Add config for setting the recaptcha verify api endpoint, so we can test it in sytest

This commit is contained in:
Mark Haines 2015-05-29 12:11:40 +01:00
parent 99eb1172b0
commit d94590ed48
2 changed files with 7 additions and 3 deletions

View file

@ -26,6 +26,7 @@ class CaptchaConfig(Config):
config["captcha_ip_origin_is_x_forwarded"] config["captcha_ip_origin_is_x_forwarded"]
) )
self.captcha_bypass_secret = config.get("captcha_bypass_secret") self.captcha_bypass_secret = config.get("captcha_bypass_secret")
self.recaptcha_siteverify_api = config["recaptcha_siteverify_api"]
def default_config(self, config_dir_path, server_name): def default_config(self, config_dir_path, server_name):
return """\ return """\
@ -48,4 +49,7 @@ class CaptchaConfig(Config):
# A secret key used to bypass the captcha test entirely. # A secret key used to bypass the captcha test entirely.
#captcha_bypass_secret: "YOUR_SECRET_HERE" #captcha_bypass_secret: "YOUR_SECRET_HERE"
# The API endpoint to use for verifying m.login.recaptcha responses.
recaptcha_siteverify_api: "https://www.google.com/recaptcha/api/siteverify"
""" """

View file

@ -187,8 +187,8 @@ class AuthHandler(BaseHandler):
# each request # each request
try: try:
client = SimpleHttpClient(self.hs) client = SimpleHttpClient(self.hs)
data = yield client.post_urlencoded_get_json( resp_body = yield client.post_urlencoded_get_json(
"https://www.google.com/recaptcha/api/siteverify", self.hs.config.recaptcha_siteverify_api,
args={ args={
'secret': self.hs.config.recaptcha_private_key, 'secret': self.hs.config.recaptcha_private_key,
'response': user_response, 'response': user_response,
@ -198,7 +198,7 @@ class AuthHandler(BaseHandler):
except PartialDownloadError as pde: except PartialDownloadError as pde:
# Twisted is silly # Twisted is silly
data = pde.response data = pde.response
resp_body = simplejson.loads(data) resp_body = simplejson.loads(data)
if 'success' in resp_body and resp_body['success']: if 'success' in resp_body and resp_body['success']:
defer.returnValue(True) defer.returnValue(True)
raise LoginError(401, "", errcode=Codes.UNAUTHORIZED) raise LoginError(401, "", errcode=Codes.UNAUTHORIZED)