commit 7e4a11343d19ee21b18189c41979251c452dc928 Author: Matthew Finkel Matthew.Finkel@gmail.com Date: Fri Feb 7 23:20:31 2014 +0000
Make the remoteip configurable during recaptcha verification
Closes #10834 --- bridgedb.conf | 3 +++ lib/bridgedb/HTTPServer.py | 15 +++++++++++---- 2 files changed, 14 insertions(+), 4 deletions(-)
diff --git a/bridgedb.conf b/bridgedb.conf index 9bf414a..d223875 100644 --- a/bridgedb.conf +++ b/bridgedb.conf @@ -223,6 +223,9 @@ RECAPTCHA_ENABLED = False RECAPTCHA_PUB_KEY = '' RECAPTCHA_PRIV_KEY = ''
+# The remoteip we send to reCAPTCHA during verification +RECAPTCHA_REMOTEIP = '' + #------------------------------- # Email Distribution Options \ #------------------------------------------------------------------------------ diff --git a/lib/bridgedb/HTTPServer.py b/lib/bridgedb/HTTPServer.py index 633d903..fb1fb7f 100644 --- a/lib/bridgedb/HTTPServer.py +++ b/lib/bridgedb/HTTPServer.py @@ -113,11 +113,13 @@ def replaceErrorPage(error, template_name=None):
class CaptchaProtectedResource(twisted.web.resource.Resource): def __init__(self, useRecaptcha=False, recaptchaPrivKey='', - recaptchaPubKey='', useForwardedHeader=False, resource=None): + recaptchaPubKey='', remoteip='', useForwardedHeader=False, + resource=None): self.isLeaf = resource.isLeaf self.useForwardedHeader = useForwardedHeader self.recaptchaPrivKey = recaptchaPrivKey self.recaptchaPubKey = recaptchaPubKey + self.recaptchaRemoteIP = remoteip self.resource = resource
def getClientIP(self, request): @@ -182,9 +184,12 @@ class CaptchaProtectedResource(twisted.web.resource.Resource): except: return redirectTo(request.URLPath(), request)
- # generate a random IP for the captcha submission - remote_ip = '%d.%d.%d.%d' % (randint(1,255),randint(1,255), - randint(1,255),randint(1,255)) + if self.recaptchaRemoteIP: + remote_ip = self.recaptchaRemoteIP + else: + # generate a random IP for the captcha submission + remote_ip = '%d.%d.%d.%d' % (randint(1,255),randint(1,255), + randint(1,255),randint(1,255))
recaptcha_response = captcha.submit(challenge, response, self.recaptchaPrivKey, remote_ip) @@ -464,6 +469,7 @@ def addWebServer(cfg, dist, sched): RECAPTCHA_ENABLED RECAPTCHA_PUB_KEY RECAPTCHA_PRIV_KEY + RECAPTCHA_REMOTEIP dist -- an IPBasedDistributor object. sched -- an IntervalSchedule object. """ @@ -487,6 +493,7 @@ def addWebServer(cfg, dist, sched): protected = CaptchaProtectedResource( recaptchaPrivKey=cfg.RECAPTCHA_PRIV_KEY, recaptchaPubKey=cfg.RECAPTCHA_PUB_KEY, + remoteip=cfg.RECAPTCHA_REMOTEIP, useForwardedHeader=cfg.HTTP_USE_IP_FROM_FORWARDED_HEADER, resource=resource) httpdist.putChild('bridges', protected)