Add optional support for Google ReCAPTCHA service.

docs/configuration.rst

@@ -125,6 +125,12 @@ Note: this setting is actually interpreted by Flask-Babel, see the
 
 .. _Flask-Babel guide for formatting dates: https://pythonhosted.org/Flask-Babel/#formatting-dates
 
+`USE_RECAPTCHA`
+---------------
+
+It is possible to add Google ReCaptcha in order to filter out spammer bots on the form creation.
+In order to do so, you will need to configure the `RECAPTCHA_PUBLIC_KEY` and `RECAPTCHA_PRIVATE_KEY`
+settings, in addition to `USE_RECAPTCHA = True`.
 
 Configuring emails sending
 --------------------------

ihatemoney/conf-templates/ihatemoney.cfg.j2

@@ -38,3 +38,9 @@ ACTIVATE_ADMIN_DASHBOARD = False
 # You can change the timezone used to display time.  By default it will be
 #derived from the server OS.
 #BABEL_DEFAULT_TIMEZONE = "Europe/Paris"
+
+# You can setup Google RECAPTCHA if you want to. It can be helpful to filter
+# spammer bots.
+# ENABLE_RECAPTCHA = True
+# RECAPTCHA_PUBLIC_KEY = ""
+# RECAPTCHA_PRIVATE_KEY = ""

ihatemoney/default_settings.py

@@ -31,3 +31,4 @@ SUPPORTED_LANGUAGES = [
     "uk",
     "zh_Hans",
 ]
+ENABLE_RECAPTCHA = False

ihatemoney/forms.py

@@ -3,7 +3,7 @@ from re import match
 from types import SimpleNamespace
 
 import email_validator
-from flask import request
+from flask import request, current_app
 from flask_babel import lazy_gettext as _
 from flask_wtf.file import FileAllowed, FileField, FileRequired
 from flask_wtf.form import FlaskForm

ihatemoney/templates/forms.html

@@ -76,6 +76,7 @@
     {{ input(form.password) }}
     {{ input(form.contact_email) }}
     {{ input(form.default_currency) }}
+    {{ form.recaptcha }}
     {% if not home %}
     {{ submit(form.submit, home=True) }}
     {% endif %}
@@ -171,7 +172,7 @@
             </div>
         </div>
     </div>
-    
+
     <details class="mb-3">
         <summary class="mb-2">{{ _("More options") }}</summary>
         {% if g.project.default_currency != "XXX" %}

ihatemoney/web.py

@@ -31,6 +31,7 @@ from flask import (
 )
 from flask_babel import gettext as _
 from flask_mail import Message
+from flask_wtf import RecaptchaField
 from sqlalchemy import orm
 from sqlalchemy_continuum import Operation
 from werkzeug.exceptions import NotFound
@@ -253,10 +254,17 @@ def authenticate(project_id=None):
 
     return render_template("authenticate.html", form=form)
 
+def get_project_form():
+    class _ProjectForm(ProjectForm):
+        pass
+
+    if current_app.config.get("ENABLE_RECAPTCHA", False):
+        setattr(_ProjectForm, "recaptcha", RecaptchaField())
+    return _ProjectForm()
 
 @main.route("/", strict_slashes=False)
 def home():
-    project_form = ProjectForm()
+    project_form = get_project_form()
     auth_form = AuthenticationForm()
     is_demo_project_activated = current_app.config["ACTIVATE_DEMO_PROJECT"]
     is_public_project_creation_allowed = current_app.config[
@@ -281,7 +289,7 @@ def mobile():
 @main.route("/create", methods=["GET", "POST"])
 @requires_admin(bypass=("ALLOW_PUBLIC_PROJECT_CREATION", True))
 def create_project():
-    form = ProjectForm()
+    form = get_project_form()
     if request.method == "GET" and "project_id" in request.values:
         form.name.data = request.values["project_id"]