Add config opion for XFF headers when performing ReCaptcha auth.
This commit is contained in:
parent
1829b55bb0
commit
37e53513b6
|
@ -20,6 +20,7 @@ class CaptchaConfig(Config):
|
|||
super(CaptchaConfig, self).__init__(args)
|
||||
self.recaptcha_private_key = args.recaptcha_private_key
|
||||
self.enable_registration_captcha = args.enable_registration_captcha
|
||||
self.captcha_ip_origin_is_x_forwarded = args.captcha_ip_origin_is_x_forwarded
|
||||
|
||||
@classmethod
|
||||
def add_arguments(cls, parser):
|
||||
|
@ -33,4 +34,9 @@ class CaptchaConfig(Config):
|
|||
"--enable-registration-captcha", type=bool, default=False,
|
||||
help="Enables ReCaptcha checks when registering, preventing signup "+
|
||||
"unless a captcha is answered. Requires a valid ReCaptcha public/private key."
|
||||
)
|
||||
group.add_argument(
|
||||
"--captcha_ip_origin_is_x_forwarded", type=bool, default=False,
|
||||
help="When checking captchas, use the X-Forwarded-For (XFF) header as the client IP "+
|
||||
"and not the actual client IP."
|
||||
)
|
|
@ -59,6 +59,7 @@ class RegistrationHandler(BaseHandler):
|
|||
captcha_info["response"]
|
||||
)
|
||||
if not captcha_response["valid"]:
|
||||
logger.info("Invalid captcha entered from %s", captcha_info["ip"])
|
||||
raise InvalidCaptchaError(
|
||||
error_url=captcha_response["error_url"]
|
||||
)
|
||||
|
|
|
@ -66,8 +66,11 @@ class RegisterRestServlet(RestServlet):
|
|||
|
||||
# TODO determine the source IP : May be an X-Forwarding-For header depending on config
|
||||
ip_addr = request.getClientIP()
|
||||
#if self.hs.config.captcha_ip_origin_is_x_forwarded:
|
||||
# # use the header
|
||||
if self.hs.config.captcha_ip_origin_is_x_forwarded:
|
||||
# use the header
|
||||
if request.requestHeaders.hasHeader("X-Forwarded-For"):
|
||||
ip_addr = request.requestHeaders.getRawHeaders(
|
||||
"X-Forwarded-For")[0]
|
||||
|
||||
captcha = {
|
||||
"ip": ip_addr,
|
||||
|
|
Loading…
Reference in New Issue