Changesets can be listed by changeset number.
The Git repository is here.
- Revision:
- 427
- Log:
Version 1.0.1 of the Hub application, which adds reCaptcha
verification to the sign-up form. Implemented after spambots
attacked the ROOL site and signed up hundreds of bogus users.
- Author:
- rool
- Date:
- Tue Aug 30 11:48:22 +0100 2011
- Size:
- 5715 Bytes
1 | = reCAPTCHA |
2 | |
3 | Author:: Jason L Perry (http://ambethia.com) |
4 | Copyright:: Copyright (c) 2007 Jason L Perry |
5 | License:: {MIT}[http://creativecommons.org/licenses/MIT/] |
6 | Info:: http://ambethia.com/recaptcha |
7 | Git:: http://github.com/ambethia/recaptcha/tree/master |
8 | Bugs:: http://github.com/ambethia/recaptcha/issues |
9 | |
10 | This plugin adds helpers for the {reCAPTCHA API}[http://recaptcha.net]. In your |
11 | views you can use the +recaptcha_tags+ method to embed the needed javascript, |
12 | and you can validate in your controllers with +verify_recaptcha+. |
13 | |
14 | Beforehand you need to configure Recaptcha with your custom private and public |
15 | key. You may find detailed examples below. Exceptions will be raised if you |
16 | call these methods and the keys can't be found. |
17 | |
18 | == About this fork |
19 | |
20 | This fork tries to introduces a more convenient way to configure recaptcha's |
21 | settings. The API will be inspired by {Thoughtbot's |
22 | Hoptoad}[http://robots.thoughtbot.com/post/344833329/mygem-configure-block]. |
23 | |
24 | == Rails Installation |
25 | |
26 | reCAPTCHA for Rails, add this to your Gemfile: |
27 | |
28 | gem "recaptcha", :require => "recaptcha/rails" |
29 | |
30 | Or, it can be installed as a gem: |
31 | |
32 | config.gem "recaptcha", :lib => "recaptcha/rails" |
33 | |
34 | Or, as a standard rails plugin: |
35 | |
36 | script/plugin install git://github.com/ambethia/recaptcha.git |
37 | |
38 | == Merb Installation |
39 | |
40 | reCAPTCHA can also be used in a Merb application when installed as a gem: |
41 | |
42 | dependency "alm-recaptcha", ">=0.2.2.1", :require_as => "recaptcha/merb" |
43 | |
44 | Initial Merb compatability funded by ALM Labs. |
45 | |
46 | == Setting up your API Keys |
47 | |
48 | There are multiple ways to setup your reCAPTCHA API key once you |
49 | {obtain}[http://recaptcha.net/whyrecaptcha.html] a pair. |
50 | |
51 | === Recaptcha.configure |
52 | |
53 | You may use the block style configuration. The following code could be placed |
54 | into a +config/initializers/recaptcha.rb+ when used in a Rails project. |
55 | |
56 | Recaptcha.configure do |config| |
57 | config.public_key = '6Lc6BAAAAAAAAChqRbQZcn_yyyyyyyyyyyyyyyyy' |
58 | config.private_key = '6Lc6BAAAAAAAAKN3DRm6VA_xxxxxxxxxxxxxxxxx' |
59 | config.proxy = 'http://myrpoxy.com.au:8080' |
60 | end |
61 | |
62 | This way, you may also set additional options to fit recaptcha into your |
63 | deployment environment. |
64 | |
65 | == Recaptcha#with_configuration |
66 | |
67 | If you want to temporarily overwrite the configuration you set with `Recaptcha.configure` (when testing, for example), you can use a `Recaptcha#with_configuration` block: |
68 | |
69 | Recaptcha.configure(:public_key => '12345') do |
70 | # Do stuff with the overwritten public_key. |
71 | end |
72 | |
73 | === Shell environment |
74 | |
75 | Or, you can keep your keys out of your code base by exporting the following |
76 | environment variables. You might do this in the .profile/rc, or equivalent for |
77 | the user running your application: |
78 | |
79 | export RECAPTCHA_PUBLIC_KEY = '6Lc6BAAAAAAAAChqRbQZcn_yyyyyyyyyyyyyyyyy' |
80 | export RECAPTCHA_PRIVATE_KEY = '6Lc6BAAAAAAAAKN3DRm6VA_xxxxxxxxxxxxxxxxx' |
81 | |
82 | === Per call |
83 | |
84 | You can also pass in your keys as options at runtime, for example: |
85 | |
86 | recaptcha_tags :public_key => '6Lc6BAAAAAAAAChqRbQZcn_yyyyyyyyyyyyyyyyy' |
87 | |
88 | and later, |
89 | |
90 | verify_recaptcha :private_key => '6Lc6BAAAAAAAAKN3DRm6VA_xxxxxxxxxxxxxxxxx' |
91 | |
92 | This option might be useful, if the same code base is used for multiple |
93 | reCAPTCHA setups. |
94 | |
95 | == To use 'recaptcha' |
96 | |
97 | Add +recaptcha_tags+ to each form you want to protect. |
98 | |
99 | And, add +verify_recaptcha+ logic to each form action that you've protected. |
100 | |
101 | === +recaptcha_tags+ |
102 | |
103 | Some of the options available: |
104 | |
105 | <tt>:ssl</tt>:: Uses secure http for captcha widget (default +false+) |
106 | <tt>:noscript</tt>:: Include <noscript> content (default +true+) |
107 | <tt>:display</tt>:: Takes a hash containing the +theme+ and +tabindex+ options per the API. (default +nil+) |
108 | <tt>:ajax</tt>:: Render the dynamic AJAX captcha per the API. (default +false+) |
109 | <tt>:public_key</tt>:: Your public API key, takes precedence over the ENV variable (default +nil+) |
110 | <tt>:error</tt>:: Override the error code returned from the reCAPTCHA API (default +nil+) |
111 | |
112 | You can also override the html attributes for the sizes of the generated +textarea+ and +iframe+ |
113 | elements, if CSS isn't your thing. Inspect the source of +recaptcha_tags+ to see these options. |
114 | |
115 | === +verify_recaptcha+ |
116 | |
117 | This method returns +true+ or +false+ after processing the parameters from the reCAPTCHA widget. Why |
118 | isn't this a model validation? Because that violates MVC. You can use it like this, or how ever you |
119 | like. Passing in the ActiveRecord object is optional, if you do--and the captcha fails to verify--an |
120 | error will be added to the object for you to use. |
121 | |
122 | Some of the options available: |
123 | |
124 | <tt>:model</tt>:: Model to set errors |
125 | <tt>:attribute</tt>:: Model attribute to receive errors (default :base) |
126 | <tt>:message</tt>:: Custom error message |
127 | <tt>:private_key</tt>:: Your private API key, takes precedence over the ENV variable (default +nil+). |
128 | <tt>:timeout</tt>:: The number of seconds to wait for reCAPTCHA servers before give up. (default +3+) |
129 | |
130 | respond_to do |format| |
131 | if verify_recaptcha(:model => @post, :message => "Oh! It's error with reCAPTCHA!") && @post.save |
132 | # ... |
133 | else |
134 | # ... |
135 | end |
136 | end |
137 | |
138 | == I18n support |
139 | reCAPTCHA passes two types of error explanation to a linked model. It will use the I18n gem |
140 | to translate the default error message if I18n is available. To customize the messages to your locale, |
141 | add these keys to your I18n backend: |
142 | |
143 | <tt>recaptcha.errors.verification_failed</tt>:: error message displayed if the captcha words didn't match |
144 | <tt>recaptcha.errors.recaptcha_unavailable</tt>:: displayed if a timout error occured while attempting to verify the captcha |
145 | |
146 | == TODO |
147 | * Remove Rails/ActionController dependencies |
148 | * Framework agnostic |
149 | * Add some helpers to use in before_filter and what not |
150 | * Better documentation |