me/glitchier-soc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
17508 commits 2 branches 0 tags 429 MiB
Commit graph

5 commits

Author SHA1 Message Date
Claire
ea32eb89e1 Change CAPTCHA handling to be only on email verification 
This simplifies the implementation considerably, and while not providing
ideal UX, it's the most flexible approach.
 2022-01-25 23:56:57 +01:00
Claire
6988e6ecc3 Add ability to set hCaptcha either on registration form or on e-mail validation 
Upshot of CAPTCHA on e-mail validation is it does not need to break the in-band
registration API.
 2022-01-25 23:09:48 +01:00
Claire
2d4faa5cfd Disable captcha if registrations are disabled for various reasons 2022-01-24 22:12:57 +01:00
Claire
d36eb0503f Please CodeClimate 2022-01-24 21:29:50 +01:00
Claire
5c88cb1a67 Add optional hCaptcha support 
Fixes #1649

This requires setting `HCAPTCHA_SECRET_KEY` and `HCAPTCHA_SITE_KEY`, then
enabling the admin setting at
`/admin/settings/edit#form_admin_settings_captcha_enabled`

Subsequently, a hCaptcha widget will be displayed on `/about` and
`/auth/sign_up` unless:
- the user is already signed-up already
- the user has used an invite link
- the user has already solved the captcha (and registration failed for another
  reason)

The Content-Security-Policy headers are altered automatically to allow the
third-party hCaptcha scripts on `/about` and `/auth/sign_up` following the same
rules as above.
 2022-01-24 21:22:13 +01:00