Skip to content
Snippets Groups Projects
Commit 37e53513 authored by Kegan Dougal's avatar Kegan Dougal
Browse files

Add config opion for XFF headers when performing ReCaptcha auth.

parent 1829b55b
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
synapse/config/captcha.py
+ 6
0
View file @ 37e53513
...@@ -20,6 +20,7 @@ class CaptchaConfig(Config): ...@@ -20,6 +20,7 @@ class CaptchaConfig(Config):
super(CaptchaConfig, self).__init__(args) super(CaptchaConfig, self).__init__(args)
self.recaptcha_private_key = args.recaptcha_private_key self.recaptcha_private_key = args.recaptcha_private_key
self.enable_registration_captcha = args.enable_registration_captcha self.enable_registration_captcha = args.enable_registration_captcha
self.captcha_ip_origin_is_x_forwarded = args.captcha_ip_origin_is_x_forwarded
@classmethod @classmethod
def add_arguments(cls, parser): def add_arguments(cls, parser):
...@@ -33,4 +34,9 @@ class CaptchaConfig(Config): ...@@ -33,4 +34,9 @@ class CaptchaConfig(Config):
"--enable-registration-captcha", type=bool, default=False, "--enable-registration-captcha", type=bool, default=False,
help="Enables ReCaptcha checks when registering, preventing signup "+ help="Enables ReCaptcha checks when registering, preventing signup "+
"unless a captcha is answered. Requires a valid ReCaptcha public/private key." "unless a captcha is answered. Requires a valid ReCaptcha public/private key."
)
group.add_argument(
"--captcha_ip_origin_is_x_forwarded", type=bool, default=False,
help="When checking captchas, use the X-Forwarded-For (XFF) header as the client IP "+
"and not the actual client IP."
) )
\ No newline at end of file
synapse/handlers/register.py
+ 1
0
View file @ 37e53513
...@@ -59,6 +59,7 @@ class RegistrationHandler(BaseHandler): ...@@ -59,6 +59,7 @@ class RegistrationHandler(BaseHandler):
captcha_info["response"] captcha_info["response"]
) )
if not captcha_response["valid"]: if not captcha_response["valid"]:
logger.info("Invalid captcha entered from %s", captcha_info["ip"])
raise InvalidCaptchaError( raise InvalidCaptchaError(
error_url=captcha_response["error_url"] error_url=captcha_response["error_url"]
) )
......
synapse/rest/register.py
+ 5
2
View file @ 37e53513
...@@ -66,8 +66,11 @@ class RegisterRestServlet(RestServlet): ...@@ -66,8 +66,11 @@ class RegisterRestServlet(RestServlet):
# TODO determine the source IP : May be an X-Forwarding-For header depending on config # TODO determine the source IP : May be an X-Forwarding-For header depending on config
ip_addr = request.getClientIP() ip_addr = request.getClientIP()
#if self.hs.config.captcha_ip_origin_is_x_forwarded: if self.hs.config.captcha_ip_origin_is_x_forwarded:
# # use the header # use the header
if request.requestHeaders.hasHeader("X-Forwarded-For"):
ip_addr = request.requestHeaders.getRawHeaders(
"X-Forwarded-For")[0]
captcha = { captcha = {
"ip": ip_addr, "ip": ip_addr,
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment