Skip to content
Snippets Groups Projects
Normal view Permalink
CAPTCHA_SETUP.md 1.08 KiB
Newer Older
  • Learn to ignore specific revisions
    • dstipp's avatar
    (#5849) Convert rst to markdown (#6040)  
    dstipp committed
    1 
    # Overview
    David Baker's avatar
    Update CAPTCHA_SETUP (it continues to ignore fallback, but I guess I should...  
    David Baker committed
    2 
    Captcha can be enabled for this home server. This file explains how to do that.
    David Baker's avatar
    Add original, unmodified CAPTCHA-SETUP from the webclient repo before...
    David Baker committed
    3 4 
    The captcha mechanism used is Google's ReCaptcha. This requires API keys from Google.
    dstipp's avatar
    (#5849) Convert rst to markdown (#6040)  
    dstipp committed
    5 6 
    ## Getting keys
    Yash Jipkate's avatar
    Modify doc to update Google ReCaptcha terms (#6257)  
    Yash Jipkate committed
    7 
    Requires a site/secret key pair from:
    David Baker's avatar
    Add original, unmodified CAPTCHA-SETUP from the webclient repo before...
    David Baker committed
    8
    dstipp's avatar
    (#5849) Convert rst to markdown (#6040)  
    dstipp committed
    9 
    <https://developers.google.com/recaptcha/>
    David Baker's avatar
    Add original, unmodified CAPTCHA-SETUP from the webclient repo before...
    David Baker committed
    10
    Aaron's avatar
    Specify the type of reCAPTCHA key to use (#5013)  
    Aaron committed
    11 
    Must be a reCAPTCHA v2 key using the "I'm not a robot" Checkbox option
    David Baker's avatar
    Add original, unmodified CAPTCHA-SETUP from the webclient repo before...
    David Baker committed
    12
    dstipp's avatar
    (#5849) Convert rst to markdown (#6040)  
    dstipp committed
    13 14 
    ## Setting ReCaptcha Keys
    Richard van der Hoff's avatar
    rename CAPTCHA_SETUP  
    Richard van der Hoff committed
    15 
    The keys are a config option on the home server config. If they are not
    dstipp's avatar
    (#5849) Convert rst to markdown (#6040)  
    dstipp committed
    16 17 
    visible, you can generate them via `--generate-config`. Set the following value:
    Yash Jipkate's avatar
    Modify doc to update Google ReCaptcha terms (#6257)  
    Yash Jipkate committed
    18 19 
        recaptcha_public_key: YOUR_SITE_KEY
    recaptcha_private_key: YOUR_SECRET_KEY
    David Baker's avatar
    Add original, unmodified CAPTCHA-SETUP from the webclient repo before...
    David Baker committed
    20
    dstipp's avatar
    (#5849) Convert rst to markdown (#6040)  
    dstipp committed
    21 
    In addition, you MUST enable captchas via:
    Richard van der Hoff's avatar
    rename CAPTCHA_SETUP  
    Richard van der Hoff committed
    22
    dstipp's avatar
    (#5849) Convert rst to markdown (#6040)  
    dstipp committed
    23 
        enable_registration_captcha: true
    David Baker's avatar
    Add original, unmodified CAPTCHA-SETUP from the webclient repo before...
    David Baker committed
    24
    dstipp's avatar
    (#5849) Convert rst to markdown (#6040)  
    dstipp committed
    25 
    ## Configuring IP used for auth
    David Baker's avatar
    Add original, unmodified CAPTCHA-SETUP from the webclient repo before...
    David Baker committed
    26 27 28 
    
The ReCaptcha API requires that the IP address of the user who solved the
captcha is sent. If the client is connecting through a proxy or load balancer,
    dstipp's avatar
    (#5849) Convert rst to markdown (#6040)  
    dstipp committed
    29 30 
    it may be required to use the `X-Forwarded-For` (XFF) header instead of the origin
IP address. This can be configured using the `x_forwarded` directive in the
    Daniel Dent's avatar
    Update CAPTCHA_SETUP.rst X-Forwarded-For docs  
    Daniel Dent committed
    31 
    listeners section of the homeserver.yaml configuration file.