Recaptcha V3 in auth.login form

60 views

Skip to first unread message

Jacinto Parga

unread,

May 22, 2019, 3:53:35 AM5/22/19

to web2py-users

I have tried recaptcha v3 width auth login form but something is wrong. It seems to break the basic auth validation methods.

Controller

def user():

    form = auth()
    my_captcha_element = TR(INPUT(_name='recaptcharesponse', value='', _type='hidden', _id='g-recaptcha-response'))
    form[0].insert(-1, my_captcha_element)
    if form.accepts(request.vars, session):
    #Comprobamos el CAPTCHA
        token = str(form.vars.recaptcharesponse)
        action = 'login'
        remoteip = str(request.env.remote_addr)
        score = 0.5 #elegimos el score que queremos
        capt = comprobar_captcha(token, action, remoteip, score) # A fucntion I've created to evaluate the captcha in server
        if capt == 'Falso':
            response.flash = T('Posible spam please try later.') 
            if session.counter >= 20:
                redirect(URL('errores','error',args='posiblebot'))
    return dict(form=form)

View

{{extend 'layout.html'}}

<div class="row"> 
  <div id="web2py_user_form" class="col-lg-6" style="background-color:white; margin: 0 auto 5px auto; box-shadow: 0 0 5px #a1a1a1; border-radius:5px;padding: 20px">
    <h2>
      {{=T('Sign Up') if request.args(0) == 'register' else T('Log In') if request.args(0) == 'login' else T(request.args(0).replace('_',' ').title())}}
    </h2>
    {{=form}}

    {{if request.args(0)=='login' and not 'register' in auth.settings.actions_disabled:}}
    <a href="{{=URL('user/register')}}">{{=T('Register')}}</a>
    <br/>
    {{pass}}
    {{if request.args(0)=='login' and not 'retrieve_password' in auth.settings.actions_disabled:}}
    <a href="{{=URL('user/retrieve_password')}}">{{=T('Lost your password?')}}</a>
    {{pass}}
    {{if request.args(0)=='register':}}
    <a href="{{=URL('user/login')}}">{{=T('Login')}}</a>
    {{pass}}
  </div>
</div>



{{block page_js}}
<script>
    jQuery("#web2py_user_form input:visible:enabled:first").focus();
{{if request.args(0)=='register':}}
    web2py_validate_entropy(jQuery('#auth_user_password'),100);
{{elif request.args(0)=='change_password':}}
    web2py_validate_entropy(jQuery('#no_table_new_password'),100);
{{pass}}
</script>
{{end page_js}}

<script>
 grecaptcha.ready(function() {
      grecaptcha.execute('xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', {action:'login'}).then(function(token) {
          document.getElementById('g-recaptcha-response').value = token;
      });
  });
  </script>

Reply all

Reply to author

Forward

0 new messages