From c151e59e414d39c8d9e25be154e4147c9c0b4747 Mon Sep 17 00:00:00 2001 From: Edilio Daciel Escalona Almira Date: Mon, 2 Dec 2024 16:36:06 -0500 Subject: [PATCH 1/5] [ADD] website_recaptcha_v2_login: Add reCAPTCHA v2 to the login form on the website --- .../odoo/addons/website_recaptcha_v2_login | 1 + setup/website_recaptcha_v2_login/setup.py | 6 ++ website_recaptcha_v2_login/README.rst | 91 ++++++++++++++++++ website_recaptcha_v2_login/__init__.py | 2 + website_recaptcha_v2_login/__manifest__.py | 17 ++++ .../controllers/__init__.py | 1 + .../controllers/main.py | 39 ++++++++ website_recaptcha_v2_login/i18n/es.po | 28 ++++++ website_recaptcha_v2_login/models/__init__.py | 1 + website_recaptcha_v2_login/models/website.py | 21 ++++ .../static/description/recaptcha_ico.png | Bin 0 -> 2228 bytes .../views/webclient_templates.xml | 8 ++ 12 files changed, 215 insertions(+) create mode 120000 setup/website_recaptcha_v2_login/odoo/addons/website_recaptcha_v2_login create mode 100644 setup/website_recaptcha_v2_login/setup.py create mode 100644 website_recaptcha_v2_login/README.rst create mode 100644 website_recaptcha_v2_login/__init__.py create mode 100644 website_recaptcha_v2_login/__manifest__.py create mode 100644 website_recaptcha_v2_login/controllers/__init__.py create mode 100644 website_recaptcha_v2_login/controllers/main.py create mode 100644 website_recaptcha_v2_login/i18n/es.po create mode 100644 website_recaptcha_v2_login/models/__init__.py create mode 100644 website_recaptcha_v2_login/models/website.py create mode 100644 website_recaptcha_v2_login/static/description/recaptcha_ico.png create mode 100644 website_recaptcha_v2_login/views/webclient_templates.xml diff --git a/setup/website_recaptcha_v2_login/odoo/addons/website_recaptcha_v2_login b/setup/website_recaptcha_v2_login/odoo/addons/website_recaptcha_v2_login new file mode 120000 index 0000000000..4d1d8ca05d --- /dev/null +++ b/setup/website_recaptcha_v2_login/odoo/addons/website_recaptcha_v2_login @@ -0,0 +1 @@ +../../../../website_recaptcha_v2_login \ No newline at end of file diff --git a/setup/website_recaptcha_v2_login/setup.py b/setup/website_recaptcha_v2_login/setup.py new file mode 100644 index 0000000000..28c57bb640 --- /dev/null +++ b/setup/website_recaptcha_v2_login/setup.py @@ -0,0 +1,6 @@ +import setuptools + +setuptools.setup( + setup_requires=['setuptools-odoo'], + odoo_addon=True, +) diff --git a/website_recaptcha_v2_login/README.rst b/website_recaptcha_v2_login/README.rst new file mode 100644 index 0000000000..31c3b99a1b --- /dev/null +++ b/website_recaptcha_v2_login/README.rst @@ -0,0 +1,91 @@ +==================== +Website reCAPTCHA v2 +==================== + +.. + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + !! This file is generated by oca-gen-addon-readme !! + !! changes will be overwritten. !! + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + !! source digest: sha256:55856dbbdf9c9efc1b9b1ebbb33638a0018eda0d91bd6c8c9e30805aa8f2e5b0 + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + +.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png + :target: https://odoo-community.org/page/development-status + :alt: Beta +.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png + :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html + :alt: License: AGPL-3 +.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fwebsite-lightgray.png?logo=github + :target: https://github.com/OCA/website/tree/16.0/website_recaptcha_v2 + :alt: OCA/website +.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png + :target: https://translation.odoo-community.org/projects/website-16-0/website-16-0-website_recaptcha_v2 + :alt: Translate me on Weblate +.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png + :target: https://runboat.odoo-community.org/builds?repo=OCA/website&target_branch=16.0 + :alt: Try me on Runboat + +|badge1| |badge2| |badge3| |badge4| |badge5| + +This module allows to use reCAPTCHA v2 on website forms. + +It is a helper module that only provides the widget and the validation logic +which can be used by other modules to actually display it on website forms and +check whether the user entry is valid. + +This module originally comes from ``website_recaptcha_reloaded`` from Tech +Receptives, which itself comes from ``website_recaptcha`` from Elico Corp. + +**Table of contents** + +.. contents:: + :local: + +Configuration +============= + +reCAPTCHA is configured in Settings > Website. It can be enabled or disabled +using the checkbox, and the site and secret keys can be defined there when it +is enabled. + +Bug Tracker +=========== + +Bugs are tracked on `GitHub Issues `_. +In case of trouble, please check there if your issue has already been reported. +If you spotted it first, help us to smash it by providing a detailed and welcomed +`feedback `_. + +Do not contact contributors directly about support or help with technical issues. + +Credits +======= + +Authors +~~~~~~~ + +* Binhex + +Contributors +~~~~~~~~~~~~ + + * Edilio Escalona Almira + * `Binhex `_: + +Maintainers +~~~~~~~~~~~ + +This module is maintained by the OCA. + +.. image:: https://odoo-community.org/logo.png + :alt: Odoo Community Association + :target: https://odoo-community.org + +OCA, or the Odoo Community Association, is a nonprofit organization whose +mission is to support the collaborative development of Odoo features and +promote its widespread use. + +This module is part of the `OCA/website `_ project on GitHub. + +You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute. diff --git a/website_recaptcha_v2_login/__init__.py b/website_recaptcha_v2_login/__init__.py new file mode 100644 index 0000000000..f7209b1710 --- /dev/null +++ b/website_recaptcha_v2_login/__init__.py @@ -0,0 +1,2 @@ +from . import models +from . import controllers diff --git a/website_recaptcha_v2_login/__manifest__.py b/website_recaptcha_v2_login/__manifest__.py new file mode 100644 index 0000000000..a35ab15813 --- /dev/null +++ b/website_recaptcha_v2_login/__manifest__.py @@ -0,0 +1,17 @@ +{ + "name": "BINHEX: Website reCAPTCHA v2", + "version": "16.0.1.0.0", + "category": "Website", + "depends": ["web", "website_recaptcha_v2"], + "author": """ + Binhex, + Odoo Community Association (OCA) + """, + "license": "AGPL-3", + "website": "https://github.com/OCA/website", + "summary": "Module to add reCAPTCHA v2 to the login form on the website", + "data": [ + "views/webclient_templates.xml", + ], + "installable": True, +} diff --git a/website_recaptcha_v2_login/controllers/__init__.py b/website_recaptcha_v2_login/controllers/__init__.py new file mode 100644 index 0000000000..12a7e529b6 --- /dev/null +++ b/website_recaptcha_v2_login/controllers/__init__.py @@ -0,0 +1 @@ +from . import main diff --git a/website_recaptcha_v2_login/controllers/main.py b/website_recaptcha_v2_login/controllers/main.py new file mode 100644 index 0000000000..983c2b0aec --- /dev/null +++ b/website_recaptcha_v2_login/controllers/main.py @@ -0,0 +1,39 @@ +import logging + +from odoo import _, http +from odoo.exceptions import AccessDenied +from odoo.http import request + +from odoo.addons.web.controllers.home import SIGN_UP_REQUEST_PARAMS, Home + +logger = logging.getLogger(__name__) + + +class BinhexHome(Home): + @http.route("/web/login", type="http", auth="none") + def web_login(self, redirect=None, **kw): + Website = request.env["website"].sudo() + values = { + k: v for k, v in request.params.items() if k in SIGN_UP_REQUEST_PARAMS + } + if request.httprequest.method == "POST": + request.env["ir.http"]._auth_method_public() + try: + valid = Website.get_current_website().valid_recaptcha(kw) + if valid: + return super().web_login(redirect, **kw) + except AccessDenied as e: + values.update( + { + "error": str( + e.args[0] + if len(e.args) > 0 + else _("Recaptcha is not valid.") + ) + } + ) + response = request.render("web.login", values) + response.headers["X-Frame-Options"] = "SAMEORIGIN" + response.headers["Content-Security-Policy"] = "frame-ancestors 'self'" + return response + return super().web_login(redirect, **kw) diff --git a/website_recaptcha_v2_login/i18n/es.po b/website_recaptcha_v2_login/i18n/es.po new file mode 100644 index 0000000000..ad619481ec --- /dev/null +++ b/website_recaptcha_v2_login/i18n/es.po @@ -0,0 +1,28 @@ +# Translation of Odoo Server. +# This file contains the translation of the following modules: +# * binhex_website_recaptcha_v2 +# +msgid "" +msgstr "" +"Project-Id-Version: Odoo Server 16.0\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2024-12-02 16:23+0000\n" +"PO-Revision-Date: 2024-12-02 16:23+0000\n" +"Last-Translator: \n" +"Language-Team: \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: \n" +"Plural-Forms: \n" + +#. module: binhex_website_recaptcha_v2 +#. odoo-python +#: code:addons/binhex_website_recaptcha_v2/controllers/main.py:0 +#, python-format +msgid "Recaptcha is not valid." +msgstr "Recaptcha no es vĂ¡lido." + +#. module: binhex_website_recaptcha_v2 +#: model:ir.model,name:binhex_website_recaptcha_v2.model_website +msgid "Website" +msgstr "Sitio web" diff --git a/website_recaptcha_v2_login/models/__init__.py b/website_recaptcha_v2_login/models/__init__.py new file mode 100644 index 0000000000..bd190fa80b --- /dev/null +++ b/website_recaptcha_v2_login/models/__init__.py @@ -0,0 +1 @@ +from . import website diff --git a/website_recaptcha_v2_login/models/website.py b/website_recaptcha_v2_login/models/website.py new file mode 100644 index 0000000000..38ad45c51c --- /dev/null +++ b/website_recaptcha_v2_login/models/website.py @@ -0,0 +1,21 @@ +from odoo import models +from odoo.exceptions import AccessDenied + + +class Website(models.Model): + _inherit = "website" + + # -------------------------------------------------- + # METHODS + # -------------------------------------------------- + """ + Validating that the recaptcha sent is correct + @params: + kw: Data sent from the form + """ + + def valid_recaptcha(self, kw): + valid, message = self.is_recaptcha_v2_valid(kw) + if not valid: + raise AccessDenied(message) + return True diff --git a/website_recaptcha_v2_login/static/description/recaptcha_ico.png b/website_recaptcha_v2_login/static/description/recaptcha_ico.png new file mode 100644 index 0000000000000000000000000000000000000000..65f4e0147fd40aca822db867dee902794e30db33 GIT binary patch literal 2228 zcmV;l2ut^gP)004R>004l5008;`004mK004C`008P>0026e000+ooVrmw00006 zVoOIv00000008+zyMF)x010qNS#tmY3ljhU3ljkVnw%H_00T1qZoK+t#nD+} z6P+$96in@nLDI6u_g+?MtV}(pYrij#{$=R%pmiFgrN9DM6M857q z!IJRsRBhu2fACbGlqsM=0)0fXW{i+C1Xil2?a9zjzPb5@k#t|Th+U$1-+OPf;oT9~ z@G1xt_5gT4Ay*F*$!epMK%xpqJw;@eSVpU=nwGhc5Y^X@O57DiKMD~qU7DdkaN`D7 z?Yk0427zQXB_LNpE2zz!0tu=qGIEXWE8W(iCvj^y@#yt0NK@8Zthn2`b%=j@@ST@X z7b^F#|C24CK>~dM{u%@cj1x&9;ZXYwffWT)&>GW(vV6Rf1u4?$wo6kqrjxPCNdnHL z?!fz3w*U1&xvQ?jQ~PrQ{c{2uBw&D8IpOKZ@}~$z*?0{-z;(JRX-c8#6oSVBp|0Tl zo@@QMh7aDI+9$h^njxTJ3K)r%Dl4Y|f~TV>8{V3eQx=+BXqt)3qu{YXm=OHp?XSG0 z;_LIS;JF2cNr5Ew1SOy{fq)4FY`g;T0F2II+_B8``PcbPB_l zI0>Af1XM;0Zvt=>E3ZI224}*@=Gp`W#1$={O}d2d5bip(K#Jxl!1v7ws0^e)qJw}L zz^y(J5IwtZW^EZ)O?v^40%hg~EQ!!W%W}5K(yF@?lmmAX9R$o&3QPcRbAtC&KvH(( z);pep>kfZ8tKRp~H8wmJcpT3d5s({!6dB;3(SPT)Q3=5tRkkhNA){!QrW@m)?DghGz({pYBLxX;4_i zlX2PIpD+bv@Hals1hLxT-4aMrC_?pZU;jr4*a5!n?sw6$)djeq#rCxmNaWZ3@%I7( z_Nf|u7ap0Yh*O-HrQs<76pLMg-F>(OM8&&@GfD-3*#kAR;!q=8w+w?gE&xNqS0M?# zumJh6Oh`zJUYR%eAsappMM+7p;bRoe0)ERHbm;Rt0RaIro&^<_ zShgy^;e$(PG06A4DKGzdXj;+O3=J>Kx8Rzm;89}9zc!ZwlA@+hMrpv3wtG~Le8ZXS zpN(|knMEYD6c1dwJQkJB_5G$zI{^N~DIs{&3b9Hn8Bzkna|r}#58nI`!Re2DP3T+i zQfc{;jE=fChL7ijhvcGjeu3ciuiXAh2hh61|00SH{e#e< z9K6MusKm55R^NB~C8@mJ86M63Z1}i57JRN1!09*(gz8)V`9OF0HU-)IIidaS4MKb1 zI-z~}Q!+)2!0#X9*?kavCCtfrCMa$F@acs7ahNhuCLjhvriA1gi1^$IkU%j2G&+YU zCWttNflO=;l^6(nIURQS@@2x4T)K40DMq95-I9_Lp%)D_9-e??K+yAJtrtPptw!D6 zLEyrL3xu~hfBrl%Ffed6BqT)6GiaIPLV|BTp9Hd7I?P*el-}OnKTD<33>P!gf*xU> z05gN(e}v%|FM32r7#EzY0Q@zvSp3N0y%HE38@mbcnLdCQRaaL_=iBu>7C3qGB8&~?O-{|sd^0jO*4@?BrQEY;Pn29Pm!P1} z-QC^F(b3VPr%#{0#|6%osH>}6<%xt(1eifBb@AdwGU(hDG>?SaW5VYG-as>R=FAxw zU#C!aN_J0J8e$zri3&Gdd*Pp^%l30Wbh}pDxb2aqG?-vpr#bU91UsPPY z3)g(0yHEK5IO6dZh=}JUBq};OT6OH$vG>u97NXWWIy(LY_fW&Vmg9T6y+q;LL2!8d zL(ps>*J`!fp}T$NjR+TbUtizfluG4`sBC->|Akt1)8ir%lA4{Jy{)yi^$oMx{9jMO zZ8qEemX?+`GBba?4V8s=u>&90dxalXd$;&k(c*8OnJvUJ3Ft8jEwxIkl^3=4EldJL-i{tl@l)j0000 + + + From a3d27a4885171dcebaf00e7d46696718755baa08 Mon Sep 17 00:00:00 2001 From: Edilio Daciel Escalona Almira Date: Mon, 2 Dec 2024 16:43:38 -0500 Subject: [PATCH 2/5] [DON'T MERGE] test-requirements.txt [IMP] Renaming module name [IMP] Readme [IMP] Tests [IMP] Tests [ADD] Tests [ADD]Tests [IMP] Enable recaptcha by default [IMP] Do not enable recaptcha by default [IMP] pre-commit --- test-requirements.txt | 1 + website_recaptcha_v2_login/README.rst | 10 +----- website_recaptcha_v2_login/__manifest__.py | 2 +- website_recaptcha_v2_login/tests/__init__.py | 1 + .../tests/test_recaptcha.py | 34 +++++++++++++++++++ 5 files changed, 38 insertions(+), 10 deletions(-) create mode 100644 test-requirements.txt create mode 100644 website_recaptcha_v2_login/tests/__init__.py create mode 100644 website_recaptcha_v2_login/tests/test_recaptcha.py diff --git a/test-requirements.txt b/test-requirements.txt new file mode 100644 index 0000000000..b7f1dd1f36 --- /dev/null +++ b/test-requirements.txt @@ -0,0 +1 @@ +odoo-addon-website_recaptcha_v2 @ git+https://github.com/OCA/website.git@refs/pull/1032/head#subdirectory=setup/website_recaptcha_v2 diff --git a/website_recaptcha_v2_login/README.rst b/website_recaptcha_v2_login/README.rst index 31c3b99a1b..ac2d92592c 100644 --- a/website_recaptcha_v2_login/README.rst +++ b/website_recaptcha_v2_login/README.rst @@ -28,14 +28,7 @@ Website reCAPTCHA v2 |badge1| |badge2| |badge3| |badge4| |badge5| -This module allows to use reCAPTCHA v2 on website forms. - -It is a helper module that only provides the widget and the validation logic -which can be used by other modules to actually display it on website forms and -check whether the user entry is valid. - -This module originally comes from ``website_recaptcha_reloaded`` from Tech -Receptives, which itself comes from ``website_recaptcha`` from Elico Corp. +This module allows you to use reCAPTCHA v2 in the login form. **Table of contents** @@ -70,7 +63,6 @@ Authors Contributors ~~~~~~~~~~~~ - * Edilio Escalona Almira * `Binhex `_: Maintainers diff --git a/website_recaptcha_v2_login/__manifest__.py b/website_recaptcha_v2_login/__manifest__.py index a35ab15813..d70fd98c18 100644 --- a/website_recaptcha_v2_login/__manifest__.py +++ b/website_recaptcha_v2_login/__manifest__.py @@ -1,5 +1,5 @@ { - "name": "BINHEX: Website reCAPTCHA v2", + "name": "Website reCAPTCHA v2 login", "version": "16.0.1.0.0", "category": "Website", "depends": ["web", "website_recaptcha_v2"], diff --git a/website_recaptcha_v2_login/tests/__init__.py b/website_recaptcha_v2_login/tests/__init__.py new file mode 100644 index 0000000000..200fa17210 --- /dev/null +++ b/website_recaptcha_v2_login/tests/__init__.py @@ -0,0 +1 @@ +from . import test_recaptcha diff --git a/website_recaptcha_v2_login/tests/test_recaptcha.py b/website_recaptcha_v2_login/tests/test_recaptcha.py new file mode 100644 index 0000000000..4ee5327519 --- /dev/null +++ b/website_recaptcha_v2_login/tests/test_recaptcha.py @@ -0,0 +1,34 @@ +from unittest import mock + +from odoo.exceptions import AccessDenied +from odoo.tests import common + +imp_requests = "odoo.addons.website_recaptcha_v2.models.website.requests" + + +class TestModule(common.TransactionCase): + @classmethod + def setUpClass(cls): + super().setUpClass() + cls.website = cls.env.ref("website.default_website") + cls.website.write( + { + "recaptcha_v2_enabled": True, + "recaptcha_v2_site_key": "test-site", + "recaptcha_v2_secret_key": "test-secret", + } + ) + + @mock.patch(imp_requests) + def test_captcha_valid(self, requests_mock): + requests_mock.post().json.return_value = {"success": True} + result = self.website.valid_recaptcha( + {"g-recaptcha-response": "dummy_response"} + ) + self.assertTrue(result) + + @mock.patch(imp_requests) + def test_captcha_not_valid(self, requests_mock): + requests_mock.post().json.return_value = {"success": False} + with self.assertRaises(AccessDenied): + self.website.valid_recaptcha({"g-recaptcha-response": ""}) From 4cd9a26c6c07ea44ccd9eba61696540af1f629a0 Mon Sep 17 00:00:00 2001 From: edescalona Date: Tue, 3 Dec 2024 17:44:11 -0500 Subject: [PATCH 3/5] [IMP] rename module website_recaptcha_v2_login to website_recaptcha_v2_form --- .../README.rst | 0 .../__init__.py | 0 .../__manifest__.py | 0 .../controllers/__init__.py | 0 .../controllers/main.py | 0 .../i18n/es.po | 0 .../models/__init__.py | 0 .../models/website.py | 0 .../static/description/recaptcha_ico.png | Bin .../tests/__init__.py | 0 .../tests/test_recaptcha.py | 0 .../views/webclient_templates.xml | 0 12 files changed, 0 insertions(+), 0 deletions(-) rename {website_recaptcha_v2_login => website_recaptcha_v2_form}/README.rst (100%) rename {website_recaptcha_v2_login => website_recaptcha_v2_form}/__init__.py (100%) rename {website_recaptcha_v2_login => website_recaptcha_v2_form}/__manifest__.py (100%) rename {website_recaptcha_v2_login => website_recaptcha_v2_form}/controllers/__init__.py (100%) rename {website_recaptcha_v2_login => website_recaptcha_v2_form}/controllers/main.py (100%) rename {website_recaptcha_v2_login => website_recaptcha_v2_form}/i18n/es.po (100%) rename {website_recaptcha_v2_login => website_recaptcha_v2_form}/models/__init__.py (100%) rename {website_recaptcha_v2_login => website_recaptcha_v2_form}/models/website.py (100%) rename {website_recaptcha_v2_login => website_recaptcha_v2_form}/static/description/recaptcha_ico.png (100%) rename {website_recaptcha_v2_login => website_recaptcha_v2_form}/tests/__init__.py (100%) rename {website_recaptcha_v2_login => website_recaptcha_v2_form}/tests/test_recaptcha.py (100%) rename {website_recaptcha_v2_login => website_recaptcha_v2_form}/views/webclient_templates.xml (100%) diff --git a/website_recaptcha_v2_login/README.rst b/website_recaptcha_v2_form/README.rst similarity index 100% rename from website_recaptcha_v2_login/README.rst rename to website_recaptcha_v2_form/README.rst diff --git a/website_recaptcha_v2_login/__init__.py b/website_recaptcha_v2_form/__init__.py similarity index 100% rename from website_recaptcha_v2_login/__init__.py rename to website_recaptcha_v2_form/__init__.py diff --git a/website_recaptcha_v2_login/__manifest__.py b/website_recaptcha_v2_form/__manifest__.py similarity index 100% rename from website_recaptcha_v2_login/__manifest__.py rename to website_recaptcha_v2_form/__manifest__.py diff --git a/website_recaptcha_v2_login/controllers/__init__.py b/website_recaptcha_v2_form/controllers/__init__.py similarity index 100% rename from website_recaptcha_v2_login/controllers/__init__.py rename to website_recaptcha_v2_form/controllers/__init__.py diff --git a/website_recaptcha_v2_login/controllers/main.py b/website_recaptcha_v2_form/controllers/main.py similarity index 100% rename from website_recaptcha_v2_login/controllers/main.py rename to website_recaptcha_v2_form/controllers/main.py diff --git a/website_recaptcha_v2_login/i18n/es.po b/website_recaptcha_v2_form/i18n/es.po similarity index 100% rename from website_recaptcha_v2_login/i18n/es.po rename to website_recaptcha_v2_form/i18n/es.po diff --git a/website_recaptcha_v2_login/models/__init__.py b/website_recaptcha_v2_form/models/__init__.py similarity index 100% rename from website_recaptcha_v2_login/models/__init__.py rename to website_recaptcha_v2_form/models/__init__.py diff --git a/website_recaptcha_v2_login/models/website.py b/website_recaptcha_v2_form/models/website.py similarity index 100% rename from website_recaptcha_v2_login/models/website.py rename to website_recaptcha_v2_form/models/website.py diff --git a/website_recaptcha_v2_login/static/description/recaptcha_ico.png b/website_recaptcha_v2_form/static/description/recaptcha_ico.png similarity index 100% rename from website_recaptcha_v2_login/static/description/recaptcha_ico.png rename to website_recaptcha_v2_form/static/description/recaptcha_ico.png diff --git a/website_recaptcha_v2_login/tests/__init__.py b/website_recaptcha_v2_form/tests/__init__.py similarity index 100% rename from website_recaptcha_v2_login/tests/__init__.py rename to website_recaptcha_v2_form/tests/__init__.py diff --git a/website_recaptcha_v2_login/tests/test_recaptcha.py b/website_recaptcha_v2_form/tests/test_recaptcha.py similarity index 100% rename from website_recaptcha_v2_login/tests/test_recaptcha.py rename to website_recaptcha_v2_form/tests/test_recaptcha.py diff --git a/website_recaptcha_v2_login/views/webclient_templates.xml b/website_recaptcha_v2_form/views/webclient_templates.xml similarity index 100% rename from website_recaptcha_v2_login/views/webclient_templates.xml rename to website_recaptcha_v2_form/views/webclient_templates.xml From b234960032cc760591c727d2c9f3a678abfdaa80 Mon Sep 17 00:00:00 2001 From: edescalona Date: Thu, 5 Dec 2024 09:50:50 -0500 Subject: [PATCH 4/5] [IMP] Adding recaptcha validation in login, password reset and signup views --- .../views/auth_signup_login_templates.xml | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 website_recaptcha_v2_form/views/auth_signup_login_templates.xml diff --git a/website_recaptcha_v2_form/views/auth_signup_login_templates.xml b/website_recaptcha_v2_form/views/auth_signup_login_templates.xml new file mode 100644 index 0000000000..ec30d2926c --- /dev/null +++ b/website_recaptcha_v2_form/views/auth_signup_login_templates.xml @@ -0,0 +1,8 @@ + + + + From 5425df37eea12d3d0481ebfcf4b3937e53294d41 Mon Sep 17 00:00:00 2001 From: edescalona Date: Thu, 5 Dec 2024 21:13:46 -0500 Subject: [PATCH 5/5] [IMP] Adding recaptcha validation in login, password reset , signup, widget form website --- .../odoo/addons/website_recaptcha_v2_form | 1 + .../setup.py | 0 .../odoo/addons/website_recaptcha_v2_login | 1 - website_recaptcha_v2_form/__manifest__.py | 15 +++- website_recaptcha_v2_form/controllers/main.py | 86 ++++++++++++++----- website_recaptcha_v2_form/models/website.py | 10 ++- .../static/src/css/recaptcha.css | 5 ++ .../static/src/css/recaptcha.css.map | 1 + .../static/src/scss/recaptcha.scss | 5 ++ .../src/snippets/s_website_form/options.js | 44 ++++++++++ .../static/src/xml/website_form_editor.xml | 11 +++ .../views/auth_signup_login_templates.xml | 8 +- .../views/s_website_form.xml | 16 ++++ 13 files changed, 174 insertions(+), 29 deletions(-) create mode 120000 setup/website_recaptcha_v2_form/odoo/addons/website_recaptcha_v2_form rename setup/{website_recaptcha_v2_login => website_recaptcha_v2_form}/setup.py (100%) delete mode 120000 setup/website_recaptcha_v2_login/odoo/addons/website_recaptcha_v2_login create mode 100644 website_recaptcha_v2_form/static/src/css/recaptcha.css create mode 100644 website_recaptcha_v2_form/static/src/css/recaptcha.css.map create mode 100644 website_recaptcha_v2_form/static/src/scss/recaptcha.scss create mode 100644 website_recaptcha_v2_form/static/src/snippets/s_website_form/options.js create mode 100644 website_recaptcha_v2_form/static/src/xml/website_form_editor.xml create mode 100644 website_recaptcha_v2_form/views/s_website_form.xml diff --git a/setup/website_recaptcha_v2_form/odoo/addons/website_recaptcha_v2_form b/setup/website_recaptcha_v2_form/odoo/addons/website_recaptcha_v2_form new file mode 120000 index 0000000000..c5585f7f8b --- /dev/null +++ b/setup/website_recaptcha_v2_form/odoo/addons/website_recaptcha_v2_form @@ -0,0 +1 @@ +../../../../website_recaptcha_v2_form \ No newline at end of file diff --git a/setup/website_recaptcha_v2_login/setup.py b/setup/website_recaptcha_v2_form/setup.py similarity index 100% rename from setup/website_recaptcha_v2_login/setup.py rename to setup/website_recaptcha_v2_form/setup.py diff --git a/setup/website_recaptcha_v2_login/odoo/addons/website_recaptcha_v2_login b/setup/website_recaptcha_v2_login/odoo/addons/website_recaptcha_v2_login deleted file mode 120000 index 4d1d8ca05d..0000000000 --- a/setup/website_recaptcha_v2_login/odoo/addons/website_recaptcha_v2_login +++ /dev/null @@ -1 +0,0 @@ -../../../../website_recaptcha_v2_login \ No newline at end of file diff --git a/website_recaptcha_v2_form/__manifest__.py b/website_recaptcha_v2_form/__manifest__.py index d70fd98c18..59cc3172eb 100644 --- a/website_recaptcha_v2_form/__manifest__.py +++ b/website_recaptcha_v2_form/__manifest__.py @@ -1,8 +1,8 @@ { - "name": "Website reCAPTCHA v2 login", + "name": "Website reCAPTCHA v2 form", "version": "16.0.1.0.0", "category": "Website", - "depends": ["web", "website_recaptcha_v2"], + "depends": ["web", "auth_signup", "website", "website_recaptcha_v2"], "author": """ Binhex, Odoo Community Association (OCA) @@ -12,6 +12,17 @@ "summary": "Module to add reCAPTCHA v2 to the login form on the website", "data": [ "views/webclient_templates.xml", + "views/auth_signup_login_templates.xml", + "views/s_website_form.xml", ], + "assets": { + "website.assets_wysiwyg": [ + "website_recaptcha_v2_form/static/src/xml/website_form_editor.xml", + "website_recaptcha_v2_form/static/src/snippets/s_website_form/options.js", + ], + "web.assets_frontend": [ + "website_recaptcha_v2_form/static/src/css/recaptcha.css", + ], + }, "installable": True, } diff --git a/website_recaptcha_v2_form/controllers/main.py b/website_recaptcha_v2_form/controllers/main.py index 983c2b0aec..23f6e7e9fd 100644 --- a/website_recaptcha_v2_form/controllers/main.py +++ b/website_recaptcha_v2_form/controllers/main.py @@ -4,36 +4,78 @@ from odoo.exceptions import AccessDenied from odoo.http import request +from odoo.addons.auth_signup.controllers.main import AuthSignupHome from odoo.addons.web.controllers.home import SIGN_UP_REQUEST_PARAMS, Home logger = logging.getLogger(__name__) +SIGN_UP_REQUEST_PARAMS.add("g-recaptcha-response") + class BinhexHome(Home): + def verify_recaptcha_v2(self, args=None, kw=None, template="", values=None): + Website = request.env["website"].sudo() + try: + request.env["ir.http"]._auth_method_public() + valid = Website.get_current_website().valid_recaptcha(values) + if valid: + if template == "web.login": + return super().web_login(values.get("redirect", ""), **kw) + if template in ("auth_signup.reset_password", "auth_signup.signup"): + return True + except AccessDenied as e: + values.update( + { + "error": str( + e.args[0] if len(e.args) > 0 else _("Recaptcha is not valid.") + ) + } + ) + response = request.render(template, values) + response.headers["X-Frame-Options"] = "SAMEORIGIN" + response.headers["Content-Security-Policy"] = "frame-ancestors 'self'" + return response + @http.route("/web/login", type="http", auth="none") def web_login(self, redirect=None, **kw): - Website = request.env["website"].sudo() - values = { - k: v for k, v in request.params.items() if k in SIGN_UP_REQUEST_PARAMS - } if request.httprequest.method == "POST": - request.env["ir.http"]._auth_method_public() - try: - valid = Website.get_current_website().valid_recaptcha(kw) - if valid: - return super().web_login(redirect, **kw) - except AccessDenied as e: - values.update( - { - "error": str( - e.args[0] - if len(e.args) > 0 - else _("Recaptcha is not valid.") - ) - } + values = { + k: v for k, v in request.params.items() if k in SIGN_UP_REQUEST_PARAMS + } + # Checking that if the request comes from the creation of the account, + # that the recaptcha is not checked again to avoid errors. + + if ( + values.get("confirm_password", "") == "" + and request.httprequest.url.find("web/signup") == -1 + ): + return self.verify_recaptcha_v2( + kw=kw, template="web.login", values=values ) - response = request.render("web.login", values) - response.headers["X-Frame-Options"] = "SAMEORIGIN" - response.headers["Content-Security-Policy"] = "frame-ancestors 'self'" - return response return super().web_login(redirect, **kw) + + +class BinhexAuthSignupHome(AuthSignupHome): + @http.route( + "/web/reset_password", type="http", auth="public", website=True, sitemap=False + ) + def web_auth_reset_password(self, *args, **kw): + qcontext = self.get_auth_signup_qcontext() + if request.httprequest.method == "POST": + valid = self.verify_recaptcha_v2( + kw=kw, template="auth_signup.reset_password", values=qcontext, args=args + ) + if not isinstance(valid, bool): + return valid + return super().web_auth_reset_password(*args, **kw) + + @http.route("/web/signup", type="http", auth="public", website=True, sitemap=False) + def web_auth_signup(self, *args, **kw): + qcontext = self.get_auth_signup_qcontext() + if request.httprequest.method == "POST": + valid = self.verify_recaptcha_v2( + kw=kw, template="auth_signup.signup", values=qcontext, args=args + ) + if not isinstance(valid, bool): + return valid + return super().web_auth_signup(*args, **kw) diff --git a/website_recaptcha_v2_form/models/website.py b/website_recaptcha_v2_form/models/website.py index 38ad45c51c..3920285635 100644 --- a/website_recaptcha_v2_form/models/website.py +++ b/website_recaptcha_v2_form/models/website.py @@ -1,4 +1,4 @@ -from odoo import models +from odoo import api, models from odoo.exceptions import AccessDenied @@ -14,8 +14,12 @@ class Website(models.Model): kw: Data sent from the form """ - def valid_recaptcha(self, kw): - valid, message = self.is_recaptcha_v2_valid(kw) + def valid_recaptcha(self, values): + valid, message = self.is_recaptcha_v2_valid(values) if not valid: raise AccessDenied(message) return True + + @api.model + def get_recaptcha_v2_site_key(self): + return self.sudo().get_current_website().recaptcha_v2_site_key diff --git a/website_recaptcha_v2_form/static/src/css/recaptcha.css b/website_recaptcha_v2_form/static/src/css/recaptcha.css new file mode 100644 index 0000000000..8a6bfd26f2 --- /dev/null +++ b/website_recaptcha_v2_form/static/src/css/recaptcha.css @@ -0,0 +1,5 @@ +div.s_website_form_recaptcha_v2 > div.g-recaptcha { + margin-left: 18% !important; +} + +/*# sourceMappingURL=recaptcha.css.map */ diff --git a/website_recaptcha_v2_form/static/src/css/recaptcha.css.map b/website_recaptcha_v2_form/static/src/css/recaptcha.css.map new file mode 100644 index 0000000000..86d6983513 --- /dev/null +++ b/website_recaptcha_v2_form/static/src/css/recaptcha.css.map @@ -0,0 +1 @@ +{"version":3,"sourceRoot":"","sources":["../scss/recaptcha.scss"],"names":[],"mappings":"AACI;EACI","file":"recaptcha.css"} \ No newline at end of file diff --git a/website_recaptcha_v2_form/static/src/scss/recaptcha.scss b/website_recaptcha_v2_form/static/src/scss/recaptcha.scss new file mode 100644 index 0000000000..918be7fe04 --- /dev/null +++ b/website_recaptcha_v2_form/static/src/scss/recaptcha.scss @@ -0,0 +1,5 @@ +div.s_website_form_recaptcha_v2 { + > div.g-recaptcha { + margin-left: 18% !important; + } +} diff --git a/website_recaptcha_v2_form/static/src/snippets/s_website_form/options.js b/website_recaptcha_v2_form/static/src/snippets/s_website_form/options.js new file mode 100644 index 0000000000..045c59efeb --- /dev/null +++ b/website_recaptcha_v2_form/static/src/snippets/s_website_form/options.js @@ -0,0 +1,44 @@ +odoo.define("website_recaptcha_v2_form.form_editor", function (require) { + "use strict"; + + var options = require("web_editor.snippets.options"); + const core = require("web.core"); + const rpc = require("web.rpc"); + const qweb = core.qweb; + require("website.form_editor"); + + options.registry.WebsiteFormEditor.include({ + willStart: async function () { + var res = this._super(...arguments); + this.recaptcha_site_key = await rpc.query({ + model: "website", + method: "get_recaptcha_v2_site_key", + }); + return res; + }, + toggleRecaptchaV2: async function () { + const recaptchaV2 = this.$target[0].querySelector( + ".s_website_form_recaptcha_v2" + ); + if (recaptchaV2) { + recaptchaV2.remove(); + } else { + const legal = qweb.render("website_recaptcha_v2_form.recaptcha_v2", { + recaptcha_site_key: this.recaptcha_site_key, + }); + this.$target.find(".s_website_form_submit").before(legal); + } + }, + _computeWidgetState: function (methodName, params) { + switch (methodName) { + case "toggleRecaptchaV2": + return ( + !this.$target[0].querySelector( + ".s_website_form_recaptcha_v2" + ) || "" + ); + } + return this._super(...arguments); + }, + }); +}); diff --git a/website_recaptcha_v2_form/static/src/xml/website_form_editor.xml b/website_recaptcha_v2_form/static/src/xml/website_form_editor.xml new file mode 100644 index 0000000000..d8b1c7e86e --- /dev/null +++ b/website_recaptcha_v2_form/static/src/xml/website_form_editor.xml @@ -0,0 +1,11 @@ + + + + +
+
+