Fix captcha (#14488)

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
release/v1.15
Lunny Xiao 2021-01-27 22:56:54 +08:00 committed by GitHub
parent 669ff8e9b1
commit 41c0776568
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 30 additions and 49 deletions

View File

@ -27,24 +27,6 @@ func newCache(cacheConfig setting.Cache) (mc.Cache, error) {
}) })
} }
// Cache is the interface that operates the cache data.
type Cache interface {
// Put puts value into cache with key and expire time.
Put(key string, val interface{}, timeout int64) error
// Get gets cached value by given key.
Get(key string) interface{}
// Delete deletes cached value by given key.
Delete(key string) error
// Incr increases cached int-type value by given key as a counter.
Incr(key string) error
// Decr decreases cached int-type value by given key as a counter.
Decr(key string) error
// IsExist returns true if cached value exists.
IsExist(key string) bool
// Flush deletes all cached data.
Flush() error
}
// NewContext start cache service // NewContext start cache service
func NewContext() error { func NewContext() error {
var err error var err error
@ -59,7 +41,7 @@ func NewContext() error {
} }
// GetCache returns the currently configured cache // GetCache returns the currently configured cache
func GetCache() Cache { func GetCache() mc.Cache {
return conn return conn
} }

View File

@ -7,6 +7,7 @@ package context
import ( import (
"sync" "sync"
"code.gitea.io/gitea/modules/cache"
"code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/setting"
"gitea.com/go-chi/captcha" "gitea.com/go-chi/captcha"
@ -21,6 +22,7 @@ func GetImageCaptcha() *captcha.Captcha {
cpt = captcha.NewCaptcha(captcha.Options{ cpt = captcha.NewCaptcha(captcha.Options{
SubURL: setting.AppSubURL, SubURL: setting.AppSubURL,
}) })
cpt.Store = cache.GetCache()
}) })
return cpt return cpt
} }

View File

@ -23,6 +23,7 @@ import (
"code.gitea.io/gitea/models" "code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/auth/sso" "code.gitea.io/gitea/modules/auth/sso"
"code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/base"
mc "code.gitea.io/gitea/modules/cache"
"code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/middlewares" "code.gitea.io/gitea/modules/middlewares"
"code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/setting"
@ -499,23 +500,8 @@ func getCsrfOpts() CsrfOptions {
// Contexter initializes a classic context for a request. // Contexter initializes a classic context for a request.
func Contexter() func(next http.Handler) http.Handler { func Contexter() func(next http.Handler) http.Handler {
rnd := templates.HTMLRenderer() var rnd = templates.HTMLRenderer()
var c cache.Cache
var err error
if setting.CacheService.Enabled {
c, err = cache.NewCacher(cache.Options{
Adapter: setting.CacheService.Adapter,
AdapterConfig: setting.CacheService.Conn,
Interval: setting.CacheService.Interval,
})
if err != nil {
panic(err)
}
}
var csrfOpts = getCsrfOpts() var csrfOpts = getCsrfOpts()
//var flashEncryptionKey, _ = NewSecret()
return func(next http.Handler) http.Handler { return func(next http.Handler) http.Handler {
return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) {
@ -524,7 +510,7 @@ func Contexter() func(next http.Handler) http.Handler {
var link = setting.AppSubURL + strings.TrimSuffix(req.URL.EscapedPath(), "/") var link = setting.AppSubURL + strings.TrimSuffix(req.URL.EscapedPath(), "/")
var ctx = Context{ var ctx = Context{
Resp: NewResponse(resp), Resp: NewResponse(resp),
Cache: c, Cache: mc.GetCache(),
Locale: locale, Locale: locale,
Link: link, Link: link,
Render: rnd, Render: rnd,
@ -571,16 +557,14 @@ func Contexter() func(next http.Handler) http.Handler {
} }
ctx.Resp.Before(func(resp ResponseWriter) { ctx.Resp.Before(func(resp ResponseWriter) {
if flash := f.Encode(); len(flash) > 0 { if flash := f.Encode(); len(flash) > 0 {
if err == nil { middlewares.SetCookie(resp, "macaron_flash", flash, 0,
middlewares.SetCookie(resp, "macaron_flash", flash, 0, setting.SessionConfig.CookiePath,
setting.SessionConfig.CookiePath, middlewares.Domain(setting.SessionConfig.Domain),
middlewares.Domain(setting.SessionConfig.Domain), middlewares.HTTPOnly(true),
middlewares.HTTPOnly(true), middlewares.Secure(setting.SessionConfig.Secure),
middlewares.Secure(setting.SessionConfig.Secure), //middlewares.SameSite(opt.SameSite), FIXME: we need a samesite config
//middlewares.SameSite(opt.SameSite), FIXME: we need a samesite config )
) return
return
}
} }
ctx.SetCookie("macaron_flash", "", -1, ctx.SetCookie("macaron_flash", "", -1,

View File

@ -68,6 +68,10 @@ func newCacheService() {
if CacheService.Enabled { if CacheService.Enabled {
log.Info("Cache Service Enabled") log.Info("Cache Service Enabled")
} else {
log.Warn("Cache Service Disabled so that captcha disabled too")
// captcha depends on cache service
Service.EnableCaptcha = false
} }
sec = Cfg.Section("cache.last_commit") sec = Cfg.Section("cache.last_commit")

View File

@ -161,7 +161,9 @@ func WebRoutes() *web.Route {
mailer.InitMailRender(templates.Mailer()) mailer.InitMailRender(templates.Mailer())
r.Use(captcha.Captchaer(context.GetImageCaptcha())) if setting.Service.EnableCaptcha {
r.Use(captcha.Captchaer(context.GetImageCaptcha()))
}
// Removed: toolbox.Toolboxer middleware will provide debug informations which seems unnecessary // Removed: toolbox.Toolboxer middleware will provide debug informations which seems unnecessary
r.Use(context.Contexter()) r.Use(context.Contexter())
// Removed: SetAutoHead allow a get request redirect to head if get method is not exist // Removed: SetAutoHead allow a get request redirect to head if get method is not exist

View File

@ -747,6 +747,7 @@ func LinkAccount(ctx *context.Context) {
ctx.Data["Title"] = ctx.Tr("link_account") ctx.Data["Title"] = ctx.Tr("link_account")
ctx.Data["LinkAccountMode"] = true ctx.Data["LinkAccountMode"] = true
ctx.Data["EnableCaptcha"] = setting.Service.EnableCaptcha && setting.Service.RequireExternalRegistrationCaptcha ctx.Data["EnableCaptcha"] = setting.Service.EnableCaptcha && setting.Service.RequireExternalRegistrationCaptcha
ctx.Data["Captcha"] = context.GetImageCaptcha()
ctx.Data["CaptchaType"] = setting.Service.CaptchaType ctx.Data["CaptchaType"] = setting.Service.CaptchaType
ctx.Data["RecaptchaURL"] = setting.Service.RecaptchaURL ctx.Data["RecaptchaURL"] = setting.Service.RecaptchaURL
ctx.Data["RecaptchaSitekey"] = setting.Service.RecaptchaSitekey ctx.Data["RecaptchaSitekey"] = setting.Service.RecaptchaSitekey
@ -800,6 +801,7 @@ func LinkAccountPostSignIn(ctx *context.Context) {
ctx.Data["LinkAccountModeSignIn"] = true ctx.Data["LinkAccountModeSignIn"] = true
ctx.Data["EnableCaptcha"] = setting.Service.EnableCaptcha && setting.Service.RequireExternalRegistrationCaptcha ctx.Data["EnableCaptcha"] = setting.Service.EnableCaptcha && setting.Service.RequireExternalRegistrationCaptcha
ctx.Data["RecaptchaURL"] = setting.Service.RecaptchaURL ctx.Data["RecaptchaURL"] = setting.Service.RecaptchaURL
ctx.Data["Captcha"] = context.GetImageCaptcha()
ctx.Data["CaptchaType"] = setting.Service.CaptchaType ctx.Data["CaptchaType"] = setting.Service.CaptchaType
ctx.Data["RecaptchaSitekey"] = setting.Service.RecaptchaSitekey ctx.Data["RecaptchaSitekey"] = setting.Service.RecaptchaSitekey
ctx.Data["DisableRegistration"] = setting.Service.DisableRegistration ctx.Data["DisableRegistration"] = setting.Service.DisableRegistration
@ -885,6 +887,7 @@ func LinkAccountPostRegister(ctx *context.Context) {
ctx.Data["LinkAccountModeRegister"] = true ctx.Data["LinkAccountModeRegister"] = true
ctx.Data["EnableCaptcha"] = setting.Service.EnableCaptcha && setting.Service.RequireExternalRegistrationCaptcha ctx.Data["EnableCaptcha"] = setting.Service.EnableCaptcha && setting.Service.RequireExternalRegistrationCaptcha
ctx.Data["RecaptchaURL"] = setting.Service.RecaptchaURL ctx.Data["RecaptchaURL"] = setting.Service.RecaptchaURL
ctx.Data["Captcha"] = context.GetImageCaptcha()
ctx.Data["CaptchaType"] = setting.Service.CaptchaType ctx.Data["CaptchaType"] = setting.Service.CaptchaType
ctx.Data["RecaptchaSitekey"] = setting.Service.RecaptchaSitekey ctx.Data["RecaptchaSitekey"] = setting.Service.RecaptchaSitekey
ctx.Data["DisableRegistration"] = setting.Service.DisableRegistration ctx.Data["DisableRegistration"] = setting.Service.DisableRegistration
@ -1063,6 +1066,7 @@ func SignUp(ctx *context.Context) {
ctx.Data["EnableCaptcha"] = setting.Service.EnableCaptcha ctx.Data["EnableCaptcha"] = setting.Service.EnableCaptcha
ctx.Data["RecaptchaURL"] = setting.Service.RecaptchaURL ctx.Data["RecaptchaURL"] = setting.Service.RecaptchaURL
ctx.Data["Captcha"] = context.GetImageCaptcha()
ctx.Data["CaptchaType"] = setting.Service.CaptchaType ctx.Data["CaptchaType"] = setting.Service.CaptchaType
ctx.Data["RecaptchaSitekey"] = setting.Service.RecaptchaSitekey ctx.Data["RecaptchaSitekey"] = setting.Service.RecaptchaSitekey
ctx.Data["HcaptchaSitekey"] = setting.Service.HcaptchaSitekey ctx.Data["HcaptchaSitekey"] = setting.Service.HcaptchaSitekey
@ -1083,6 +1087,7 @@ func SignUpPost(ctx *context.Context) {
ctx.Data["EnableCaptcha"] = setting.Service.EnableCaptcha ctx.Data["EnableCaptcha"] = setting.Service.EnableCaptcha
ctx.Data["RecaptchaURL"] = setting.Service.RecaptchaURL ctx.Data["RecaptchaURL"] = setting.Service.RecaptchaURL
ctx.Data["Captcha"] = context.GetImageCaptcha()
ctx.Data["CaptchaType"] = setting.Service.CaptchaType ctx.Data["CaptchaType"] = setting.Service.CaptchaType
ctx.Data["RecaptchaSitekey"] = setting.Service.RecaptchaSitekey ctx.Data["RecaptchaSitekey"] = setting.Service.RecaptchaSitekey
ctx.Data["HcaptchaSitekey"] = setting.Service.HcaptchaSitekey ctx.Data["HcaptchaSitekey"] = setting.Service.HcaptchaSitekey

View File

@ -329,6 +329,7 @@ func RegisterOpenID(ctx *context.Context) {
ctx.Data["PageIsOpenIDRegister"] = true ctx.Data["PageIsOpenIDRegister"] = true
ctx.Data["EnableOpenIDSignUp"] = setting.Service.EnableOpenIDSignUp ctx.Data["EnableOpenIDSignUp"] = setting.Service.EnableOpenIDSignUp
ctx.Data["EnableCaptcha"] = setting.Service.EnableCaptcha ctx.Data["EnableCaptcha"] = setting.Service.EnableCaptcha
ctx.Data["Captcha"] = context.GetImageCaptcha()
ctx.Data["CaptchaType"] = setting.Service.CaptchaType ctx.Data["CaptchaType"] = setting.Service.CaptchaType
ctx.Data["RecaptchaSitekey"] = setting.Service.RecaptchaSitekey ctx.Data["RecaptchaSitekey"] = setting.Service.RecaptchaSitekey
ctx.Data["HcaptchaSitekey"] = setting.Service.HcaptchaSitekey ctx.Data["HcaptchaSitekey"] = setting.Service.HcaptchaSitekey
@ -360,6 +361,7 @@ func RegisterOpenIDPost(ctx *context.Context) {
ctx.Data["EnableOpenIDSignUp"] = setting.Service.EnableOpenIDSignUp ctx.Data["EnableOpenIDSignUp"] = setting.Service.EnableOpenIDSignUp
ctx.Data["EnableCaptcha"] = setting.Service.EnableCaptcha ctx.Data["EnableCaptcha"] = setting.Service.EnableCaptcha
ctx.Data["RecaptchaURL"] = setting.Service.RecaptchaURL ctx.Data["RecaptchaURL"] = setting.Service.RecaptchaURL
ctx.Data["Captcha"] = context.GetImageCaptcha()
ctx.Data["CaptchaType"] = setting.Service.CaptchaType ctx.Data["CaptchaType"] = setting.Service.CaptchaType
ctx.Data["RecaptchaSitekey"] = setting.Service.RecaptchaSitekey ctx.Data["RecaptchaSitekey"] = setting.Service.RecaptchaSitekey
ctx.Data["HcaptchaSitekey"] = setting.Service.HcaptchaSitekey ctx.Data["HcaptchaSitekey"] = setting.Service.HcaptchaSitekey

View File

@ -37,7 +37,7 @@
{{if and .EnableCaptcha (eq .CaptchaType "image")}} {{if and .EnableCaptcha (eq .CaptchaType "image")}}
<div class="inline field"> <div class="inline field">
<label></label> <label></label>
{{.Captcha.CreateHtml}} {{.Captcha.CreateHTML}}
</div> </div>
<div class="required inline field {{if .Err_Captcha}}error{{end}}"> <div class="required inline field {{if .Err_Captcha}}error{{end}}">
<label for="captcha">{{.i18n.Tr "captcha"}}</label> <label for="captcha">{{.i18n.Tr "captcha"}}</label>

View File

@ -23,7 +23,7 @@
{{if and .EnableCaptcha (eq .CaptchaType "image")}} {{if and .EnableCaptcha (eq .CaptchaType "image")}}
<div class="inline field"> <div class="inline field">
<label></label> <label></label>
{{.Captcha.CreateHtml}} {{.Captcha.CreateHTML}}
</div> </div>
<div class="required inline field {{if .Err_Captcha}}error{{end}}"> <div class="required inline field {{if .Err_Captcha}}error{{end}}">
<label for="captcha">{{.i18n.Tr "captcha"}}</label> <label for="captcha">{{.i18n.Tr "captcha"}}</label>