Add a simple honeypot for signups #117

acd96364 · benjaoming · 2173d4bb · acd96364 · acd96364 · acd96364
Commit acd96364 authored Feb 23, 2013 by benjaoming
Hide whitespace changes
Inline Side-by-side

Showing with 46 additions and 4 deletions

README.md
+1 -1

wiki/forms.py
+30 -1

wiki/models/pluginbase.py
+0 -1

wiki/templates/wiki/accounts/signup.html
+9 -1

wiki/views/accounts.py
+6 -0

No files found.
--- a/README.md
+++ b/README.md
@@ -197,6 +197,6 @@ Acknowledgements
 Support
 -------

-This project is already alive and will remain alive, because it's free software and as long as its essential, common interest will keep it alive... we hope :) You're more than welcome to help build benjaoming's economical independency which in turn will be used to create free software.
+This project is already alive and will remain alive, because it's free software and as long as it's essential, common interest will keep it alive... we hope :) You're more than welcome to help build benjaoming's economical independency which in turn will be used to create free software.

 [![Flattr this git repo](http://api.flattr.com/button/flattr-badge-large.png)](https://flattr.com/submit/auto?user_id=benjaoming&url=https://github.com/benjaoming/django-wiki/&title=django-wiki&language=&tags=github&category=software) 
--- a/wiki/forms.py
+++ b/wiki/forms.py
 # -*- coding: utf-8 -*-
+import random
+import string
+
 from datetime import timedelta
 from django.utils import timezone

@@ -79,6 +82,7 @@ class SpamProtectionMixin():
            per_hour = settings.REVISIONS_PER_MINUTES_ANONYMOUS
        check_interval(from_time, per_hour, _('hour'))

+
 class CreateRootForm(forms.Form):
    
    title = forms.CharField(label=_(u'Title'), help_text=_(u'Initial title of the article. May be overridden with revision titles.'))
@@ -205,6 +209,7 @@ class SelectWidgetBootstrap(forms.Select):
            
        js = ("wiki/js/forms.js",)

+
 class TextInputPrepend(forms.TextInput):
    
    def __init__(self, *args, **kwargs):
@@ -392,18 +397,42 @@ class PermissionsForm(PluginSettingsFormMixin, forms.ModelForm):
        fields = ('locked', 'owner_username', 'recursive_owner', 'group', 'recursive_group', 'group_read', 'group_write', 'other_read', 'other_write',
                  'recursive')

+
 class DirFilterForm(forms.Form):
    
    query = forms.CharField(widget=forms.TextInput(attrs={'placeholder': _(u'Filter...'),
                                                          'class': 'search-query'}), required=False)

+
 class SearchForm(forms.Form):
    
    query = forms.CharField(widget=forms.TextInput(attrs={'placeholder': _(u'Search...'),
                                                          'class': 'search-query'}), required=False)
+
+
 class UserCreationForm(UserCreationForm):
    email = forms.EmailField(required=True)
-
+    
+    def __init__(self, *args, **kwargs):
+        super(UserCreationForm, self).__init__(*args, **kwargs)
+        
+        # Add honeypots
+        self.honeypot_fieldnames = "address", "phone"
+        self.honeypot_class = ''.join(random.choice(string.ascii_uppercase + string.digits) for __ in range(10))
+        self.honeypot_jsfunction = 'f'+''.join(random.choice(string.ascii_uppercase + string.digits) for __ in range(10))
+        
+        for fieldname in self.honeypot_fieldnames:
+            self.fields[fieldname] = forms.CharField(
+                widget=forms.TextInput(attrs={'class': self.honeypot_class}),
+                required=False,
+        )
+    
+    def clean(self):
+        cd = self.cleaned_data
+        for fieldname in self.honeypot_fieldnames:
+            if cd[fieldname]: raise forms.ValidationError("Thank you, non-human visitor. Please keep trying to fill in the form.")
+        return cd
+    
    class Meta:
        model = User
        fields = ( "username", "email" )
--- a/wiki/models/pluginbase.py
+++ b/wiki/models/pluginbase.py
@@ -2,7 +2,6 @@
 from django.db import models
 from django.utils.translation import ugettext_lazy as _
 from django.db.models import signals
-from django.core.cache import cache

 from wiki.models.article import BaseRevisionMixin


--- a/wiki/templates/wiki/accounts/signup.html
+++ b/wiki/templates/wiki/accounts/signup.html
 {% extends "wiki/base.html" %}
-{% load i18n wiki_tags %}
+{% load i18n wiki_tags sekizai_tags %}
 {% block pagetitle %}{% trans "Log in" %}{% endblock %}

 {% block wiki_contents %}
@@ -13,4 +13,12 @@
    </button>
 </div>
 </form>
+{% addtoblock "js" %}
+<script type="text/javascript">
+  function {{ honeypot_jsfunction }}() {
+    $('.{{ honeypot_class }}').parent().parent().hide();
+  }
+  $(document).ready({{ honeypot_jsfunction }});
+</script>
+{% endaddtoblock %}
 {% endblock %}
--- a/wiki/views/accounts.py
+++ b/wiki/views/accounts.py
@@ -27,6 +27,12 @@ class Signup(CreateView):
            return redirect(settings.SIGNUP_URL)
        return super(Signup, self).dispatch(request, *args, **kwargs)
    
+    def get_context_data(self, **kwargs):
+        context = CreateView.get_context_data(self, **kwargs)
+        context['honeypot_class'] = context['form'].honeypot_class
+        context['honeypot_jsfunction'] = context['form'].honeypot_jsfunction
+        return context
+    
    def get_success_url(self, *args):
        messages.success(self.request, _(u'You are now sign up... and now you can sign in!'))
        return reverse("wiki:login")