Commit 58bc4b72 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Merge branch 'feature/recaptcha_settings' into 'master'

Makes reCAPTCHA configurable through Application Settings screen

Following the work made by @stanhu here: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/2216, made it configurable without needing to restart Gitlab

See merge request !2231
parents f0ecd69b e619d0b6
......@@ -75,6 +75,9 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
:metrics_pool_size,
:metrics_timeout,
:metrics_method_call_threshold,
:recaptcha_enabled,
:recaptcha_site_key,
:recaptcha_private_key,
restricted_visibility_levels: [],
import_sources: []
)
......
......@@ -7,7 +7,7 @@ class RegistrationsController < Devise::RegistrationsController
end
def create
if !Gitlab.config.recaptcha.enabled || verify_recaptcha
if !Gitlab::Recaptcha.load_configurations! || verify_recaptcha
super
else
flash[:alert] = "There was an error with the reCAPTCHA code below. Please re-enter the code."
......
......@@ -5,6 +5,7 @@ class SessionsController < Devise::SessionsController
prepend_before_action :authenticate_with_two_factor, only: [:create]
prepend_before_action :store_redirect_path, only: [:new]
before_action :auto_sign_in_with_provider, only: [:new]
before_action :load_recaptcha
def new
if Gitlab.config.ldap.enabled
......@@ -108,4 +109,8 @@ class SessionsController < Devise::SessionsController
AuditEventService.new(user, user, options).
for_authentication.security_event
end
def load_recaptcha
Gitlab::Recaptcha.load_configurations!
end
end
......@@ -63,6 +63,14 @@ class ApplicationSetting < ActiveRecord::Base
validates :two_factor_grace_period,
numericality: { greater_than_or_equal_to: 0 }
validates :recaptcha_site_key,
presence: true,
if: :recaptcha_enabled
validates :recaptcha_private_key,
presence: true,
if: :recaptcha_enabled
validates_each :restricted_visibility_levels do |record, attr, value|
unless value.nil?
value.each do |level|
......
......@@ -209,5 +209,27 @@
A method call is only tracked when it takes longer to complete than
the given amount of milliseconds.
%fieldset
%legend Spam and Anti-bot Protection
.form-group
.col-sm-offset-2.col-sm-10
.checkbox
= f.label :recaptcha_enabled do
= f.check_box :recaptcha_enabled
Enable reCAPTCHA
%span.help-block#recaptcha_help_block Helps preventing bots from creating accounts
.form-group
= f.label :recaptcha_site_key, 'reCAPTCHA Site Key', class: 'control-label col-sm-2'
.col-sm-10
= f.text_field :recaptcha_site_key, class: 'form-control'
.help-block
Generate site and private keys here:
%a{ href: 'http://www.google.com/recaptcha', target: 'blank'} http://www.google.com/recaptcha
.form-group
= f.label :recaptcha_private_key, 'reCAPTCHA Private Key', class: 'control-label col-sm-2'
.col-sm-10
= f.text_field :recaptcha_private_key, class: 'form-control'
.form-actions
= f.submit 'Save', class: 'btn btn-primary'
......@@ -19,7 +19,7 @@
.form-group.append-bottom-20#password-strength
= f.password_field :password, class: "form-control bottom", value: user[:password], id: "user_password_sign_up", placeholder: "Password", required: true
%div
- if Gitlab.config.recaptcha.enabled
- if current_application_settings.recaptcha_enabled
= recaptcha_tags
%div
= f.submit "Sign up", class: "btn-create btn"
......
......@@ -346,12 +346,6 @@ production: &base
# cas3:
# session_duration: 28800
# reCAPTCHA settings. See: http://www.google.com/recaptcha
recaptcha:
enabled: false
public_key: 'YOUR_PUBLIC_KEY'
private_key: 'YOUR_PRIVATE_KEY'
# Shared file storage settings
shared:
# path: /mnt/gitlab # Default: shared
......
......@@ -131,12 +131,6 @@ Settings.omniauth.cas3['session_duration'] ||= 8.hours
Settings.omniauth['session_tickets'] ||= Settingslogic.new({})
Settings.omniauth.session_tickets['cas3'] = 'ticket'
# ReCAPTCHA settings
Settings['recaptcha'] ||= Settingslogic.new({})
Settings.recaptcha['enabled'] = false if Settings.recaptcha['enabled'].nil?
Settings.recaptcha['public_key'] ||= Settings.recaptcha['public_key']
Settings.recaptcha['private_key'] ||= Settings.recaptcha['private_key']
Settings['shared'] ||= Settingslogic.new({})
Settings.shared['path'] = File.expand_path(Settings.shared['path'] || "shared", Rails.root)
......
if Gitlab.config.recaptcha.enabled
Recaptcha.configure do |config|
config.public_key = Gitlab.config.recaptcha['public_key']
config.private_key = Gitlab.config.recaptcha['private_key']
end
end
class AddRecaptchaToApplicationSettings < ActiveRecord::Migration
def change
change_table :application_settings do |t|
t.boolean :recaptcha_enabled, default: false
t.string :recaptcha_site_key
t.string :recaptcha_private_key
end
end
end
......@@ -11,7 +11,7 @@
#
# It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 20151228150906) do
ActiveRecord::Schema.define(version: 20151228175719) do
# These are extensions that must be enabled in order to support this database
enable_extension "plpgsql"
......@@ -60,6 +60,9 @@ ActiveRecord::Schema.define(version: 20151228150906) do
t.integer "metrics_pool_size", default: 16
t.integer "metrics_timeout", default: 10
t.integer "metrics_method_call_threshold", default: 10
t.boolean "recaptcha_enabled", default: false
t.string "recaptcha_site_key"
t.string "recaptcha_private_key"
end
create_table "audit_events", force: :cascade do |t|
......
......@@ -6,51 +6,18 @@ to confirm that a real user, not a bot, is attempting to create an account.
## Configuration
To use reCAPTCHA, first you must create a public and private key.
To use reCAPTCHA, first you must create a site and private key.
1. Go to the URL: https://www.google.com/recaptcha/admin
1. Fill out the form necessary to obtain reCAPTCHA keys.
2. Fill out the form necessary to obtain reCAPTCHA keys.
1. On your GitLab server, open the configuration file.
3. Login to your GitLab server, with administrator credentials.
For omnibus package:
4. Go to Applications Settings on Admin Area (`admin/application_settings`)
```sh
sudo editor /etc/gitlab/gitlab.rb
```
5. Fill all recaptcha fields with keys from previous steps
For installations from source:
6. Check the `Enable reCAPTCHA` checkbox
```sh
cd /home/git/gitlab
sudo -u git -H editor config/gitlab.yml
```
1. Enable reCAPTCHA and add the settings:
For omnibus package:
```ruby
gitlab_rails['recaptcha_enabled'] = true
gitlab_rails['recaptcha_public_key'] = 'YOUR_PUBLIC_KEY'
gitlab_rails['recaptcha_private_key'] = 'YOUR_PUBLIC_KEY'
```
For installation from source:
```
recaptcha:
enabled: true
public_key: 'YOUR_PUBLIC_KEY'
private_key: 'YOUR_PRIVATE_KEY'
```
1. Change 'YOUR_PUBLIC_KEY' to the public key from step 2.
1. Change 'YOUR_PRIVATE_KEY' to the private key from step 2.
1. Save the configuration file.
1. Restart GitLab.
7. Save the configuration.
module Gitlab
module Recaptcha
def self.load_configurations!
if current_application_settings.recaptcha_enabled
::Recaptcha.configure do |config|
config.public_key = current_application_settings.recaptcha_site_key
config.private_key = current_application_settings.recaptcha_private_key
end
true
end
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment