[REF] base_libre_captcha: fetch values from settings (#79)

* [REF] fetch values from settings

* [ADD] website_librecaptcha

* [REF] feedback and check server validity

Author: gbrito

base_librecaptcha/__manifest__.py

@@ -4,10 +4,15 @@
     "author": "Onestein",
     "website": "https://www.onestein.nl",
     "category": "Tools",
-    "version": "16.0.1.0.0",
+    "version": "16.0.1.1.0",
     "license": "AGPL-3",
     "depends": ["base", "portal"],
     "external_dependencies": {"python": ["requests"]},
-    "data": ["data/ir_config_parameters_data.xml", "templates/captcha.xml"],
+    "data": [
+        "data/ir_cron_data.xml",
+        "templates/captcha.xml",
+        "templates/auth_signup_login_templates.xml",
+        "views/res_config_settings_views.xml",
+    ],
     "assets": {"web.assets_frontend": ["base_librecaptcha/static/src/js/captcha.js"]},
 }

base_librecaptcha/controllers/__init__.py

@@ -1 +1,2 @@
+from . import base
 from . import main

base_librecaptcha/controllers/base.py

@@ -0,0 +1,66 @@
+from odoo import http
+from odoo.exceptions import UserError
+from odoo.http import request
+
+from odoo.addons.auth_signup.controllers.main import AuthSignupHome
+from odoo.addons.web.controllers.home import SIGN_UP_REQUEST_PARAMS
+from odoo.addons.web.controllers.utils import ensure_db
+
+
+class CaptchaAuthSignupHome(AuthSignupHome):
+    def get_auth_signup_config(self):
+        values = super().get_auth_signup_config()
+        values["captcha_enabled"] = request.env["librecaptcha"].is_enabled()
+        return values
+
+    def _prepare_signup_values(self, qcontext):
+        if not qcontext.get("captcha_enabled"):
+            return super()._prepare_signup_values(qcontext)
+
+        request.env["librecaptcha"].answer(
+            request.params.get("captcha_id"),
+            request.params.get("captcha_answer"),
+            raise_exception=True,
+        )
+
+        return super()._prepare_signup_values(qcontext)
+
+    @http.route()
+    def web_login(self, *args, **kw):
+        ensure_db()
+        if request.env.uid is None:
+            if request.session.uid is None:
+                # no user -> auth=public with specific website public user
+                request.env["ir.http"]._auth_method_public()
+            else:
+                # auth=user
+                request.update_env(user=request.session.uid)
+
+        if not request.env["librecaptcha"].is_enabled():
+            return super().web_login(*args, **kw)
+
+        if request.httprequest.method == "POST":
+            if request.session.uid:
+                return super().web_login(*args, **kw)
+            try:
+                request.env["librecaptcha"].answer(
+                    request.params.get("captcha_id"),
+                    request.params.get("captcha_answer"),
+                    raise_exception=True,
+                )
+            except UserError as e:
+                values = {
+                    k: v
+                    for k, v in request.params.items()
+                    if k in SIGN_UP_REQUEST_PARAMS
+                }
+                values["error"] = str(e)
+                values["captcha_enabled"] = True
+
+                response = request.render("web.login", values)
+                response.headers["Cache-Control"] = "no-cache"
+                response.headers["X-Frame-Options"] = "SAMEORIGIN"
+                response.headers["Content-Security-Policy"] = "frame-ancestors 'self'"
+                return response
+
+        return super().web_login(*args, **kw)

base_librecaptcha/controllers/main.py

@@ -14,16 +14,14 @@ def media(self, **kw):
         """Obscure that we're using librecaptcha and what server 🤫
         This we also can keep the lc server unexposed 🤩
         """
-        mimetype = (
-            request.env["ir.config_parameter"]
-            .sudo()
-            .get_param("base_librecaptcha.media", "image/gif")
-        )
         media = request.env["librecaptcha"].media(kw.get("id"))
         if not media:
             return request.not_found()
+        mimetype = request.env["librecaptcha"]._get_config().get("media")
         return _send_file(
-            BytesIO(media), mimetype=mimetype, environ=request.httprequest.environ
+            BytesIO(media),
+            mimetype=mimetype,
+            environ=request.httprequest.environ,
         )
 
     @route("/captcha", type="json", auth="public", methods=["POST"])

base_librecaptcha/data/ir_config_parameters_data.xml

@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="utf-8"?>
+<odoo noupdate="1">
+
+    <record id="ir_cron_libre_captcha_check_server" model="ir.cron">
+        <field name="name">LibreCaptcha: Check valid server</field>
+        <field name="model_id" ref="model_res_company"/>
+        <field name="state">code</field>
+        <field name="code">model._cron_librecaptcha_check_server()</field>
+        <field name="user_id" ref="base.user_root"/>
+        <field name="interval_number">1</field>
+        <field name="interval_type">hours</field>
+        <field name="numbercall">-1</field>
+        <field name="doall" eval="False"/>
+    </record>
+
+</odoo>

base_librecaptcha/data/ir_cron_data.xml

@@ -1 +1,3 @@
 from . import librecaptcha
+from . import res_company
+from . import res_config_settings

base_librecaptcha/models/__init__.py

@@ -1,9 +1,10 @@
+import json
 import logging
 
 import requests
 
-from odoo import _, models
-from odoo.exceptions import ValidationError
+from odoo import _, http, models
+from odoo.exceptions import UserError
 
 _logger = logging.getLogger(__name__)
 
@@ -13,41 +14,36 @@ class LibreCaptcha(models.AbstractModel):
     _description = "LibreCaptcha"
 
     def captcha(self):
-        url = self.env["ir.config_parameter"].sudo().get_param("base_librecaptcha.url")
-        level = (
-            self.env["ir.config_parameter"]
-            .sudo()
-            .get_param("base_librecaptcha.level", "hard")
-        )
-        media = (
-            self.env["ir.config_parameter"]
-            .sudo()
-            .get_param("base_librecaptcha.media", "image/gif")
-        )
+        if not self.is_enabled():
+            return http.request.make_response(
+                data=json.dumps({"error": "Captcha is not enabled"}),
+                status=400,
+            )
+
+        url, level, media, input_type = self._get_config().values()
 
         resp = requests.post(
-            "%s/v2/captcha" % url,
+            f"{url}/v2/captcha",
             json={
                 "level": level,
                 "media": media,
-                "input_type": "text",
+                "input_type": input_type,
                 "size": "350x100",
             },
         )
 
         if resp.ok:
             return resp.json()["id"]
 
-        error = "librecaptcha failed with code %s: %s" % (resp.status_code, resp.text)
+        error = "captcha failed with code %s: %s" % (resp.status_code, resp.text)
         _logger.error(error)
-
         raise Exception(error)
 
     def media(self, captcha_id):
-        url = self.env["ir.config_parameter"].sudo().get_param("base_librecaptcha.url")
+        url = self._get_config().get("url")
 
         resp = requests.get(
-            "%s/v2/media" % url,
+            f"{url}/v2/media",
             params={
                 "id": captcha_id,
             },
@@ -57,25 +53,45 @@ def media(self, captcha_id):
             return resp.content
 
     def answer(self, captcha_id, answer, raise_exception=False):
-        url = self.env["ir.config_parameter"].sudo().get_param("base_librecaptcha.url")
+        url = self._get_config().get("url")
         resp = requests.post(
-            "%s/v2/answer" % url, json={"id": captcha_id, "answer": answer}
+            f"{url}/v2/answer",
+            json={
+                "id": captcha_id,
+                "answer": answer,
+            },
         )
 
         if resp.ok:
             result = resp.json()["result"]
             if raise_exception:
                 if result == "False":
-                    raise ValidationError(_("Captcha incorrect."))
+                    raise UserError(_("Captcha incorrect."))
                 if result == "Expired":
-                    raise ValidationError(_("Captcha Expired."))
+                    raise UserError(_("Captcha Expired."))
             return result
 
         error = "librecaptcha failed with code %s: %s" % (resp.status_code, resp.text)
         _logger.error(error)
         raise Exception(error)
 
     def is_enabled(self):
-        return bool(
-            self.env["ir.config_parameter"].sudo().get_param("base_librecaptcha.url")
-        )
+        record = self._get_config_record()
+        return record.librecaptcha_enabled and record.librecaptcha_valid_server
+
+    def _get_config_record(self):
+        """method to be inherit to change the config record"""
+        return self.env.company
+
+    def _get_config(self):
+        if not self.is_enabled():
+            return {}
+
+        record = self._get_config_record()
+
+        return {
+            "url": record.librecaptcha_url,
+            "level": record.librecaptcha_level,
+            "media": f"image/{record.librecaptcha_media}",
+            "input_type": record.librecaptcha_type,
+        }

base_librecaptcha/models/librecaptcha.py

@@ -0,0 +1,55 @@
+import requests
+
+from odoo import api, fields, models
+
+
+class ResCompany(models.Model):
+    _inherit = "res.company"
+
+    librecaptcha_enabled = fields.Boolean()
+    librecaptcha_url = fields.Char()
+    librecaptcha_level = fields.Selection(
+        [
+            ("easy", "Easy"),
+            ("medium", "Medium"),
+            ("hard", "Hard"),
+        ],
+        default="hard",
+        required=True,
+    )
+    librecaptcha_media = fields.Selection(
+        [
+            ("png", "PNG"),
+            ("gif", "GIF"),
+        ],
+        default="png",
+        required=True,
+    )
+    librecaptcha_type = fields.Selection(
+        [
+            ("text", "Text"),
+        ],
+        default="text",
+        required=True,
+    )
+    librecaptcha_valid_server = fields.Boolean(
+        compute="_compute_librecaptcha_valid_server",
+        store=True,
+    )
+
+    @api.depends("librecaptcha_url")
+    def _compute_librecaptcha_valid_server(self):
+        for record in self:
+            if not record.librecaptcha_url:
+                record.librecaptcha_valid_server = False
+                continue
+
+            try:
+                response = requests.get(record.librecaptcha_url, timeout=2)
+                record.librecaptcha_valid_server = response.status_code == 200
+            except requests.exceptions.ConnectionError:
+                record.librecaptcha_valid_server = False
+
+    @api.model
+    def _cron_librecaptcha_check_server(self):
+        self.search([])._compute_librecaptcha_valid_server()

base_librecaptcha/models/res_company.py

@@ -0,0 +1,29 @@
+from odoo import fields, models
+
+
+class ResConfigSettings(models.TransientModel):
+    _inherit = "res.config.settings"
+
+    librecaptcha_enabled = fields.Boolean(
+        related="company_id.librecaptcha_enabled",
+        readonly=False,
+    )
+    librecaptcha_url = fields.Char(
+        related="company_id.librecaptcha_url",
+        readonly=False,
+    )
+    librecaptcha_level = fields.Selection(
+        related="company_id.librecaptcha_level",
+        readonly=False,
+    )
+    librecaptcha_media = fields.Selection(
+        related="company_id.librecaptcha_media",
+        readonly=False,
+    )
+    librecaptcha_type = fields.Selection(
+        related="company_id.librecaptcha_type",
+        readonly=False,
+    )
+    librecaptcha_valid_server = fields.Boolean(
+        related="company_id.librecaptcha_valid_server",
+    )

base_librecaptcha/models/res_config_settings.py

@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<odoo>
+
+    <template id="librecaptcha_signup" inherit_id="auth_signup.signup">
+        <t t-call="auth_signup.fields" position="after">
+            <div t-if="captcha_enabled" class="form-group mb-3">
+                <t t-call="base_librecaptcha.widget" />
+            </div>
+        </t>
+    </template>
+
+    <template id="librecaptcha_login" inherit_id="web.login">
+        <xpath expr="//input[@name='password']/parent::div" position="after">
+            <div t-if="captcha_enabled" class="form-group mb-3">
+                <t t-call="base_librecaptcha.widget" />
+            </div>
+        </xpath>
+    </template>
+
+</odoo>

base_librecaptcha/templates/auth_signup_login_templates.xml

@@ -1,11 +1,13 @@
-<?xml version="1.0" encoding="UTF-8" ?>
+<?xml version="1.0" encoding="UTF-8"?>
 <odoo>
+
     <template id="widget">
         <div class="js_captcha">
             <label t-attf-for="name or 'captcha_answer'" class="form-label">Are you a robot?</label>
             <input type="hidden" t-att-name="name_id or 'captcha_id'" class="form-control" />
-            <img src="" class="d-none d-block mb-2" />
-            <input type="text" t-att-name="name_answer or 'captcha_answer'" class="form-control" style="width: 350px;" />
+            <img src="" class="d-none d-block mb-2" style="max-width: 100%; height: auto;"/>
+            <input type="text" t-att-name="name_answer or 'captcha_answer'" required="required"  class="form-control" />
         </div>
     </template>
+
 </odoo>