Opened 17 years ago
Last modified 8 years ago
#2707 new enhancement
[patch] Add captcha (ReCaptcha) support for new user registration
| Reported by: | Gerhard Häring | Owned by: | |
|---|---|---|---|
| Priority: | normal | Component: | AccountManagerPlugin |
| Severity: | normal | Keywords: | SPAM captcha prevention register |
| Cc: | Mitar | Trac Release: | 0.11 |
Description
Despite having the AccountManager plugin installed, my Trac was getting spammed.
So I added support for requiring a captcha when registering a new account.
I'm attaching my current code. If you're interested, I can clean it up and add documentation for a better patch :-)
Attachments (3)
Change History (15)
Changed 17 years ago by
| Attachment: | recaptcha_patch.dif added |
|---|
comment:1 Changed 17 years ago by
| Trac Release: | 0.10 → 0.11 |
|---|
This appeared to work very well for me so far, with just some documentation caveats: (1) it's a patch against trunk/ (0.11), not 0.10. And (2), the python recaptcha interface I found (1.0.1) was broken and wouldn't import. To fix that, add "recaptcha" before "recaptcha.client" to the package list in its setup.py. I recommend merging this into trunk.
comment:2 Changed 16 years ago by
works for me too, all you need for this patch working in account-manager is
- apply the patch and install account-manager
- download code part
- extract somewhere and change the import rules like posted above
- install with python setup.py install; bdist_egg wont work ootb; reload apache2
- adapt the config in account-manager
[account-manager] use_recaptcha = true recaptcha_public_key = recaptcha_private_key =
(you need to sign-on at http://recaptcha.net for getting the keys)
hope this helps someone
comment:3 Changed 14 years ago by
| Keywords: | SPAM prevention register added; spam removed |
|---|---|
| Owner: | changed from Matt Good to Steffen Hoffmann |
| Summary: | Patch for adding ReCaptcha support → [patch] Add captcha (ReCaptcha) support for new user registration |
Replying to ghaering:
![...] I'm attaching my current code. If you're interested, I can clean it up and add documentation for a better patch :-)
Thanks for your contribution. Sadly, it turned out to be a victim of missing plugin maintenance here.
Now I've taken over maintainer role, but with the burden of nearly 100 open tickets. As this is improving slightly by constant work on all sort of things, I hope to do more than just saying sorry for previous lack of attention (still due to lack of time, certainly not interest as well).
I'm interested and will come back later and have a closer look in good time. As there is now #2897 as well, I'll aim at a concurrent implementation with that other captcha support.
comment:4 follow-up: 5 Changed 14 years ago by
| Cc: | Mitar added; anonymous removed |
|---|
What is wrong with [RecaptchaRegisterPlugin]?
comment:5 follow-up: 10 Changed 14 years ago by
Replying to mitar:
What is wrong with [RecaptchaRegisterPlugin]?
Nothing, as long as there is a maintainer. OTOH, it might be advantageous to at least bundle useful plugins together. But there is still nothing decided here.
comment:6 follow-up: 7 Changed 14 years ago by
So we just need a maintainer? I have already started a fork of it some time ago. ;-)
comment:7 Changed 14 years ago by
Replying to mitar:
So we just need a maintainer? I have already started a fork of it some time ago. ;-)
I would like to get that into the repos if possible, comment:1:ticket:5726.
comment:8 Changed 12 years ago by
(In [11917]) AccountManagerPlugin: Add interface for configurable user registration procedure, refs #874, #2707, #2897, #4651, #5295, #7577, #8076.
The current user registration process lacks flexibility, as can be witnessed by the history of one of the oldest still pending tickets for this plugin: #874.
comment:9 Changed 12 years ago by
(In [11923]) AccountManagerPlugin: Finish registration check rewrite, refs #874, #2707, #2897, #4651, #5295, #7577, #8076.
Now moving check execution into AccountManager, and _create_user() is gone,
replaced by more clearly structured and modularized code.
Registration checking for requests from the admin panel is re-activated and minor improvements related to RegistrationError processing done too.
Note: The test, that detected admin requests to skip additional checking of
existing permissions for each new username, has been done differently.
In the future each check has to decide on its own, like this is done in the
UsernamePermCheck now.
comment:10 Changed 12 years ago by
Replying to hasienda:
Replying to mitar:
What is wrong with [RecaptchaRegisterPlugin]?
Nothing, as long as there is a maintainer. OTOH, it might be advantageous to at least bundle useful plugins together. But there is still nothing decided here.
I have to correct my earlier statement: The current license, GPL prevents RecaptchaRegisterPlugin code from ever joining the more liberal (libre, not free) AcctMgr code base. Better stay with it's state, even more as the new registration contributor interface actively encourages such modular extensions. Note, that the plugin is useless these days without #7298 being fixed.
So the patches still form a valid approach to provide a build-in captcha solution. And it might even provide the most appropriate one, if other alternatives fail to adapt to the current registration code over the coming months.
Changed 10 years ago by
| Attachment: | recaptcha-0.4.4.diff added |
|---|
Updated patch for AccountManager 0.4.4.
comment:11 Changed 10 years ago by
I'd say close this ticket and suggest installing spamfilter instead. As we see here a t.h.o. (and my other Trac instances) a simple captcha checks is not enough for spam prevention. Captchas are solved automatically already.
comment:12 Changed 8 years ago by
| Owner: | Steffen Hoffmann deleted |
|---|
Patch for adding ReCaptcha support