dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Captcha in progress (#595)

Browse Source
This commit is contained in:
Xavier Guimard 2017-01-26 21:42:40 +00:00
parent 086a1ddbd8
commit 12ad708c4a
2 changed files with 70 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

96
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Register.pm
View File

@ -24,6 +24,19 @@ our $VERSION = '2.0.0';
extends 'Lemonldap::NG::Portal::Main::Plugin',
'Lemonldap::NG::Portal::Lib::SMTP';
# PROPERTIES
has registerModule => ( is => 'rw' );
has registerUrl => (
is => 'rw',
default => sub {
my $p = $_[0]->conf->{portal};
$p =~ s#/*$##;
return "$p/register";
}
);
has ott => (
is => 'rw',
default => sub {
@ -35,15 +48,25 @@ has ott => (
}
);
has captcha => ( is => 'rw' );
# INITIALIZATION
sub init {
my ($self) = @_;
$self->addUnauthRoute( register => 'register', [ 'POST', 'GET' ] );
if ( $self->conf->{captcha_register_enabled} ) {
# TODO: load captcha plugin
# Declare REST route
$self->addUnauthRoute( register => 'register', [ 'POST', 'GET' ] );
# Initialize Captcha if needed
if ( $self->conf->{captcha_register_enabled} ) {
$self->captcha( $self->p->loadModule('::Lib::Captcha') ) or return 0;
# TODO: timeout
$self->captcha->timeout( $self->conf->{registerTimeout} );
}
# Load register module
$self->registerModule(
$self->p->loadPlugin( '::Register::' . $self->conf->{registerDB} ) )
or return 0;
@ -53,22 +76,6 @@ sub init {
return 1;
}
# PROPERTIES
has captchaModule => ( is => 'rw' );
# TODO
has registerModule => ( is => 'rw' );
has registerUrl => (
is => 'rw',
default => sub {
my $p = $_[0]->conf->{portal};
$p =~ s#/*$##;
return "$p/register";
}
);
# RUNNIG METHODS
sub register {
@ -127,46 +134,24 @@ sub _register {
&& !$self->getRegisterSession( $req->datas->{registerInfo}->{mail} )
)
{
$req->datas->{captcha_user_code} = $req->param('captcha_user_code');
$req->datas->{captcha_check_code} = $req->param('captcha_code');
$req->datas->{captcha} = $req->param('captcha');
$req->datas->{token} = $req->param('token');
unless ( $self->{captcha_user_code}
&& $self->{captcha_check_code} )
{
unless ( $req->datas->{captcha} and $req->datas->{token} ) {
$self->lmLog( "Captcha not filled", 'warn' );
return PE_CAPTCHAEMPTY;
}
$self->lmLog(
"Captcha data received: "
. $req->datas->{captcha_user_code} . " and "
. $req->datas->{captcha_check_code},
'debug'
);
# Check captcha
my $captcha_result = $self->captchaModule->checkCaptcha(
$req->datas->{captcha_user_code},
$req->datas->{captcha_check_code}
);
if ( $captcha_result != 1 ) {
if ( $captcha_result == -3
or $captcha_result == -2 )
{
$self->lmLog( "Captcha failed: wrong code", 'warn' );
return PE_CAPTCHAERROR;
}
elsif ( $captcha_result == 0 ) {
$self->lmLog(
"Captcha failed: code not checked (file error)",
'warn' );
return PE_CAPTCHAERROR;
}
elsif ( $captcha_result == -1 ) {
$self->lmLog( "Captcha failed: code has expired", 'warn' );
return PE_CAPTCHAERROR;
}
unless (
$self->captcha->validateCaptcha(
$req->datas->{token},
$req->datas->{captcha}
)
)
{
$self->p->userNotice('Captcha failed: wrong code');
return PE_CAPTCHAERROR;
}
$self->lmLog( "Captcha code verified", 'debug' );
}
@ -401,9 +386,8 @@ sub display {
if ( $self->conf->{captcha_register_enabled} ) {
%templateParams = (
%templateParams,
CAPTCHA_IMG => $self->captcha_img,
CAPTCHA_CODE => $self->captcha_code,
CAPTCHA_SIZE => $self->captcha_size
CAPTCHA_SRC => $req->captcha,
TOKEN => $req->token,
);
}

40
lemonldap-ng-portal/t/41-Register-Demo.t
View File

@ -7,7 +7,7 @@ BEGIN {
require 't/test-lib.pm';
}
my ($res,$user,$pwd);
my ( $res, $user, $pwd );
my $mailSend = 0;
my $client = LLNG::Manager::Test->new(
@ -45,18 +45,28 @@ count(1);
expectOK($res);
# $query is set by MIME::Lite::send below
ok($query =~ /register_token=/, 'Found register_token');
ok( $query =~ /register_token=/, 'Found register_token' );
count(1);
ok($res = $client->_get('/register',query=>$query,accept=>'text/html'),'Push register_token');
ok(
$res = $client->_get( '/register', query => $query, accept => 'text/html' ),
'Push register_token'
);
expectOK($res);
count(1);
# $user/$pwd are set by MIME::Lite::send below
ok($user eq 'fbar','Get good login');
ok( $user eq 'fbar', 'Get good login' );
count(1);
ok($res=$client->_post('/',IO::String->new('user=fbar&password=fbar'),length=>23,accept=>'text/html'),'Try to authenticate');
ok(
$res = $client->_post(
'/', IO::String->new('user=fbar&password=fbar'),
length => 23,
accept => 'text/html'
),
'Try to authenticate'
);
count(1);
expectCookie($res);
@ -67,22 +77,32 @@ done_testing( count() );
no warnings 'redefine';
my $mail2 = 0;
sub MIME::Lite::send {
my ($mail) = @_;
pass('Mail sent');
ok($mail->header_as_string =~ /foobar\@badwolf.org/s, 'Found dest') or explain($mail->header_as_string,'To: foobar@badwolf.org');
ok( $mail->header_as_string =~ /foobar\@badwolf.org/s, 'Found dest' )
or explain( $mail->header_as_string, 'To: foobar@badwolf.org' );
count(2);
unless($mail2) {
unless ($mail2) {
$mailSend = 1;
ok($mail->body_as_string =~ m#a href="http://auth.example.com/register\?(.*?)"#, 'Found link');
ok(
$mail->body_as_string =~
m#a href="http://auth.example.com/register\?(.*?)"#,
'Found link'
);
count(1);
$query = $1;
$mail2++;
}
else {
$mailSend = 2;
ok($mail->body_as_string =~ m#yourLoginIs.+?<b>(\w+)</b>.*?pwdIs.+?<b>(.*?)</b>#s, 'Get login/pwd');
($user,$pwd) = ($1,$2);
ok(
$mail->body_as_string =~
m#yourLoginIs.+?<b>(\w+)</b>.*?pwdIs.+?<b>(.*?)</b>#s,
'Get login/pwd'
);
( $user, $pwd ) = ( $1, $2 );
count(1);
}
}