annotate MoinMoin/security/textcha.py @ 5904:3a1b92276377

reorder imports, so that MoinMoin.support is already in sys.path
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Wed, 12 Dec 2012 12:27:37 +0100
parents 840ebd16ddd9
children e1e9c0f9d7dd
rev   line source
2983
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
1 # -*- coding: iso-8859-1 -*-
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
2 """
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
3 MoinMoin - Text CAPTCHAs
3070
ed1a433803c6 PEP8 fixes
Reimar Bauer <rb.proj AT googlemail DOT com>
parents: 2983
diff changeset
4
2983
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
5 This is just asking some (admin configured) questions and
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
6 checking if the answer is as expected. It is up to the wiki
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
7 admin to setup questions that a bot can not easily answer, but
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
8 humans can. It is recommended to setup SITE SPECIFIC questions
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
9 and not to share the questions with other sites (if everyone
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
10 asks the same questions / expects the same answers, spammers
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
11 could adapt to that).
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
12
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
13 TODO:
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
14 * roundtrip the question in some other way:
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
15 * make sure a q/a pair in the POST is for the q in the GET before
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
16 * make some nice CSS
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
17 * make similar changes to GUI editor
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
18
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
19 @copyright: 2007 by MoinMoin:ThomasWaldmann
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
20 @license: GNU GPL, see COPYING for details.
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
21 """
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
22
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
23 import re
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
24 import random
3107
c6e39279f83b refactor logging usage
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3070
diff changeset
25
5749
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
26 from time import time
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
27
3110
a48929a5036c logging: make it work correctly by doing logging configuration very early
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3107
diff changeset
28 from MoinMoin import log
a48929a5036c logging: make it work correctly by doing logging configuration very early
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3107
diff changeset
29 logging = log.getLogger(__name__)
2983
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
30
5904
3a1b92276377 reorder imports, so that MoinMoin.support is already in sys.path
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5902
diff changeset
31 from MoinMoin import wikiutil
5902
840ebd16ddd9 use a constant time str comparison function to prevent timing attacks
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5835
diff changeset
32 from werkzeug.security import safe_str_cmp as safe_str_equal
5749
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
33 from MoinMoin.support.python_compatibility import hmac_new
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
34
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
35 SHA1_LEN = 40 # length of hexdigest
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
36 TIMESTAMP_LEN = 10 # length of timestamp
2983
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
37
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
38 class TextCha(object):
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
39 """ Text CAPTCHA support """
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
40
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
41 def __init__(self, request, question=None):
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
42 """ Initialize the TextCha.
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
43
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
44 @param request: the request object
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
45 @param question: see _init_qa()
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
46 """
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
47 self.request = request
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
48 self.user_info = request.user.valid and request.user.name or request.remote_addr
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
49 self.textchas = self._get_textchas()
5749
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
50 if self.textchas:
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
51 self.secret = request.cfg.secrets["security/textcha"]
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
52 self.expiry_time = request.cfg.textchas_expiry_time
2983
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
53 self._init_qa(question)
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
54
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
55 def _get_textchas(self):
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
56 """ get textchas from the wiki config for the user's language (or default_language or en) """
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
57 request = self.request
4822
d44a9c23438c Groups2009: script.migration.wikiutil160a and security.textcha work with the new groups code.
Dmitrijs Milajevs <dimazest@gmail.com>
parents: 4424
diff changeset
58 groups = request.groups
2983
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
59 cfg = request.cfg
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
60 user = request.user
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
61 disabled_group = cfg.textchas_disabled_group
4829
9d510417add0 Groups2009: Instead of checking that some group is defined in a request.groups and then check that some member is in that group request.groups.get method is used.
Dmitrijs Milajevs <dimazest@gmail.com>
parents: 4822
diff changeset
62 if disabled_group and user.name and user.name in groups.get(disabled_group, []):
2983
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
63 return None
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
64 textchas = cfg.textchas
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
65 if textchas:
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
66 lang = user.language or request.lang
3159
915a431b663c logging: security package refactored, moved frozenset to python_compatibility
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3110
diff changeset
67 logging.debug(u"TextCha: user.language == '%s'." % lang)
2983
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
68 if lang not in textchas:
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
69 lang = cfg.language_default
3159
915a431b663c logging: security package refactored, moved frozenset to python_compatibility
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3110
diff changeset
70 logging.debug(u"TextCha: fallback to language_default == '%s'." % lang)
2983
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
71 if lang not in textchas:
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
72 logging.error(u"TextCha: The textchas do not have content for language_default == '%s'! Falling back to English." % lang)
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
73 lang = 'en'
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
74 if lang not in textchas:
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
75 logging.error(u"TextCha: The textchas do not have content for 'en', auto-disabling textchas!")
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
76 cfg.textchas = None
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
77 lang = None
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
78 else:
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
79 lang = None
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
80 if lang is None:
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
81 return None
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
82 else:
3159
915a431b663c logging: security package refactored, moved frozenset to python_compatibility
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3110
diff changeset
83 logging.debug(u"TextCha: using lang = '%s'" % lang)
2983
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
84 return textchas[lang]
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
85
5749
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
86 def _compute_signature(self, question, timestamp):
5835
1ddf7d88c53d fix issue with non-ascii textchas, hmac_new only takes str, not unicode
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5751
diff changeset
87 signature = u"%s%d" % (question, timestamp)
1ddf7d88c53d fix issue with non-ascii textchas, hmac_new only takes str, not unicode
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5751
diff changeset
88 return hmac_new(self.secret, signature.encode('utf-8')).hexdigest()
5749
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
89
2983
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
90 def _init_qa(self, question=None):
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
91 """ Initialize the question / answer.
3070
ed1a433803c6 PEP8 fixes
Reimar Bauer <rb.proj AT googlemail DOT com>
parents: 2983
diff changeset
92
2983
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
93 @param question: If given, the given question will be used.
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
94 If None, a new question will be generated.
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
95 """
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
96 if self.is_enabled():
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
97 if question is None:
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
98 self.question = random.choice(self.textchas.keys())
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
99 else:
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
100 self.question = question
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
101 try:
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
102 self.answer_regex = self.textchas[self.question]
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
103 self.answer_re = re.compile(self.answer_regex, re.U|re.I)
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
104 except KeyError:
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
105 # this question does not exist, thus there is no answer
4358
a952d07dea69 TextChas: fix treatment of unknown keys
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3159
diff changeset
106 self.answer_regex = ur"[Never match for cheaters]"
a952d07dea69 TextChas: fix treatment of unknown keys
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3159
diff changeset
107 self.answer_re = None
2983
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
108 logging.warning(u"TextCha: Non-existing question '%s'. User '%s' trying to cheat?" % (
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
109 self.question, self.user_info))
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
110 except re.error:
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
111 logging.error(u"TextCha: Invalid regex in answer for question '%s'" % self.question)
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
112 self._init_qa()
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
113
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
114 def is_enabled(self):
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
115 """ check if textchas are enabled.
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
116
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
117 They can be disabled for all languages if you use textchas = None or = {},
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
118 also they can be disabled for some specific language, like:
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
119 textchas = {
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
120 'en': {
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
121 'some question': 'some answer',
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
122 # ...
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
123 },
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
124 'de': {}, # having no questions for 'de' means disabling textchas for 'de'
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
125 # ...
3070
ed1a433803c6 PEP8 fixes
Reimar Bauer <rb.proj AT googlemail DOT com>
parents: 2983
diff changeset
126 }
2983
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
127 """
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
128 return not not self.textchas # we don't want to return the dict
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
129
5749
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
130 def check_answer(self, given_answer, timestamp, signature):
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
131 """ check if the given answer to the question is correct and within the correct timeframe"""
2983
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
132 if self.is_enabled():
4358
a952d07dea69 TextChas: fix treatment of unknown keys
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3159
diff changeset
133 if self.answer_re is not None:
a952d07dea69 TextChas: fix treatment of unknown keys
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3159
diff changeset
134 success = self.answer_re.match(given_answer.strip()) is not None
a952d07dea69 TextChas: fix treatment of unknown keys
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3159
diff changeset
135 else:
a952d07dea69 TextChas: fix treatment of unknown keys
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3159
diff changeset
136 # someone trying to cheat!?
a952d07dea69 TextChas: fix treatment of unknown keys
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 3159
diff changeset
137 success = False
5749
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
138 if not timestamp or timestamp + self.expiry_time < time():
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
139 success = False
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
140 try:
5902
840ebd16ddd9 use a constant time str comparison function to prevent timing attacks
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5835
diff changeset
141 if not safe_str_equal(self._compute_signature(self.question, timestamp), signature):
5749
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
142 success = False
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
143 except TypeError:
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
144 success = False
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
145
2983
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
146 success_status = success and u"success" or u"failure"
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
147 logging.info(u"TextCha: %s (u='%s', a='%s', re='%s', q='%s')" % (
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
148 success_status,
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
149 self.user_info,
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
150 given_answer,
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
151 self.answer_regex,
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
152 self.question,
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
153 ))
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
154 return success
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
155 else:
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
156 return True
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
157
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
158 def _make_form_values(self, question, given_answer):
5749
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
159 timestamp = time()
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
160 question_form = "%s %d%s" % (
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
161 wikiutil.escape(question, True),
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
162 timestamp,
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
163 self._compute_signature(question, timestamp)
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
164 )
2983
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
165 given_answer_form = wikiutil.escape(given_answer, True)
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
166 return question_form, given_answer_form
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
167
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
168 def _extract_form_values(self, form=None):
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
169 if form is None:
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
170 form = self.request.form
4424
5ad5753ae311 pre-1.9: request.form has qs args and post data, 1.9: .form only post data, .args only qs args, .values both
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4358
diff changeset
171 question = form.get('textcha-question')
5749
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
172 signature = None
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
173 timestamp = None
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
174 if question:
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
175 # the signature is the last SHA1_LEN bytes of the question
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
176 signature = question[-SHA1_LEN:]
5751
e4479bf1c820 Fix 'trailing blanks' warnings in source code
pavel_vinogradov
parents: 5749
diff changeset
177
5749
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
178 # operate on the remainder
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
179 question = question[:-SHA1_LEN]
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
180 try:
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
181 # the timestamp is the next TIMESTAMP_LEN bytes
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
182 timestamp = int(question[-TIMESTAMP_LEN:])
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
183 except ValueError:
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
184 pass
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
185 # there is a space between the timestamp and the question, so take away 1
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
186 question = question[:-TIMESTAMP_LEN - 1]
4424
5ad5753ae311 pre-1.9: request.form has qs args and post data, 1.9: .form only post data, .args only qs args, .values both
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4358
diff changeset
187 given_answer = form.get('textcha-answer', u'')
5749
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
188 return question, given_answer, timestamp, signature
2983
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
189
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
190 def render(self, form=None):
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
191 """ Checks if textchas are enabled and returns HTML for one,
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
192 or an empty string if they are not enabled.
3070
ed1a433803c6 PEP8 fixes
Reimar Bauer <rb.proj AT googlemail DOT com>
parents: 2983
diff changeset
193
ed1a433803c6 PEP8 fixes
Reimar Bauer <rb.proj AT googlemail DOT com>
parents: 2983
diff changeset
194 @return: unicode result html
2983
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
195 """
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
196 if self.is_enabled():
5749
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
197 question, given_answer, timestamp, signature = self._extract_form_values(form)
2983
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
198 if question is None:
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
199 question = self.question
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
200 question_form, given_answer_form = self._make_form_values(question, given_answer)
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
201 result = u"""
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
202 <div id="textcha">
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
203 <span id="textcha-question">%s</span>
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
204 <input type="hidden" name="textcha-question" value="%s">
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
205 <input id="textcha-answer" type="text" name="textcha-answer" value="%s" size="20" maxlength="80">
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
206 </div>
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
207 """ % (wikiutil.escape(question), question_form, given_answer_form)
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
208 else:
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
209 result = u''
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
210 return result
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
211
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
212 def check_answer_from_form(self, form=None):
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
213 if self.is_enabled():
5749
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
214 question, given_answer, timestamp, signature = self._extract_form_values(form)
2983
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
215 self._init_qa(question)
5749
5d5ec86e40a2 improve textcha security (thanks to rfw, GCI 2010)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4829
diff changeset
216 return self.check_answer(given_answer, timestamp, signature)
2983
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
217 else:
7b0aadb97d01 new antispam stuff: textchas (text CAPTCHAs), cleanup AttachFile handler (port from 1.6)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents:
diff changeset
218 return True
3070
ed1a433803c6 PEP8 fixes
Reimar Bauer <rb.proj AT googlemail DOT com>
parents: 2983
diff changeset
219