2019-10-12 21:52:04 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2020-04-08 14:13:33 +05:30
|
|
|
module InvisibleCaptchaOnSignup
|
2019-10-12 21:52:04 +05:30
|
|
|
extend ActiveSupport::Concern
|
|
|
|
|
|
|
|
included do
|
|
|
|
invisible_captcha only: :create, on_spam: :on_honeypot_spam_callback, on_timestamp_spam: :on_timestamp_spam_callback
|
|
|
|
end
|
|
|
|
|
|
|
|
def on_honeypot_spam_callback
|
2021-03-08 18:12:59 +05:30
|
|
|
return unless Gitlab::CurrentSettings.invisible_captcha_enabled
|
2019-10-12 21:52:04 +05:30
|
|
|
|
|
|
|
invisible_captcha_honeypot_counter.increment
|
|
|
|
log_request('Invisible_Captcha_Honeypot_Request')
|
|
|
|
|
2023-03-04 22:38:38 +05:30
|
|
|
head(:ok)
|
2019-10-12 21:52:04 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
def on_timestamp_spam_callback
|
2021-03-08 18:12:59 +05:30
|
|
|
return unless Gitlab::CurrentSettings.invisible_captcha_enabled
|
2019-10-12 21:52:04 +05:30
|
|
|
|
|
|
|
invisible_captcha_timestamp_counter.increment
|
|
|
|
log_request('Invisible_Captcha_Timestamp_Request')
|
|
|
|
|
|
|
|
redirect_to new_user_session_path, alert: InvisibleCaptcha.timestamp_error_message
|
|
|
|
end
|
|
|
|
|
|
|
|
def invisible_captcha_honeypot_counter
|
2023-05-27 22:25:52 +05:30
|
|
|
@invisible_captcha_honeypot_counter ||= Gitlab::Metrics.counter(
|
|
|
|
:bot_blocked_by_invisible_captcha_honeypot,
|
|
|
|
'Counter of blocked sign up attempts with filled honeypot'
|
|
|
|
)
|
2019-10-12 21:52:04 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
def invisible_captcha_timestamp_counter
|
2023-05-27 22:25:52 +05:30
|
|
|
@invisible_captcha_timestamp_counter ||= Gitlab::Metrics.counter(
|
|
|
|
:bot_blocked_by_invisible_captcha_timestamp,
|
|
|
|
'Counter of blocked sign up attempts with invalid timestamp'
|
|
|
|
)
|
2019-10-12 21:52:04 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
def log_request(message)
|
|
|
|
request_information = {
|
|
|
|
message: message,
|
|
|
|
env: :invisible_captcha_signup_bot_detected,
|
2019-12-04 20:38:33 +05:30
|
|
|
remote_ip: request.ip,
|
2019-10-12 21:52:04 +05:30
|
|
|
request_method: request.request_method,
|
2019-12-04 20:38:33 +05:30
|
|
|
path: request.fullpath
|
2019-10-12 21:52:04 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
Gitlab::AuthLogger.error(request_information)
|
|
|
|
end
|
|
|
|
end
|