GRN2-125: Added a configurable reCAPTCHA on sign up (#502)

* Added a configurable reCAPTCHA on sign up

* Added missing code

Gemfile

@@ -119,3 +119,6 @@ gem 'tzinfo-data', platforms: [:mingw, :mswin, :x64_mingw, :jruby]
 gem 'coveralls', require: false
 
 gem 'random_password'
+
+# Adds helpers for the Google reCAPTCHA API
+gem "recaptcha"

Gemfile.lock

@@ -220,6 +220,8 @@ GEM
     rb-fsevent (0.10.3)
     rb-inotify (0.9.10)
       ffi (>= 0.5.0, < 2)
+    recaptcha (4.14.0)
+      json
     redcarpet (3.4.0)
     redis (3.3.5)
     remote_syslog_logger (1.0.4)
@@ -363,6 +365,7 @@ DEPENDENCIES
   rails (~> 5.0.7)
   rails-controller-testing
   random_password
+  recaptcha
   redcarpet
   redis (~> 3.0)
   remote_syslog_logger

app/controllers/users_controller.rb

@@ -31,8 +31,15 @@ class UsersController < ApplicationController
     @user = User.new(user_params)
     @user.provider = @user_domain
 
-    # Handle error on user creation.
+    # Add validation errors to model if they exist
-    render(:new) && return unless @user.save
+    valid_user = @user.valid?
+    valid_captcha = config.recaptcha_enabled ? verify_recaptcha(model: @user) : true
+
+    if valid_user && valid_captcha
+      @user.save
+    else
+      render(:new) && return
+    end
 
     # Sign in automatically if email verification is disabled.
     login(@user) && return unless Rails.configuration.enable_email_verification

app/helpers/users_helper.rb

@@ -17,4 +17,7 @@
 # with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
 
 module UsersHelper
+  def recaptcha_enabled?
+    config.recaptcha_enabled
+  end
 end

app/views/users/new.html.erb

@@ -70,8 +70,13 @@
               </div>
             <% end %>
             <div class="card-footer px-0 pb-0">
+              <% if recaptcha_enabled? %>
+                <div class="form-group">
+                  <%= recaptcha_tags %>
+                  <div class="invalid-feedback d-block"><%= @user.errors.full_messages_for(:base).first %></div>
+                </div>
+              <% end %>
               <%= f.submit t("signup.title"), class: "btn btn-primary btn-block signin-button" %>
-              <%= link_to t("cancel"), root_path, class: "btn btn-secondary btn-block signin-button" %>
             </div>
           <% end %>
         </div>

config/application.rb

@@ -108,5 +108,8 @@ module Greenlight
 
     # Number of rows to display per page
     config.pagination_rows = ENV['NUMBER_OF_ROWS'].to_i.zero? ? 10 : ENV['NUMBER_OF_ROWS'].to_i
+
+    # Whether the user has defined the variables required for recaptcha
+    config.recaptcha_enabled = ENV['RECAPTCHA_SITE_KEY'].present? && ENV['RECAPTCHA_SECRET_KEY'].present?
   end
 end

config/locales/en.yml

@@ -210,6 +210,10 @@ en:
     google: Google
     microsoft_office365: Office 365
     twitter: Twitter
+  recaptcha:
+    errors:
+      recaptcha_unreachable: Oops, we failed to validate your reCAPTCHA response. Please try again.
+      verification_failed: reCAPTCHA verification failed, please try again.
   recording:
     all_recordings: All Recordings
     email: Email Recording

sample.env

@@ -78,6 +78,14 @@ LDAP_PASSWORD=
 #
 ALLOW_GREENLIGHT_ACCOUNTS=true
 
+# To enable reCaptcha on the user sign up, define these 2 keys
+# You can obtain these keys by registering your domain using the following url: 
+#
+#  https://www.google.com/recaptcha/admin
+#
+RECAPTCHA_SITE_KEY=
+RECAPTCHA_SECRET_KEY=
+
 # Set this to true if you want GreenLight to send verification emails upon
 # the creation of a new account
 #