Merge pull request #280 from abf/rosa-build:antibot

antibot
2013-08-26 22:40:41 +04:00 · 2013-08-26 22:40:41 +04:00 · 9c91ecb2fe
parent ea82e9a01b e296dd108d
commit 9c91ecb2fe
8 changed files with 38 additions and 24 deletions
--- a/app/assets/javascripts/login.js
+++ b/app/assets/javascripts/login.js
@ -32,4 +32,6 @@ $(document).ready(function() {
    }
     return true;
  });
+
+  $('#recaptcha_response_field').val('');
 });
--- a/app/assets/stylesheets/devise/registration.scss
+++ b/app/assets/stylesheets/devise/registration.scss
@ -258,7 +258,7 @@ div.error p{
  text-align: center;
 }

-div.error.login {
+div.error.uname {
  margin-top: -286px;
  margin-left: 650px;
 }
@ -273,8 +273,11 @@ div.error.email {
  margin-left: 650px;
 }

-div.error.password {
+div.error.pazsword {
  margin-top: -155px;
  margin-left: 650px;
 }

+.login_first {
+  display: none;
+}
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -80,7 +80,7 @@ class ApplicationController < ActionController::Base
  end

  def layout_by_resource
-    if devise_controller? && !(params[:controller] == 'devise/registrations' && ['edit', 'update'].include?(params[:action]))
+    if devise_controller?
      "sessions"
    else
      "application"
--- a/app/controllers/users/registrations_controller.rb
+++ b/app/controllers/users/registrations_controller.rb
@ -0,0 +1,14 @@
+class Users::RegistrationsController < Devise::RegistrationsController
+  # POST /resource
+  def create
+    # Try stop bots
+    if params[:user].blank? || "#{params[:user][:login]}#{params[:user][:password]}#{params[:recaptcha_response_field]}".present?
+      respond_with(resource, :location => after_inactive_sign_up_path_for(resource))
+      return
+    else
+      params[:user][:password] = params[:user].delete(:pazsword)
+    end
+
+    super
+  end
+end
--- a/app/views/devise/registrations/edit.html.haml
+++ b/app/views/devise/registrations/edit.html.haml
@ -1,12 +0,0 @@
-%h3.fix.bpadding10= @user.uname
-
-= form_for(resource, :as => resource_name, :url => registration_path(resource_name), :html => { :method => :put, :class => "form" }) do |f|
-  = render "users/form", :f => f
-
-.notify
-  %p= t('layout.users.public_data_edit_warning')
-
-:javascript
-  $('article .right').addClass('middlepadding');
-
- content_for :sidebar, render('users/sidebar')
--- a/app/views/devise/registrations/new.html.haml
+++ b/app/views/devise/registrations/new.html.haml
@ -7,9 +7,12 @@
  %article
    = form_for(resource, :as => resource_name, :url => registration_path(resource_name), :html => { :class => "form" }) do |f|
      = hidden_field_tag :invitation_token, @invitation_token
+      .right.first.login_first
+        = f.text_field :login, :id => 'login'
+        = f.password_field :password, :id => 'password'
      .left.first=t('activerecord.attributes.user.uname')
      .right.first
-        = f.text_field :uname, :id => 'login', :class => "registartion-input #{uname_error ? 'registartion-input-error' : ''}"
+        = f.text_field :uname, :id => 'uname', :class => "registartion-input #{uname_error ? 'registartion-input-error' : ''}"
      .both
      .left=t('activerecord.attributes.user.name')
      .right
@ -17,15 +20,14 @@
      .both
      .left=t('activerecord.attributes.user.email')
      .right
-        - klass = "registartion-input #{email_error ? 'registartion-input-error' : ''}"
        - if APP_CONFIG['preregistration']
-          = f.text_field :email, :id => 'email', :readonly => 'readonly',  :class => klass
+          = f.text_field :email, :id => 'email', :readonly => 'readonly',  :class => "registartion-input #{email_error ? 'registartion-input-error' : ''}"
        - else
-          = f.text_field :email, :id => 'email', :class => 'registartion-input',  :class => klass
+          = f.text_field :email, :id => 'email', :class => 'registartion-input'
      .both
      .left=t('activerecord.attributes.user.password')
      .right
-        = f.password_field :password, :id => 'password',  :class => "registartion-input #{password_error ? 'registartion-input-error' : ''}"
+        = f.password_field :password, :name => 'user[pazsword]', :id => 'pazsword',  :class => "registartion-input #{password_error ? 'registartion-input-error' : ''}"
      .both
      .left=t('activerecord.attributes.user.password_confirm')
      .right
@ -34,10 +36,12 @@
      .in
        =f.submit t("layout.devise.shared_links.sign_up"), :class => 'button', :id => 'btnLogin'
      .both
+      = hidden_field_tag :recaptcha_challenge_field
+      = hidden_field_tag :recaptcha_response_field, 'manual_challenge'
    = render 'devise/shared/providers'

-  =showDeviseHintError(:login, uname_error)
+  =showDeviseHintError(:uname, uname_error)
  =showDeviseHintError(:name, name_error)
  =showDeviseHintError(:email, email_error)
-  =showDeviseHintError(:password, password_error)
+  =showDeviseHintError(:pazsword, password_error)

--- a/config/application.rb
+++ b/config/application.rb
@ -52,7 +52,7 @@ module Rosa
    config.encoding = "utf-8"

    # Configure sensitive parameters which will be filtered from the log file.
-    config.filter_parameters += [:password, :secret, :authentication_token]
+    config.filter_parameters += [:password, :secret, :authentication_token, :pazsword]

    # Enable the asset pipeline
    config.assets.enabled = true
--- a/config/routes.rb
+++ b/config/routes.rb
@ -8,7 +8,10 @@ Rosa::Application.routes.draw do
  devise_scope :users do
    get '/users/auth/:provider' => 'users/omniauth_callbacks#passthru'
  end
-  devise_for :users, :controllers => {:omniauth_callbacks => 'users/omniauth_callbacks'}
+  devise_for :users, :controllers => {:omniauth_callbacks => 'users/omniauth_callbacks'}, :skip => [:registrations] do
+    get 'users/sign_up' => 'users/registrations#new',    :as => :new_user_registration
+    post 'users'        => 'users/registrations#create', :as => :user_registration
+  end

  namespace :api do
    namespace :v1 do