Commit d7a9922d authored by JackV's avatar JackV

Remove recaptcha

parent 0a6b9e29
......@@ -78,12 +78,6 @@ This is also a valid Python file, but don't abuse that.
## Maximum age of the authentication cookie
#cookie_max_age_days = 1
## ReCaptcha public key"
#recaptcha_pubkey = "pubkey"
## ReCaptcha private key
#recaptcha_privkey = "privkey"
## Authentication token for live presence updates
#mac_update_password = "default"
......
......@@ -101,19 +101,6 @@ define("cookie_max_age_days",
group='Internal'
)
define("recaptcha_pubkey",
default="pubkey",
help="ReCaptcha public key",
group="Internal"
)
define("recaptcha_privkey",
default="privkey",
help="ReCaptcha private key",
group="Internal"
)
define("log_queries",
default=False, help="Log DB queries.", group='Logging'
)
......
......@@ -24,7 +24,6 @@ from bitsd.common import LOG, bind
def start():
"""Setup HTTP/WS server. **MUST** be called prior to any operation."""
auth.ReCaptcha.init()
application = tornado.web.Application([
# FIXME daltonism workaround, should be implemented client-side
(r'/(?:|blind)', handlers.HomePageHandler),
......
......@@ -211,11 +211,6 @@ nav#paginator ul li {
content: "";
}
#recaptcha-wrapper {
width: 300px;
margin: 0 auto;
}
#roster {
width: 200px;
margin: 0 auto;
......
......@@ -9,7 +9,6 @@ from datetime import datetime, timedelta
from passlib.hash import sha512_crypt as Hasher
from tornado.options import options
from recaptcha import RecaptchaClient
from bitsd.persistence.query import get_user, get_last_login_attempt, log_last_login_attempt
from bitsd.persistence.models import User
......@@ -18,27 +17,13 @@ from bitsd.persistence.engine import persist, delete
from bitsd.common import LOG
class ReCaptcha(object):
is_solution_correct = None
get_challenge_markup = None
@classmethod
def init(cls):
""""Lazily create reCAPTCHA object. This MUST be called before using ReCaptcha.
Lazy init allows to load keys from config file."""
client = RecaptchaClient(options.recaptcha_privkey, options.recaptcha_pubkey, recaptcha_options={"theme": "white"})
cls.is_solution_correct = client.is_solution_correct
cls.get_challenge_markup = client.get_challenge_markup
class DoSError(Exception):
"""DoS error: raise by verify() if the user is trying
to authenticate too fast"""
pass
def verify(session, username, supplied_password, ip_address, has_captcha, recaptcha_challenge, recaptcha_response):
def verify(session, username, supplied_password, ip_address):
"""Verify user credentials.
If the username exists, then the supplied password is hashed and
......@@ -57,22 +42,10 @@ def verify(session, username, supplied_password, ip_address, has_captcha, recapt
A DoS protection is necessary because password hashing is an expensive operation.
"""
if has_captcha:
solved_captcha = ReCaptcha.is_solution_correct(recaptcha_response, recaptcha_challenge, ip_address)
# Exit immediately if wrong answer
if not solved_captcha:
return False
else:
solved_captcha = False
# Save "now" so that the two timestamp checks are referred to the same instant
now = datetime.now()
def detect_dos(attempt, timeout):
if solved_captcha:
return False
# Otherwise, check timing
if attempt is not None:
too_quick = (now - attempt.timestamp) < timeout
if too_quick:
......
......@@ -209,7 +209,6 @@ class LoginPageHandler(BaseHandler):
'templates/login.html',
next=next,
message=None,
show_recaptcha=False
)
def post(self):
......@@ -217,13 +216,10 @@ class LoginPageHandler(BaseHandler):
password = self.get_argument("password")
ip_address = self.request.remote_ip
next = self.get_argument("next", "/")
captcha_challenge = self.get_argument("recaptcha_challenge_field", "")
captcha_response = self.get_argument("recaptcha_response_field", "")
has_recaptcha = captcha_challenge or captcha_response
with session_scope() as session:
try:
verified = verify(session, username, password, ip_address, has_recaptcha, captcha_challenge, captcha_response)
verified = verify(session, username, password, ip_address)
except DoSError as error:
LOG.warning("DoS protection: %s", error)
self.log_offender_details()
......@@ -231,8 +227,6 @@ class LoginPageHandler(BaseHandler):
'templates/login.html',
next=next,
message="Tentativi dal tuo IP over 9000...",
show_recaptcha=True,
previous_attempt_incorrect=has_recaptcha
)
return
......@@ -251,8 +245,6 @@ class LoginPageHandler(BaseHandler):
'templates/login.html',
next=next,
message="Password/username sbagliati!",
show_recaptcha=has_recaptcha,
# If we have a captcha at this point, it means we already failed once
previous_attempt_incorrect=True
)
......
......@@ -22,11 +22,6 @@
<label for="password">Password:</label>
<input id="password" type="password" name="password" value="">
</p>
{% if show_recaptcha %}
<div id="recaptcha-wrapper">
{% module ReCaptchaWidget(previous_attempt_incorrect) %}
</div>
{% end %}
{% module xsrf_form_html() %}
<p><input type="submit" value="Login"></p>
<input type="hidden" name="next" value="{{ next }}">
......
......@@ -13,8 +13,6 @@ Assorted Tornado UI widgets and mixins.
import tornado.web
from tornado.options import options
from bitsd.server.auth import ReCaptcha
class DebugMode(tornado.web.UIModule):
"""If in developer mode, then render a debug meta header
......@@ -97,12 +95,3 @@ class PaginatorWidget(tornado.web.UIModule):
limit=limit,
count=count
)
class ReCaptchaWidget(tornado.web.UIModule):
""""Displays a reCAPTCHA widget"""
def render(self, previous_attempt_incorrect):
return ReCaptcha.get_challenge_markup(
was_previous_solution_incorrect=previous_attempt_incorrect,
use_ssl=True
)
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment