Auth Form wiht Google reCAPTCHA (#87)
* reCaptcha config * config reCaptcha * check reCAPTCHA * add reCAPTCHA to form login * config attributes for reCAPTCHA * Function to verify request with reCAPTCHA * doc reCaptcha
This commit is contained in:
committed by
GitHub
parent
8f4ced96f9
commit
cbdc0dacd6
@@ -11,27 +11,44 @@
|
||||
|
||||
require './common.php';
|
||||
|
||||
$user = array();
|
||||
$user['login'] = get_request('login');
|
||||
$user['password'] = get_request('login_pass');
|
||||
$pass = true;
|
||||
if ($_SESSION[APPCONFIG]->getValue('session', 'reCAPTCHA-enable')) {
|
||||
$pass = !IsRobot(get_request('g-recaptcha-response'));
|
||||
}
|
||||
|
||||
if ($user['login'] && ! strlen($user['password']))
|
||||
system_message(array(
|
||||
'title'=>_('Authenticate to server'),
|
||||
'body'=>_('You left the password blank.'),
|
||||
'type'=>'warn'),
|
||||
sprintf('cmd.php?cmd=login_form&server_id=%s',get_request('server_id','REQUEST')));
|
||||
if ($pass) {
|
||||
$user = array();
|
||||
$user['login'] = get_request('login');
|
||||
$user['password'] = get_request('login_pass');
|
||||
|
||||
if ($user['login'] && !strlen($user['password'])) {
|
||||
system_message(array(
|
||||
'title' => _('Authenticate to server'),
|
||||
'body' => _('You left the password blank.'),
|
||||
'type' => 'warn'),
|
||||
sprintf('cmd.php?cmd=login_form&server_id=%s', get_request('server_id', 'REQUEST')));
|
||||
}
|
||||
|
||||
if ($app['server']->login($user['login'], $user['password'], 'user')) {
|
||||
system_message(array(
|
||||
'title' => _('Authenticate to server'),
|
||||
'body' => _('Successfully logged into server.'),
|
||||
'type' => 'info'),
|
||||
sprintf('cmd.php?server_id=%s', get_request('server_id', 'REQUEST')));
|
||||
} else {
|
||||
system_message(array(
|
||||
'title' => _('Failed to Authenticate to server'),
|
||||
'body' => _('Invalid Username or Password.'),
|
||||
'type' => 'error'),
|
||||
sprintf('cmd.php?cmd=login_form&server_id=%s', get_request('server_id', 'REQUEST')));
|
||||
}
|
||||
|
||||
} else {
|
||||
system_message(array(
|
||||
'title' => _('Authenticate to server'),
|
||||
'body' => _('Incorrect captcha.'),
|
||||
'type' => 'warn'),
|
||||
sprintf('cmd.php?cmd=login_form&server_id=%s', get_request('server_id', 'REQUEST')));
|
||||
}
|
||||
|
||||
if ($app['server']->login($user['login'],$user['password'],'user'))
|
||||
system_message(array(
|
||||
'title'=>_('Authenticate to server'),
|
||||
'body'=>_('Successfully logged into server.'),
|
||||
'type'=>'info'),
|
||||
sprintf('cmd.php?server_id=%s',get_request('server_id','REQUEST')));
|
||||
else
|
||||
system_message(array(
|
||||
'title'=>_('Failed to Authenticate to server'),
|
||||
'body'=>_('Invalid Username or Password.'),
|
||||
'type'=>'error'),
|
||||
sprintf('cmd.php?cmd=login_form&server_id=%s',get_request('server_id','REQUEST')));
|
||||
?>
|
||||
|
@@ -90,6 +90,13 @@ if ($app['server']->getAuthType() == 'http') {
|
||||
echo '<tr><td><input type="password" id="password" size="40" value="" name="login_pass" /></td></tr>';
|
||||
echo '<tr><td colspan="2"> </td></tr>';
|
||||
|
||||
#reCAPTCHA
|
||||
if ($_SESSION[APPCONFIG]->getValue('session', 'reCAPTCHA-enable')) {
|
||||
echo '<script src="https://www.google.com/recaptcha/api.js"></script>';
|
||||
echo '<tr><td><div class="g-recaptcha" data-sitekey="'.$_SESSION[APPCONFIG]->getValue('session', 'reCAPTCHA-key-site').'"></div></td></tr>';
|
||||
echo '<tr><td colspan="2"> </td></tr>';
|
||||
}
|
||||
|
||||
# If Anon bind allowed, then disable the form if the user choose to bind anonymously.
|
||||
if ($app['server']->isAnonBindAllowed())
|
||||
printf('<tr><td colspan="2"><small><b>%s</b></small> <input type="checkbox" name="anonymous_bind" onclick="form_field_toggle_enable(this,[\'login\',\'password\'],\'login\')" id="anonymous_bind_checkbox" /></td></tr>',
|
||||
|
Reference in New Issue
Block a user