From 47dd078b6ae6e5c7a9ab5c28cbbabfae96ec0503 Mon Sep 17 00:00:00 2001
From: Ludovic Stephan <ludovic.stephan@ens.fr>
Date: Thu, 4 Mar 2021 17:56:42 +0100
Subject: [PATCH 1/4] Remplace recaptcha par hcaptcha

---
 gestioasso/settings/cof_prod.py |  2 +-
 petitscours/forms.py            | 18 ++++++++++++++++--
 requirements.txt                |  2 +-
 3 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/gestioasso/settings/cof_prod.py b/gestioasso/settings/cof_prod.py
index 3104e5b0..1865e7e3 100644
--- a/gestioasso/settings/cof_prod.py
+++ b/gestioasso/settings/cof_prod.py
@@ -50,7 +50,7 @@ INSTALLED_APPS = (
     + [
         "bda",
         "petitscours",
-        "captcha",
+        "hcaptcha",
         "kfet",
         "kfet.open",
         "channels",
diff --git a/petitscours/forms.py b/petitscours/forms.py
index 01d4178a..0d9f38bc 100644
--- a/petitscours/forms.py
+++ b/petitscours/forms.py
@@ -1,14 +1,28 @@
-from captcha.fields import ReCaptchaField
 from django import forms
 from django.contrib.auth.models import User
 from django.forms import ModelForm
 from django.forms.models import inlineformset_factory
+from django.utils.translation import gettext_lazy as _
+from hcaptcha.fields import hCaptchaField
 
 from petitscours.models import PetitCoursAbility, PetitCoursDemande
 
 
+class hCaptchaFieldWithErrors(hCaptchaField):
+    """
+    Pour l'instant, hCaptchaField ne supporte pas le paramètre `error_messages` lors de
+    l'initialisation. Du coup, on les redéfinit à la main.
+    """
+
+    default_error_messages = {
+        "required": _("Veuillez vérifier que vous êtes bien humain·e."),
+        "error_hcaptcha": _("Erreur lors de la vérification."),
+        "invalid_hcaptcha": _("Échec de la vérification !"),
+    }
+
+
 class DemandeForm(ModelForm):
-    captcha = ReCaptchaField(attrs={"theme": "clean", "lang": "fr"})
+    captcha = hCaptchaFieldWithErrors()
 
     def __init__(self, *args, **kwargs):
         super().__init__(*args, **kwargs)
diff --git a/requirements.txt b/requirements.txt
index 565d2b71..8baaa5ed 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -3,7 +3,7 @@ Django==2.2.*
 django-autocomplete-light==3.3.*
 django-cas-ng==3.6.*
 django-djconfig==0.8.0
-django-recaptcha==1.4.0
+django-hCaptcha==0.1.0
 icalendar
 Pillow
 django-bootstrap-form==3.3

From ac8ad15ad1119d131fc2a003f60dcd60555c01b3 Mon Sep 17 00:00:00 2001
From: Ludovic Stephan <ludovic.stephan@ens.fr>
Date: Thu, 4 Mar 2021 18:30:51 +0100
Subject: [PATCH 2/4] Fix tests: mock captcha clean method

---
 petitscours/tests/test_views.py | 20 +++++++-------------
 1 file changed, 7 insertions(+), 13 deletions(-)

diff --git a/petitscours/tests/test_views.py b/petitscours/tests/test_views.py
index aee1f2e8..6ca97086 100644
--- a/petitscours/tests/test_views.py
+++ b/petitscours/tests/test_views.py
@@ -1,5 +1,5 @@
 import json
-import os
+from unittest import mock
 
 from django.contrib.auth import get_user_model
 from django.test import TestCase
@@ -257,18 +257,15 @@ class PetitCoursDemandeViewTestCase(ViewTestCaseMixin, TestCase):
 
     def setUp(self):
         super().setUp()
-        os.environ["RECAPTCHA_TESTING"] = "True"
         self.subject1 = create_petitcours_subject()
         self.subject2 = create_petitcours_subject()
 
-    def tearDown(self):
-        os.environ["RECAPTCHA_TESTING"] = "False"
-
     def test_get(self):
         resp = self.client.get(self.url)
         self.assertEqual(resp.status_code, 200)
 
-    def test_post(self):
+    @mock.patch("hcaptcha.fields.hCaptchaField.clean")
+    def test_post(self, mock_clean):
         data = {
             "name": "Le nom",
             "email": "lemail@mail.net",
@@ -280,7 +277,7 @@ class PetitCoursDemandeViewTestCase(ViewTestCaseMixin, TestCase):
             "agrege_requis": "1",
             "niveau": "lycee",
             "remarques": "no comment",
-            "g-recaptcha-response": "PASSED",
+            "h-captcha-response": 1,
         }
         resp = self.client.post(self.url, data)
 
@@ -299,18 +296,15 @@ class PetitCoursDemandeRawViewTestCase(ViewTestCaseMixin, TestCase):
 
     def setUp(self):
         super().setUp()
-        os.environ["RECAPTCHA_TESTING"] = "True"
         self.subject1 = create_petitcours_subject()
         self.subject2 = create_petitcours_subject()
 
-    def tearDown(self):
-        os.environ["RECAPTCHA_TESTING"] = "False"
-
     def test_get(self):
         resp = self.client.get(self.url)
         self.assertEqual(resp.status_code, 200)
 
-    def test_post(self):
+    @mock.patch("hcaptcha.fields.hCaptchaField.clean")
+    def test_post(self, mock_clean):
         data = {
             "name": "Le nom",
             "email": "lemail@mail.net",
@@ -322,7 +316,7 @@ class PetitCoursDemandeRawViewTestCase(ViewTestCaseMixin, TestCase):
             "agrege_requis": "1",
             "niveau": "lycee",
             "remarques": "no comment",
-            "g-recaptcha-response": "PASSED",
+            "h-captcha-response": 1,
         }
         resp = self.client.post(self.url, data)
 

From af95e64344687327678a5c8e858fb7056bf72862 Mon Sep 17 00:00:00 2001
From: Ludovic Stephan <ludovic.stephan@ens.fr>
Date: Thu, 4 Mar 2021 23:14:10 +0100
Subject: [PATCH 3/4] TODO de prod

---
 CHANGELOG.md                          | 4 ++++
 gestioasso/settings/secret_example.py | 4 ++--
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 79eb297b..c1b3b490 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -23,6 +23,10 @@ adhérents ni des cotisations.
 
 ## Version ??? - dans un futur proche
 
+### TODO Prod
+
+- Créer un compte hCaptcha (https://www.hcaptcha.com/), au COF, et remplacer les secrets associés
+
 ### K-Fêt
 
 - L'accès à l'historique est maintenant limité à 7 jours pour raison de confidentialité. Les chefs/trez peuvent disposer d'une permission supplémentaire pour accèder à jusqu'à 30 jours en cas de problème de compta. L'accès à son historique personnel n'est pas limité. Les durées sont configurables dans `settings/cof_prod.py`.
diff --git a/gestioasso/settings/secret_example.py b/gestioasso/settings/secret_example.py
index 8afce5cd..b93aeb4f 100644
--- a/gestioasso/settings/secret_example.py
+++ b/gestioasso/settings/secret_example.py
@@ -16,8 +16,8 @@ REDIS_PORT = 6379
 REDIS_DB = 0
 REDIS_HOST = "127.0.0.1"
 
-RECAPTCHA_PUBLIC_KEY = "DUMMY"
-RECAPTCHA_PRIVATE_KEY = "DUMMY"
+HCAPTCHA_SITEKEY = "10000000-ffff-ffff-ffff-000000000001"
+HCAPTCHA_SECRET = "0x0000000000000000000000000000000000000000"
 
 EMAIL_HOST = None
 

From 4df3ef4dd954d266cc79aa6272227c1321309766 Mon Sep 17 00:00:00 2001
From: Ludovic Stephan <ludovic.stephan@ens.fr>
Date: Thu, 4 Mar 2021 23:28:55 +0100
Subject: [PATCH 4/4] Fix secret import

---
 gestioasso/settings/cof_prod.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gestioasso/settings/cof_prod.py b/gestioasso/settings/cof_prod.py
index 1865e7e3..28133ebc 100644
--- a/gestioasso/settings/cof_prod.py
+++ b/gestioasso/settings/cof_prod.py
@@ -26,8 +26,8 @@ REDIS_DB = import_secret("REDIS_DB")
 REDIS_HOST = import_secret("REDIS_HOST")
 REDIS_PORT = import_secret("REDIS_PORT")
 
-RECAPTCHA_PUBLIC_KEY = import_secret("RECAPTCHA_PUBLIC_KEY")
-RECAPTCHA_PRIVATE_KEY = import_secret("RECAPTCHA_PRIVATE_KEY")
+HCAPTCHA_SITEKEY = import_secret("HCAPTCHA_SITEKEY")
+HCAPTCHA_SECRET = import_secret("HCAPTCHA_SECRET")
 KFETOPEN_TOKEN = import_secret("KFETOPEN_TOKEN")
 
 # ---