diff --git a/docs/configuration.rst b/docs/configuration.rst index b0733a8a..0ba3678b 100644 --- a/docs/configuration.rst +++ b/docs/configuration.rst @@ -125,6 +125,12 @@ Note: this setting is actually interpreted by Flask-Babel, see the .. _Flask-Babel guide for formatting dates: https://pythonhosted.org/Flask-Babel/#formatting-dates +`USE_RECAPTCHA` +--------------- + +It is possible to add Google ReCaptcha in order to filter out spammer bots on the form creation. +In order to do so, you will need to configure the `RECAPTCHA_PUBLIC_KEY` and `RECAPTCHA_PRIVATE_KEY` +settings, in addition to `USE_RECAPTCHA = True`. Configuring emails sending -------------------------- diff --git a/ihatemoney/conf-templates/ihatemoney.cfg.j2 b/ihatemoney/conf-templates/ihatemoney.cfg.j2 index 0188c6b1..474fbaca 100644 --- a/ihatemoney/conf-templates/ihatemoney.cfg.j2 +++ b/ihatemoney/conf-templates/ihatemoney.cfg.j2 @@ -38,3 +38,9 @@ ACTIVATE_ADMIN_DASHBOARD = False # You can change the timezone used to display time. By default it will be #derived from the server OS. #BABEL_DEFAULT_TIMEZONE = "Europe/Paris" + +# You can setup Google RECAPTCHA if you want to. It can be helpful to filter +# spammer bots. +# ENABLE_RECAPTCHA = True +# RECAPTCHA_PUBLIC_KEY = "" +# RECAPTCHA_PRIVATE_KEY = "" diff --git a/ihatemoney/default_settings.py b/ihatemoney/default_settings.py index 9050bbeb..5dfc3c90 100644 --- a/ihatemoney/default_settings.py +++ b/ihatemoney/default_settings.py @@ -31,3 +31,4 @@ SUPPORTED_LANGUAGES = [ "uk", "zh_Hans", ] +ENABLE_RECAPTCHA = False diff --git a/ihatemoney/forms.py b/ihatemoney/forms.py index fe1bdcc7..dc282225 100644 --- a/ihatemoney/forms.py +++ b/ihatemoney/forms.py @@ -3,7 +3,7 @@ from re import match from types import SimpleNamespace import email_validator -from flask import request +from flask import request, current_app from flask_babel import lazy_gettext as _ from flask_wtf.file import FileAllowed, FileField, FileRequired from flask_wtf.form import FlaskForm diff --git a/ihatemoney/templates/forms.html b/ihatemoney/templates/forms.html index a9965564..8b8dce77 100644 --- a/ihatemoney/templates/forms.html +++ b/ihatemoney/templates/forms.html @@ -76,6 +76,7 @@ {{ input(form.password) }} {{ input(form.contact_email) }} {{ input(form.default_currency) }} + {{ form.recaptcha }} {% if not home %} {{ submit(form.submit, home=True) }} {% endif %} @@ -171,7 +172,7 @@ - +
{{ _("More options") }} {% if g.project.default_currency != "XXX" %} diff --git a/ihatemoney/web.py b/ihatemoney/web.py index 712d2b0e..7370ac25 100644 --- a/ihatemoney/web.py +++ b/ihatemoney/web.py @@ -31,6 +31,7 @@ from flask import ( ) from flask_babel import gettext as _ from flask_mail import Message +from flask_wtf import RecaptchaField from sqlalchemy import orm from sqlalchemy_continuum import Operation from werkzeug.exceptions import NotFound @@ -253,10 +254,17 @@ def authenticate(project_id=None): return render_template("authenticate.html", form=form) +def get_project_form(): + class _ProjectForm(ProjectForm): + pass + + if current_app.config.get("ENABLE_RECAPTCHA", False): + setattr(_ProjectForm, "recaptcha", RecaptchaField()) + return _ProjectForm() @main.route("/", strict_slashes=False) def home(): - project_form = ProjectForm() + project_form = get_project_form() auth_form = AuthenticationForm() is_demo_project_activated = current_app.config["ACTIVATE_DEMO_PROJECT"] is_public_project_creation_allowed = current_app.config[ @@ -281,7 +289,7 @@ def mobile(): @main.route("/create", methods=["GET", "POST"]) @requires_admin(bypass=("ALLOW_PUBLIC_PROJECT_CREATION", True)) def create_project(): - form = ProjectForm() + form = get_project_form() if request.method == "GET" and "project_id" in request.values: form.name.data = request.values["project_id"]