feat(support#create): block with invisible captcha [avoid painful captcha]
This commit is contained in:
parent
ec6c71beea
commit
252eee272b
9 changed files with 87 additions and 42 deletions
1
Gemfile
1
Gemfile
|
@ -47,6 +47,7 @@ gem 'i18n_data'
|
|||
gem 'i18n-tasks', require: false
|
||||
gem 'iban-tools'
|
||||
gem 'image_processing'
|
||||
gem 'invisible_captcha'
|
||||
gem 'json_schemer'
|
||||
gem 'jwt'
|
||||
gem 'kaminari', '1.2.1' # Pagination
|
||||
|
|
|
@ -369,6 +369,8 @@ GEM
|
|||
image_processing (1.12.1)
|
||||
mini_magick (>= 4.9.5, < 5)
|
||||
ruby-vips (>= 2.0.17, < 3)
|
||||
invisible_captcha (2.0.0)
|
||||
rails (>= 5.0)
|
||||
ipaddress (0.8.3)
|
||||
jquery-rails (4.4.0)
|
||||
rails-dom-testing (>= 1, < 3)
|
||||
|
@ -838,6 +840,7 @@ DEPENDENCIES
|
|||
i18n_data
|
||||
iban-tools
|
||||
image_processing
|
||||
invisible_captcha
|
||||
json_schemer
|
||||
jwt
|
||||
kaminari (= 1.2.1)
|
||||
|
|
|
@ -1,4 +1,6 @@
|
|||
class SupportController < ApplicationController
|
||||
invisible_captcha only: [:create], on_spam: :redirect_to_root
|
||||
|
||||
def index
|
||||
setup_context
|
||||
end
|
||||
|
@ -92,4 +94,8 @@ class SupportController < ApplicationController
|
|||
def email
|
||||
current_user&.email || params[:email]
|
||||
end
|
||||
|
||||
def redirect_to_root
|
||||
redirect_to root_path, alert: t('invisible_captcha.custom_message')
|
||||
end
|
||||
end
|
||||
|
|
|
@ -25,6 +25,9 @@
|
|||
= label_tag :type do
|
||||
= t('.your_question')
|
||||
= hidden_field_tag :type, params[:type]
|
||||
|
||||
= invisible_captcha
|
||||
|
||||
%dl
|
||||
- @options.each do |(question, question_type, link)|
|
||||
%dt
|
||||
|
|
|
@ -122,3 +122,5 @@ API_EDUCATION_URL="https://data.education.gouv.fr/api/records/1.0"
|
|||
|
||||
# Clé de chriffrement des données sensibles en base
|
||||
ENCRYPTION_SERVICE_SALT=""
|
||||
|
||||
INVISIBLE_CAPTCHA_SECRET="kikooloool"
|
||||
|
|
12
config/initializers/invisible_captcha.rb
Normal file
12
config/initializers/invisible_captcha.rb
Normal file
|
@ -0,0 +1,12 @@
|
|||
InvisibleCaptcha.setup do |config|
|
||||
# config.honeypots << ['more', 'fake', 'attribute', 'names']
|
||||
# config.visual_honeypots = false
|
||||
# config.timestamp_threshold = 2
|
||||
config.timestamp_enabled = !Rails.env.test?
|
||||
# config.injectable_styles = false
|
||||
config.spinner_enabled = !Rails.env.test?
|
||||
|
||||
# Leave these unset if you want to use I18n (see below)
|
||||
# config.sentence_for_humans = 'If you are a human, ignore this field'
|
||||
# config.timestamp_error_message = 'Sorry, that was too quick! Please resubmit.'
|
||||
end
|
|
@ -30,6 +30,9 @@
|
|||
# available at http://guides.rubyonrails.org/i18n.html.
|
||||
|
||||
en:
|
||||
invisible_captcha:
|
||||
custom_message: 'If you are a human, ignore this field'
|
||||
|
||||
help: 'Help'
|
||||
utils:
|
||||
'yes': Yes
|
||||
|
|
|
@ -20,6 +20,9 @@
|
|||
# available at http://guides.rubyonrails.org/i18n.html.
|
||||
|
||||
fr:
|
||||
invisible_captcha:
|
||||
custom_message: 'Si vous êtes un humain, veuillez ignorer ce champs'
|
||||
|
||||
help: 'Aide'
|
||||
utils:
|
||||
'yes': Oui
|
||||
|
|
|
@ -51,9 +51,12 @@ describe SupportController, type: :controller do
|
|||
|
||||
describe "send form" do
|
||||
subject do
|
||||
post :create, params: { subject: 'bonjour', text: 'un message' }
|
||||
post :create, params: params
|
||||
end
|
||||
|
||||
context "when invisible captcha is ignored" do
|
||||
let(:params) { { subject: 'bonjour', text: 'un message' } }
|
||||
|
||||
it 'creates a conversation on HelpScout' do
|
||||
expect_any_instance_of(Helpscout::FormAdapter).to receive(:send_form).and_return(true)
|
||||
|
||||
|
@ -114,6 +117,15 @@ describe SupportController, type: :controller do
|
|||
end
|
||||
end
|
||||
end
|
||||
|
||||
context "when invisible captcha is filled" do
|
||||
let(:params) { { subject: 'bonjour', text: 'un message', InvisibleCaptcha.honeypots.sample => 'boom' } }
|
||||
it 'does not create a conversation on HelpScout' do
|
||||
expect { subject }.not_to change(Commentaire, :count)
|
||||
expect(flash[:alert]).to eq(I18n.t('invisible_captcha.custom_message'))
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'signed out' do
|
||||
|
|
Loading…
Reference in a new issue