Add support for Google reCAPTCHA in user registration to prevent spammers (!2216) · Merge requests · GitLab.org / GitLab FOSS · GitLab

Snippets Groups Projects

Do not update/delete: Banner broadcast message test data

Do not update/delete: Notification broadcast message test data

Merged Stan Hu requested to merge add-recaptcha-support into master 9 years ago

To do:

Failing reCAPTCHA test causes all the fields to be lost
~~[ ] Improve styling of reCAPTCHA box~~ (not possible)
~~[ ] Put settings in application_settings (?)~~

Page when you fail CAPTCHA:

Activity

Stan Hu @stanhu 9 years ago

Author Maintainer

/cc: @dblessing
Drew Blessing mentioned in issue omnibus-gitlab#1014 (closed) 9 years ago

mentioned in issue omnibus-gitlab#1014 (closed)
Drew Blessing @dblessing 9 years ago

Maintainer

@stanhu Thanks for this. For now let's keep these settings in gitlab.yml. That way we can get this introduced in a patch sooner than later. We can come back and add application settings, if necessary.

I created a corresponding issue in omnibus-gitlab so we can add config there once this is merged.

Let me know if/how I can help. I believe @sytses would like to get this on GitLab.com as soon as possible.
Sid Sijbrandij @sytses 9 years ago

Owner

@dblessing I agree.
Stan Hu Added 2 commits: 9 years ago
Added 2 commits:

6f0ee5c9 - Fix failed spec

4c6591c9 - Make sign-up form retain fields after failed CAPTCHA test
Stan Hu Marked the task Failing reCAPTCHA test causes all the fields to be lost as completed 9 years ago

Marked the task Failing reCAPTCHA test causes all the fields to be lost as completed
Stan Hu Title changed from WIP: Add support for Google reCAPTCHA in user registration to prevent spammers to Add support for Google reCAPTCHA in user registration to prevent spammers 9 years ago

Title changed from WIP: Add support for Google reCAPTCHA in user registration to prevent spammers to Add support for Google reCAPTCHA in user registration to prevent spammers
Stan Hu @stanhu 9 years ago

Author Maintainer

@dblessing I believe it's ready to go. Apparently it's not possible to restyle the reCAPTCHA block, so I'm punting that:

http://stackoverflow.com/questions/27713505/recaptcha-api-v2-styling
Stan Hu Added 1 commit: 9 years ago
Added 1 commit:

bdab1e39 - Add documentation for using reCAPTCHA
Stan Hu Added 1 commit: 9 years ago
Added 1 commit:

9e0f532f - Add documentation for using reCAPTCHA
Stan Hu @stanhu 9 years ago

Author Maintainer

We may also need to consider how we can better use this to prevent spammers on GitLab.com. For example, a spammer may create an account by hand and then use a script to create issues via the API. This wouldn't help that.

Edited 9 years ago by Stan Hu
Sid Sijbrandij @sytses 9 years ago

Owner

@stanhu The nice thing is that deleting the users will delete all created issues via the API.

@dzaporozhets can we get this shipped ASAP?
username-removed-444 @dzaporozhets started a thread on the diff 9 years ago

config/gitlab.yml.example

    # cas3:
    #   session_duration: 28800
  # reCAPTCHA settings. See: http://www.google.com/recaptcha
  recaptcha:
    enabled: false
    public_key: 'YOUR_PUBLIC_KEY'
    private_key: 'YOUR_PRIVATE_KEY'

username-removed-444 @dzaporozhets 9 years ago

Owner

@stanhu awesome work!

can we get this shipped ASAP?

username-removed-444 Milestone changed to 8.4 9 years ago

Milestone changed to 8.4

username-removed-444 mentioned in commit 9 years ago

mentioned in commit 202010e3

username-removed-444 Status changed to merged 9 years ago

Status changed to merged

Sid Sijbrandij @sytses 9 years ago

Owner

Thanks @stanhu and @dzaporozhets

@rspeicher please ship in patch release

Marin Jankovski @marin 9 years ago

Maintainer

@stanhu Why is Put settings in application_settings crossed out, why did you decide against adding the settings there?

Stan Hu @stanhu 9 years ago

Author Maintainer

@marin I didn't have time to add it and didn't push on it given the comments above.

Please register or sign in to reply