Updated captcha management
authorThierry Florac <tflorac@ulthar.net>
Wed, 16 Oct 2019 18:46:28 +0200
changeset 489 41766d8b53d7
parent 488 61fdcc1d5511
child 490 9fe4157cf405
Updated captcha management
src/pyams_default_theme/shared/form/__init__.py
src/pyams_default_theme/shared/form/templates/recaptcha.pt
--- a/src/pyams_default_theme/shared/form/__init__.py	Wed Oct 16 15:09:12 2019 +0200
+++ b/src/pyams_default_theme/shared/form/__init__.py	Wed Oct 16 18:46:28 2019 +0200
@@ -18,7 +18,8 @@
 from zope.interface import Interface, Invalid, alsoProvides
 from zope.schema import Bool, TextLine
 
-from pyams_content.shared.form import IFormFieldContainer, IFormFieldContainerTarget, IWfForm
+from pyams_content.shared.form import IFormFieldContainer, IFormFieldContainerTarget, IWfForm, \
+    IFormsManager
 from pyams_content.shared.form.interfaces import IFormFieldDataConverter
 from pyams_default_theme.component.paragraph.interfaces import IParagraphContainerPortletRenderer
 from pyams_default_theme.interfaces import IContentTitle
@@ -35,6 +36,7 @@
 from pyams_utils.interfaces import PUBLIC_PERMISSION, VIEW_PERMISSION
 from pyams_utils.interfaces.data import IObjectData
 from pyams_utils.text import text_to_html
+from pyams_utils.traversing import get_parent
 from pyams_utils.url import relative_url
 from pyams_viewlet.viewlet import ViewContentProvider, Viewlet, viewlet_config
 
@@ -166,17 +168,20 @@
                 # remove custom data fields from handler data
                 if CSRF_FIELD_NAME in data:
                     del data[CSRF_FIELD_NAME]
-                if form.use_captcha:
+                captcha_settings = form.get_captcha_settings()
+                if captcha_settings.get('use_captcha'):
                     if RECAPTCHA_FIELD_NAME not in data:
                         self.add_error(Invalid(MISSING_TOKEN_ERROR), RECAPTCHA_FIELD_NAME)
                         return
-                    proxies = {'https': form.captcha_proxy} if form.captcha_proxy else {}
+                    manager = get_parent(form, IFormsManager)
+                    proxy_url = manager.get_proxy_url(request)
+                    proxies = {'https': proxy_url} if proxy_url else {}
                     recaptcha_verify_api = \
                         request.registry.settings.get('pyams.recaptcha.verify')
                     if not recaptcha_verify_api:
                         recaptcha_verify_api = 'https://www.google.com/recaptcha/api/siteverify'
                     verify = requests.post(recaptcha_verify_api, {
-                        'secret': form.server_captcha_key,
+                        'secret': captcha_settings.get('server_key'),
                         'response': data[RECAPTCHA_FIELD_NAME]
                     }, proxies=proxies).json()
                     if not verify['success']:
@@ -222,7 +227,8 @@
     """Form captcha viewlet"""
 
     def __new__(cls, context, request, view, manager):
-        if not context.use_captcha:
+        settings = context.get_captcha_settings()
+        if not settings.get('use_captcha'):
             return None
         return Viewlet.__new__(cls)
 
--- a/src/pyams_default_theme/shared/form/templates/recaptcha.pt	Wed Oct 16 15:09:12 2019 +0200
+++ b/src/pyams_default_theme/shared/form/templates/recaptcha.pt	Wed Oct 16 18:46:28 2019 +0200
@@ -1,1 +1,1 @@
-<script src="https://www.google.com/recaptcha/api.js?render=${context.client_captcha_key}"></script>
\ No newline at end of file
+<script src="https://www.google.com/recaptcha/api.js?render=${context.get_captcha_settings()['client_key']}"></script>
\ No newline at end of file