Mercurial > p > roundup > code
comparison roundup/cgi/actions.py @ 5973:fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
Took the code by erik forsberg and massaged it into the core.
So this is no longer needed in the tracker.
Updated devel and responsive trackers to remove timestamp.py and
update input field name.
Docs, changes and tests complete. Hopefully these tracker changes
won't cause an issue for other tests.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sat, 09 Nov 2019 00:30:37 -0500 |
| parents | 5d0873a4de4a |
| children | 71c68961d9f4 |
comparison
equal
deleted
inserted
replaced
| 5972:ae35daa5baab | 5973:fe334430ca07 |
|---|---|
| 4 from roundup.actions import Action as BaseAction | 4 from roundup.actions import Action as BaseAction |
| 5 from roundup.i18n import _ | 5 from roundup.i18n import _ |
| 6 from roundup.cgi import exceptions, templating | 6 from roundup.cgi import exceptions, templating |
| 7 from roundup.mailgw import uidFromAddress | 7 from roundup.mailgw import uidFromAddress |
| 8 from roundup.rate_limit import Gcra, RateLimit | 8 from roundup.rate_limit import Gcra, RateLimit |
| 9 from roundup.cgi.timestamp import Timestamped | |
| 9 from roundup.exceptions import Reject, RejectRaw | 10 from roundup.exceptions import Reject, RejectRaw |
| 10 from roundup.anypy import urllib_ | 11 from roundup.anypy import urllib_ |
| 11 from roundup.anypy.strings import StringIO | 12 from roundup.anypy.strings import StringIO |
| 12 import roundup.anypy.random_ as random_ | 13 import roundup.anypy.random_ as random_ |
| 13 | 14 |
| 1034 except (ValueError, KeyError) as message: | 1035 except (ValueError, KeyError) as message: |
| 1035 self.client.add_error_message(str(message)) | 1036 self.client.add_error_message(str(message)) |
| 1036 return | 1037 return |
| 1037 return self.finishRego() | 1038 return self.finishRego() |
| 1038 | 1039 |
| 1039 class RegisterAction(RegoCommon, EditCommon): | 1040 class RegisterAction(RegoCommon, EditCommon, Timestamped): |
| 1040 name = 'register' | 1041 name = 'register' |
| 1041 permissionType = 'Register' | 1042 permissionType = 'Register' |
| 1042 | 1043 |
| 1043 def handle(self): | 1044 def handle(self): |
| 1044 """Attempt to create a new user based on the contents of the form | 1045 """Attempt to create a new user based on the contents of the form |
| 1048 """ | 1049 """ |
| 1049 # ensure modification comes via POST | 1050 # ensure modification comes via POST |
| 1050 if self.client.env['REQUEST_METHOD'] != 'POST': | 1051 if self.client.env['REQUEST_METHOD'] != 'POST': |
| 1051 raise Reject(self._('Invalid request')) | 1052 raise Reject(self._('Invalid request')) |
| 1052 | 1053 |
| 1054 # try to make sure user is not a bot by checking the | |
| 1055 # hidden field opaqueregister to make sure it's at least | |
| 1056 # WEB_REGISTRATION_DELAY seconds. If set to 0, | |
| 1057 # disable the check. | |
| 1058 delaytime = self.db.config['WEB_REGISTRATION_DELAY'] | |
| 1059 | |
| 1060 if delaytime > 0: | |
| 1061 self.timecheck('opaqueregister', delaytime) | |
| 1062 | |
| 1053 # parse the props from the form | 1063 # parse the props from the form |
| 1054 try: | 1064 try: |
| 1055 props, links = self.client.parsePropsFromForm(create=1) | 1065 props, links = self.client.parsePropsFromForm(create=1) |
| 1056 except (ValueError, KeyError) as message: | 1066 except (ValueError, KeyError) as message: |
| 1057 self.client.add_error_message(self._('Error: %s') | 1067 self.client.add_error_message(self._('Error: %s') |