||||||
protected function validator(array $data)
|
protected function validator(Request $request)
|
||||||
{
|
{
|
||||||
return Validator::make($data, [
|
return Validator::make(
|
||||||
|
$request->all(),
|
||||||
|
[
|
||||||
'name' => 'required|max:255',
|
'name' => 'required|max:255',
|
||||||
'email' => 'required|email|max:255|unique:users',
|
'email' => 'required|email|max:255|unique:users',
|
||||||
'password' => 'required|min:6|confirmed',
|
'password' => 'required|min:6|confirmed',
|
||||||
]);
|
]
|
||||||
|
)
|
||||||
|
->after(function($validator) use ($request)
|
||||||
|
{
|
||||||
|
// reCAPTCHA validation
|
||||||
|
if (
|
||||||
|
UserConfig::get('recaptcha_enabled_registration') &&
|
||||||
|
!RecaptchaHelper::validateResponse($request->request->get('g-recaptcha-response'), $request->getClientIp())
|
||||||
|
)
|
||||||
|
{
|
||||||
|
$validator->errors()->add('recaptcha', trans('auth.recaptcha_failed_message'));
|
||||||
|
}
|
||||||
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -96,7 +111,7 @@ class RegisterController extends Controller
|
|||||||
return redirect(route('home'));
|
return redirect(route('home'));
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->validator($request->all())->validate();
|
$this->validator($request)->validate();
|
||||||
|
|
||||||
/** @var User $user */
|
/** @var User $user */
|
||||||
$user = $this->create($request->all());
|
$user = $this->create($request->all());
|
||||||
|
@ -14,7 +14,11 @@ return [
|
|||||||
|
|
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
'mailgun' => [
|
'recaptcha' => [
|
||||||
|
'verify_url' => 'https://www.google.com/recaptcha/api/siteverify'
|
||||||
|
]
|
||||||
|
|
||||||
|
/*'mailgun' => [
|
||||||
'domain' => env('MAILGUN_DOMAIN'),
|
'domain' => env('MAILGUN_DOMAIN'),
|
||||||
'secret' => env('MAILGUN_SECRET'),
|
'secret' => env('MAILGUN_SECRET'),
|
||||||
],
|
],
|
||||||
@ -33,6 +37,6 @@ return [
|
|||||||
'model' => App\User::class,
|
'model' => App\User::class,
|
||||||
'key' => env('STRIPE_KEY'),
|
'key' => env('STRIPE_KEY'),
|
||||||
'secret' => env('STRIPE_SECRET'),
|
'secret' => env('STRIPE_SECRET'),
|
||||||
],
|
],*/
|
||||||
|
|
||||||
];
|
];
|
||||||
|
@ -23,5 +23,6 @@ return [
|
|||||||
'forgot_password_link' => 'Forgotten your password?',
|
'forgot_password_link' => 'Forgotten your password?',
|
||||||
'forgot_password_title' => 'Send password reset link',
|
'forgot_password_title' => 'Send password reset link',
|
||||||
'login_page_title' => 'Login',
|
'login_page_title' => 'Login',
|
||||||
|
'recaptcha_failed_message' => 'The reCAPTCHA verfication failed. Please ensure you have completed the reCAPTCHA challenge and try again.',
|
||||||
'register_page_title' => 'Create an account'
|
'register_page_title' => 'Create an account'
|
||||||
];
|
];
|
||||||
|
@ -84,7 +84,7 @@
|
|||||||
|
|
||||||
<div class="checkbox">
|
<div class="checkbox">
|
||||||
<label>
|
<label>
|
||||||
<input type="checkbox" name="smtp_encryption" @if (UserConfig::get('smtp_encryption') == 1)checked="checked"@endif>
|
<input type="checkbox" name="smtp_encryption" @if (UserConfig::get('smtp_encryption'))checked="checked"@endif>
|
||||||
<strong>Requires encrypted connection</strong>
|
<strong>Requires encrypted connection</strong>
|
||||||
</label>
|
</label>
|
||||||
</div>
|
</div>
|
||||||
@ -105,10 +105,10 @@
|
|||||||
</div>
|
</div>
|
||||||
|
|
||||||
{{-- Security --}}
|
{{-- Security --}}
|
||||||
<div role="tabpanel" class="tab-pane" id="security-tab">
|
<fieldset role="tabpanel" class="tab-pane" id="security-tab">
|
||||||
<div class="checkbox">
|
<div class="checkbox">
|
||||||
<label>
|
<label>
|
||||||
<input type="checkbox" name="allow_self_registration" @if (UserConfig::get('allow_self_registration') == 1)checked="checked"@endif>
|
<input type="checkbox" name="allow_self_registration" @if (UserConfig::get('allow_self_registration'))checked="checked"@endif>
|
||||||
<strong>Allow self-registration</strong><br/>
|
<strong>Allow self-registration</strong><br/>
|
||||||
With this option enabled, users can sign up for their own "visitor" accounts to comment on photos.
|
With this option enabled, users can sign up for their own "visitor" accounts to comment on photos.
|
||||||
</label>
|
</label>
|
||||||
@ -116,15 +116,38 @@
|
|||||||
|
|
||||||
<div class="checkbox" style="margin-top: 20px;">
|
<div class="checkbox" style="margin-top: 20px;">
|
||||||
<label>
|
<label>
|
||||||
<input type="checkbox" name="require_email_verification" @if (UserConfig::get('require_email_verification') == 1)checked="checked"@endif>
|
<input type="checkbox" name="require_email_verification" @if (UserConfig::get('require_email_verification'))checked="checked"@endif>
|
||||||
<strong>Require e-mail verification for self-registered accounts</strong><br/>
|
<strong>Require e-mail verification for self-registered accounts</strong><br/>
|
||||||
<span class="text-danger">It is strongly recommended to enable this option.</span>
|
<span class="text-danger">It is strongly recommended to enable this option.</span>
|
||||||
</label>
|
</label>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
<div class="checkbox" style="margin-top: 20px;">
|
||||||
|
<label>
|
||||||
|
<input type="checkbox" name="recaptcha_enabled_registration" @if (UserConfig::get('recaptcha_enabled_registration'))checked="checked"@endif>
|
||||||
|
<strong>Enable <a href="https://www.google.com/recaptcha" target="_blank">reCAPTCHA</a> for self-registrations</strong><br/>
|
||||||
|
<span class="text-danger">It is strongly recommended to enable this option.</span>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<fieldset style="margin-top: 30px;">
|
||||||
|
<legend>reCAPTCHA settings</legend>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
{!! Form::label('recaptcha_site_key', 'Site key:', ['class' => 'control-label']) !!}
|
||||||
|
{!! Form::text('recaptcha_site_key', old('recaptcha_site_key'), ['class' => 'form-control']) !!}
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
{!! Form::label('recaptcha_secret_key', 'Secret key:', ['class' => 'control-label']) !!}
|
||||||
|
{!! Form::text('recaptcha_secret_key', old('recaptcha_secret_key'), ['class' => 'form-control']) !!}
|
||||||
|
</div>
|
||||||
|
</fieldset>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
<div class="clearfix"><!-- --></div>
|
||||||
<div class="text-right" style="margin-top: 15px;">
|
<div class="text-right" style="margin-top: 15px;">
|
||||||
<a href="{{ route('admin') }}" class="btn btn-default">@lang('forms.cancel_action')</a>
|
<a href="{{ route('admin') }}" class="btn btn-default">@lang('forms.cancel_action')</a>
|
||||||
{!! Form::submit(trans('admin.settings_save_action'), ['class' => 'btn btn-success']) !!}
|
{!! Form::submit(trans('admin.settings_save_action'), ['class' => 'btn btn-success']) !!}
|
||||||
|
@ -67,8 +67,26 @@
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
@if (UserConfig::get('recaptcha_enabled_registration'))
|
||||||
|
<div class="form-group">
|
||||||
|
@if ($errors->has('recaptcha'))
|
||||||
|
<div class="col-md-12">
|
||||||
|
<div class="alert alert-danger">
|
||||||
|
<i class="fa fa-fw fa-warning"></i>
|
||||||
|
{{ $errors->first('recaptcha') }}
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
@endif
|
||||||
|
|
||||||
|
<div class="col-md-6 col-md-offset-4">
|
||||||
|
<div class="g-recaptcha" data-sitekey="{{ UserConfig::get('recaptcha_site_key') }}"></div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
@endif
|
||||||
|
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<div class="col-md-6 col-md-offset-4 text-right">
|
<div class="col-md-6 col-md-offset-4 text-right">
|
||||||
|
<a href="{{ route('home') }}" class="btn btn-default">@lang('forms.cancel_action')</a>
|
||||||
<button type="submit" class="btn btn-success">@lang('forms.register_action')</button>
|
<button type="submit" class="btn btn-success">@lang('forms.register_action')</button>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
@ -79,3 +97,9 @@
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
@endsection
|
@endsection
|
||||||
|
|
||||||
|
@if (UserConfig::get('recaptcha_enabled_registration'))
|
||||||
|
@push('scripts')
|
||||||
|
<script src="https://www.google.com/recaptcha/api.js"></script>
|
||||||
|
@endpush
|
||||||
|
@endif
|
Loading…
Reference in New Issue
Block a user