Auth Form wiht Google reCAPTCHA (#87)
* reCaptcha config * config reCaptcha * check reCAPTCHA * add reCAPTCHA to form login * config attributes for reCAPTCHA * Function to verify request with reCAPTCHA * doc reCaptcha
This commit is contained in:
parent
8f4ced96f9
commit
cbdc0dacd6
@ -573,4 +573,19 @@ $servers->setValue('server','custom_sys_attrs',array('passwordExpirationTime','p
|
|||||||
$servers->setValue('server','custom_attrs',array('nsRoleDN','nsRole','nsAccountLock'));
|
$servers->setValue('server','custom_attrs',array('nsRoleDN','nsRole','nsAccountLock'));
|
||||||
$servers->setValue('server','force_may',array('uidNumber','gidNumber','sambaSID'));
|
$servers->setValue('server','force_may',array('uidNumber','gidNumber','sambaSID'));
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
/***********************************************************************************
|
||||||
|
* If you want to configure Google reCAPTCHA on autentication form, do so below. *
|
||||||
|
* Remove the commented lines and use this section as a template for all *
|
||||||
|
* reCAPTCHA v2 Generate on https://www.google.com/recaptcha/ *
|
||||||
|
* *
|
||||||
|
* IMPORTANT: Select reCAPTCHA v2 on Type of reCAPTCHA *
|
||||||
|
***********************************************************************************/
|
||||||
|
|
||||||
|
|
||||||
|
$config->custom->session['reCAPTCHA-enable'] = false;
|
||||||
|
$config->custom->session['reCAPTCHA-key-site'] = '<put-here-key-site>';
|
||||||
|
$config->custom->session['reCAPTCHA-key-server'] = '<put-here-key-server>';
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
@ -11,27 +11,44 @@
|
|||||||
|
|
||||||
require './common.php';
|
require './common.php';
|
||||||
|
|
||||||
$user = array();
|
$pass = true;
|
||||||
$user['login'] = get_request('login');
|
if ($_SESSION[APPCONFIG]->getValue('session', 'reCAPTCHA-enable')) {
|
||||||
$user['password'] = get_request('login_pass');
|
$pass = !IsRobot(get_request('g-recaptcha-response'));
|
||||||
|
}
|
||||||
|
|
||||||
if ($user['login'] && ! strlen($user['password']))
|
if ($pass) {
|
||||||
system_message(array(
|
$user = array();
|
||||||
'title'=>_('Authenticate to server'),
|
$user['login'] = get_request('login');
|
||||||
'body'=>_('You left the password blank.'),
|
$user['password'] = get_request('login_pass');
|
||||||
'type'=>'warn'),
|
|
||||||
sprintf('cmd.php?cmd=login_form&server_id=%s',get_request('server_id','REQUEST')));
|
if ($user['login'] && !strlen($user['password'])) {
|
||||||
|
system_message(array(
|
||||||
|
'title' => _('Authenticate to server'),
|
||||||
|
'body' => _('You left the password blank.'),
|
||||||
|
'type' => 'warn'),
|
||||||
|
sprintf('cmd.php?cmd=login_form&server_id=%s', get_request('server_id', 'REQUEST')));
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($app['server']->login($user['login'], $user['password'], 'user')) {
|
||||||
|
system_message(array(
|
||||||
|
'title' => _('Authenticate to server'),
|
||||||
|
'body' => _('Successfully logged into server.'),
|
||||||
|
'type' => 'info'),
|
||||||
|
sprintf('cmd.php?server_id=%s', get_request('server_id', 'REQUEST')));
|
||||||
|
} else {
|
||||||
|
system_message(array(
|
||||||
|
'title' => _('Failed to Authenticate to server'),
|
||||||
|
'body' => _('Invalid Username or Password.'),
|
||||||
|
'type' => 'error'),
|
||||||
|
sprintf('cmd.php?cmd=login_form&server_id=%s', get_request('server_id', 'REQUEST')));
|
||||||
|
}
|
||||||
|
|
||||||
|
} else {
|
||||||
|
system_message(array(
|
||||||
|
'title' => _('Authenticate to server'),
|
||||||
|
'body' => _('Incorrect captcha.'),
|
||||||
|
'type' => 'warn'),
|
||||||
|
sprintf('cmd.php?cmd=login_form&server_id=%s', get_request('server_id', 'REQUEST')));
|
||||||
|
}
|
||||||
|
|
||||||
if ($app['server']->login($user['login'],$user['password'],'user'))
|
|
||||||
system_message(array(
|
|
||||||
'title'=>_('Authenticate to server'),
|
|
||||||
'body'=>_('Successfully logged into server.'),
|
|
||||||
'type'=>'info'),
|
|
||||||
sprintf('cmd.php?server_id=%s',get_request('server_id','REQUEST')));
|
|
||||||
else
|
|
||||||
system_message(array(
|
|
||||||
'title'=>_('Failed to Authenticate to server'),
|
|
||||||
'body'=>_('Invalid Username or Password.'),
|
|
||||||
'type'=>'error'),
|
|
||||||
sprintf('cmd.php?cmd=login_form&server_id=%s',get_request('server_id','REQUEST')));
|
|
||||||
?>
|
?>
|
||||||
|
@ -90,6 +90,13 @@ if ($app['server']->getAuthType() == 'http') {
|
|||||||
echo '<tr><td><input type="password" id="password" size="40" value="" name="login_pass" /></td></tr>';
|
echo '<tr><td><input type="password" id="password" size="40" value="" name="login_pass" /></td></tr>';
|
||||||
echo '<tr><td colspan="2"> </td></tr>';
|
echo '<tr><td colspan="2"> </td></tr>';
|
||||||
|
|
||||||
|
#reCAPTCHA
|
||||||
|
if ($_SESSION[APPCONFIG]->getValue('session', 'reCAPTCHA-enable')) {
|
||||||
|
echo '<script src="https://www.google.com/recaptcha/api.js"></script>';
|
||||||
|
echo '<tr><td><div class="g-recaptcha" data-sitekey="'.$_SESSION[APPCONFIG]->getValue('session', 'reCAPTCHA-key-site').'"></div></td></tr>';
|
||||||
|
echo '<tr><td colspan="2"> </td></tr>';
|
||||||
|
}
|
||||||
|
|
||||||
# If Anon bind allowed, then disable the form if the user choose to bind anonymously.
|
# If Anon bind allowed, then disable the form if the user choose to bind anonymously.
|
||||||
if ($app['server']->isAnonBindAllowed())
|
if ($app['server']->isAnonBindAllowed())
|
||||||
printf('<tr><td colspan="2"><small><b>%s</b></small> <input type="checkbox" name="anonymous_bind" onclick="form_field_toggle_enable(this,[\'login\',\'password\'],\'login\')" id="anonymous_bind_checkbox" /></td></tr>',
|
printf('<tr><td colspan="2"><small><b>%s</b></small> <input type="checkbox" name="anonymous_bind" onclick="form_field_toggle_enable(this,[\'login\',\'password\'],\'login\')" id="anonymous_bind_checkbox" /></td></tr>',
|
||||||
|
@ -574,6 +574,20 @@ class Config {
|
|||||||
$this->default->search['time_limit'] = array(
|
$this->default->search['time_limit'] = array(
|
||||||
'desc'=>'Maximum time to allow unlimited size_limit searches to the ldap server',
|
'desc'=>'Maximum time to allow unlimited size_limit searches to the ldap server',
|
||||||
'default'=>120);
|
'default'=>120);
|
||||||
|
|
||||||
|
/* reCAPTCHA Login */
|
||||||
|
|
||||||
|
$this->default->session['reCAPTCHA-enable'] = array(
|
||||||
|
'desc'=>'Status reCAPTCHA (true | false)',
|
||||||
|
'default'=>false);
|
||||||
|
|
||||||
|
$this->default->session['reCAPTCHA-key-site'] = array(
|
||||||
|
'desc'=>'Site Key',
|
||||||
|
'default'=>"<put-here-key-site>");
|
||||||
|
|
||||||
|
$this->default->session['reCAPTCHA-key-server'] = array(
|
||||||
|
'desc'=>'Server key',
|
||||||
|
'default'=>"<put-here-key-server>");
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -3217,4 +3217,30 @@ function isAjaxEnabled() {
|
|||||||
else
|
else
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
/**
|
||||||
|
* Check if user is a robot with reCAPTCHA
|
||||||
|
**/
|
||||||
|
function IsRobot($gResponse){
|
||||||
|
$isRobot = true;
|
||||||
|
$url = 'https://www.google.com/recaptcha/api/siteverify';
|
||||||
|
$data = array(
|
||||||
|
'secret' => $_SESSION[APPCONFIG]->getValue('session','reCAPTCHA-key-server'),
|
||||||
|
'response' => $gResponse
|
||||||
|
);
|
||||||
|
$options = array(
|
||||||
|
'http' => array (
|
||||||
|
'method' => 'POST','header' =>
|
||||||
|
'Content-Type: application/x-www-form-urlencoded',
|
||||||
|
'content' => http_build_query($data)
|
||||||
|
)
|
||||||
|
);
|
||||||
|
$context = stream_context_create($options);
|
||||||
|
$verify = file_get_contents($url, false, $context);
|
||||||
|
$captcha_success = json_decode($verify);
|
||||||
|
if ($captcha_success->success) {
|
||||||
|
$isRobot = false;
|
||||||
|
}
|
||||||
|
return $isRobot;
|
||||||
|
|
||||||
|
}
|
||||||
?>
|
?>
|
||||||
|
Loading…
Reference in New Issue
Block a user