Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
a3469d91
Commit
a3469d91
authored
Dec 28, 2015
by
Gabriel Mazetto
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
reCAPTCHA is configurable through Admin Settings, no reload needed.
parent
af00558d
Changes
13
Hide whitespace changes
Inline
Side-by-side
Showing
13 changed files
with
84 additions
and
71 deletions
+84
-71
app/controllers/admin/application_settings_controller.rb
app/controllers/admin/application_settings_controller.rb
+3
-0
app/controllers/registrations_controller.rb
app/controllers/registrations_controller.rb
+1
-1
app/controllers/sessions_controller.rb
app/controllers/sessions_controller.rb
+5
-0
app/models/application_setting.rb
app/models/application_setting.rb
+18
-10
app/views/admin/application_settings/_form.html.haml
app/views/admin/application_settings/_form.html.haml
+22
-0
app/views/devise/shared/_signup_box.html.haml
app/views/devise/shared/_signup_box.html.haml
+1
-1
config/gitlab.yml.example
config/gitlab.yml.example
+0
-6
config/initializers/1_settings.rb
config/initializers/1_settings.rb
+0
-6
config/initializers/recaptcha.rb
config/initializers/recaptcha.rb
+0
-6
db/migrate/20151228175719_add_recaptcha_to_application_settings.rb
...e/20151228175719_add_recaptcha_to_application_settings.rb
+9
-0
db/schema.rb
db/schema.rb
+4
-1
doc/integration/recaptcha.md
doc/integration/recaptcha.md
+7
-40
lib/gitlab/recaptcha.rb
lib/gitlab/recaptcha.rb
+14
-0
No files found.
app/controllers/admin/application_settings_controller.rb
View file @
a3469d91
...
...
@@ -75,6 +75,9 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
:metrics_pool_size
,
:metrics_timeout
,
:metrics_method_call_threshold
,
:recaptcha_enabled
,
:recaptcha_site_key
,
:recaptcha_private_key
,
restricted_visibility_levels:
[],
import_sources:
[]
)
...
...
app/controllers/registrations_controller.rb
View file @
a3469d91
...
...
@@ -7,7 +7,7 @@ class RegistrationsController < Devise::RegistrationsController
end
def
create
if
!
Gitlab
.
config
.
recaptcha
.
enabled
||
verify_recaptcha
if
Gitlab
::
Recaptcha
.
load_configurations!
&&
verify_recaptcha
super
else
flash
[
:alert
]
=
"There was an error with the reCAPTCHA code below. Please re-enter the code."
...
...
app/controllers/sessions_controller.rb
View file @
a3469d91
...
...
@@ -5,6 +5,7 @@ class SessionsController < Devise::SessionsController
prepend_before_action
:authenticate_with_two_factor
,
only:
[
:create
]
prepend_before_action
:store_redirect_path
,
only:
[
:new
]
before_action
:auto_sign_in_with_provider
,
only:
[
:new
]
before_action
:load_recaptcha
def
new
if
Gitlab
.
config
.
ldap
.
enabled
...
...
@@ -108,4 +109,8 @@ class SessionsController < Devise::SessionsController
AuditEventService
.
new
(
user
,
user
,
options
).
for_authentication
.
security_event
end
def
load_recaptcha
Gitlab
::
Recaptcha
.
load_configurations!
end
end
app/models/application_setting.rb
View file @
a3469d91
...
...
@@ -44,24 +44,32 @@ class ApplicationSetting < ActiveRecord::Base
attr_accessor
:restricted_signup_domains_raw
validates
:session_expire_delay
,
presence:
true
,
numericality:
{
only_integer:
true
,
greater_than_or_equal_to:
0
}
presence:
true
,
numericality:
{
only_integer:
true
,
greater_than_or_equal_to:
0
}
validates
:home_page_url
,
allow_blank:
true
,
url:
true
,
if: :home_page_url_column_exist
allow_blank:
true
,
url:
true
,
if: :home_page_url_column_exist
validates
:after_sign_out_path
,
allow_blank:
true
,
url:
true
allow_blank:
true
,
url:
true
validates
:admin_notification_email
,
allow_blank:
true
,
email:
true
allow_blank:
true
,
email:
true
validates
:two_factor_grace_period
,
numericality:
{
greater_than_or_equal_to:
0
}
numericality:
{
greater_than_or_equal_to:
0
}
validates
:recaptcha_site_key
,
presence:
true
,
if: :recaptcha_enabled
validates
:recaptcha_private_key
,
presence:
true
,
if: :recaptcha_enabled
validates_each
:restricted_visibility_levels
do
|
record
,
attr
,
value
|
unless
value
.
nil?
...
...
app/views/admin/application_settings/_form.html.haml
View file @
a3469d91
...
...
@@ -209,5 +209,27 @@
A method call is only tracked when it takes longer to complete than
the given amount of milliseconds.
%fieldset
%legend
Spam and Anti-bot Protection
.form-group
.col-sm-offset-2.col-sm-10
.checkbox
=
f
.
label
:recaptcha_enabled
do
=
f
.
check_box
:recaptcha_enabled
Enable reCAPTCHA
%span
.help-block
#recaptcha_help_block
Helps preventing bots from creating accounts
.form-group
=
f
.
label
:recaptcha_site_key
,
'reCAPTCHA Site Key'
,
class:
'control-label col-sm-2'
.col-sm-10
=
f
.
text_field
:recaptcha_site_key
,
class:
'form-control'
.help-block
Generate site and private keys here:
%a
{
href:
'http://www.google.com/recaptcha'
,
target:
'blank'
}
http://www.google.com/recaptcha
.form-group
=
f
.
label
:recaptcha_private_key
,
'reCAPTCHA Private Key'
,
class:
'control-label col-sm-2'
.col-sm-10
=
f
.
text_field
:recaptcha_private_key
,
class:
'form-control'
.form-actions
=
f
.
submit
'Save'
,
class:
'btn btn-primary'
app/views/devise/shared/_signup_box.html.haml
View file @
a3469d91
...
...
@@ -19,7 +19,7 @@
.form-group.append-bottom-20
#password-strength
=
f
.
password_field
:password
,
class:
"form-control bottom"
,
value:
user
[
:password
],
id:
"user_password_sign_up"
,
placeholder:
"Password"
,
required:
true
%div
-
if
Gitlab
.
config
.
recaptcha
.
enabled
-
if
current_application_settings
.
recaptcha_
enabled
=
recaptcha_tags
%div
=
f
.
submit
"Sign up"
,
class:
"btn-create btn"
...
...
config/gitlab.yml.example
View file @
a3469d91
...
...
@@ -346,12 +346,6 @@ production: &base
# cas3:
# session_duration: 28800
# reCAPTCHA settings. See: http://www.google.com/recaptcha
recaptcha:
enabled: false
public_key: 'YOUR_PUBLIC_KEY'
private_key: 'YOUR_PRIVATE_KEY'
# Shared file storage settings
shared:
# path: /mnt/gitlab # Default: shared
...
...
config/initializers/1_settings.rb
View file @
a3469d91
...
...
@@ -131,12 +131,6 @@ Settings.omniauth.cas3['session_duration'] ||= 8.hours
Settings
.
omniauth
[
'session_tickets'
]
||=
Settingslogic
.
new
({})
Settings
.
omniauth
.
session_tickets
[
'cas3'
]
=
'ticket'
# ReCAPTCHA settings
Settings
[
'recaptcha'
]
||=
Settingslogic
.
new
({})
Settings
.
recaptcha
[
'enabled'
]
=
false
if
Settings
.
recaptcha
[
'enabled'
].
nil?
Settings
.
recaptcha
[
'public_key'
]
||=
Settings
.
recaptcha
[
'public_key'
]
Settings
.
recaptcha
[
'private_key'
]
||=
Settings
.
recaptcha
[
'private_key'
]
Settings
[
'shared'
]
||=
Settingslogic
.
new
({})
Settings
.
shared
[
'path'
]
=
File
.
expand_path
(
Settings
.
shared
[
'path'
]
||
"shared"
,
Rails
.
root
)
...
...
config/initializers/recaptcha.rb
deleted
100644 → 0
View file @
af00558d
if
Gitlab
.
config
.
recaptcha
.
enabled
Recaptcha
.
configure
do
|
config
|
config
.
public_key
=
Gitlab
.
config
.
recaptcha
[
'public_key'
]
config
.
private_key
=
Gitlab
.
config
.
recaptcha
[
'private_key'
]
end
end
db/migrate/20151228175719_add_recaptcha_to_application_settings.rb
0 → 100644
View file @
a3469d91
class
AddRecaptchaToApplicationSettings
<
ActiveRecord
::
Migration
def
change
change_table
:application_settings
do
|
t
|
t
.
boolean
:recaptcha_enabled
,
default:
false
t
.
string
:recaptcha_site_key
t
.
string
:recaptcha_private_key
end
end
end
db/schema.rb
View file @
a3469d91
...
...
@@ -11,7 +11,7 @@
#
# It's strongly recommended that you check this file into your version control system.
ActiveRecord
::
Schema
.
define
(
version:
201512281
50906
)
do
ActiveRecord
::
Schema
.
define
(
version:
201512281
75719
)
do
# These are extensions that must be enabled in order to support this database
enable_extension
"plpgsql"
...
...
@@ -60,6 +60,9 @@ ActiveRecord::Schema.define(version: 20151228150906) do
t
.
integer
"metrics_pool_size"
,
default:
16
t
.
integer
"metrics_timeout"
,
default:
10
t
.
integer
"metrics_method_call_threshold"
,
default:
10
t
.
boolean
"recaptcha_enabled"
,
default:
false
t
.
string
"recaptcha_site_key"
t
.
string
"recaptcha_private_key"
end
create_table
"audit_events"
,
force: :cascade
do
|
t
|
...
...
doc/integration/recaptcha.md
View file @
a3469d91
...
...
@@ -6,51 +6,18 @@ to confirm that a real user, not a bot, is attempting to create an account.
## Configuration
To use reCAPTCHA, first you must create a
public
and private key.
To use reCAPTCHA, first you must create a
site
and private key.
1.
Go to the URL: https://www.google.com/recaptcha/admin
1
.
Fill out the form necessary to obtain reCAPTCHA keys.
2
.
Fill out the form necessary to obtain reCAPTCHA keys.
1.
On your GitLab server, open the configuration file
.
3.
Login to your GitLab server, with administrator credentials
.
For omnibus package:
4.
Go to Applications Settings on Admin Area (
`admin/application_settings`
)
```sh
sudo editor /etc/gitlab/gitlab.rb
```
5.
Fill all recaptcha fields with keys from previous steps
For installations from source:
6.
Check the
`Enable reCAPTCHA`
checkbox
```sh
cd /home/git/gitlab
sudo -u git -H editor config/gitlab.yml
```
1.
Enable reCAPTCHA and add the settings:
For omnibus package:
```ruby
gitlab_rails['recaptcha_enabled'] = true
gitlab_rails['recaptcha_public_key'] = 'YOUR_PUBLIC_KEY'
gitlab_rails['recaptcha_private_key'] = 'YOUR_PUBLIC_KEY'
```
For installation from source:
```
recaptcha:
enabled: true
public_key: 'YOUR_PUBLIC_KEY'
private_key: 'YOUR_PRIVATE_KEY'
```
1.
Change 'YOUR_PUBLIC_KEY' to the public key from step 2.
1.
Change 'YOUR_PRIVATE_KEY' to the private key from step 2.
1.
Save the configuration file.
1.
Restart GitLab.
7.
Save the configuration.
lib/gitlab/recaptcha.rb
0 → 100644
View file @
a3469d91
module
Gitlab
module
Recaptcha
def
self
.
load_configurations!
if
current_application_settings
.
recaptcha_enabled
::
Recaptcha
.
configure
do
|
config
|
config
.
public_key
=
current_application_settings
.
recaptcha_site_key
config
.
private_key
=
current_application_settings
.
recaptcha_private_key
end
true
end
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment