Skip to content

Commit

Permalink
[FIX] auth_signup_verify_email: Use reCaptcha
Browse files Browse the repository at this point in the history
  • Loading branch information
@Cl0ut1eR
Cl0ut1eR committed Mar 10, 2025
1 parent 68a5523 commit 3cbda9e
Show file tree
Hide file tree
Showing 3 changed files with 15 additions and 1 deletion.
2 changes: 1 addition & 1 deletion auth_signup_verify_email/__manifest__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
{
"name": "Verify email at signup",
"summary": "Force uninvited users to use a good email for signup",
"version": "17.0.1.0.0",
"version": "17.0.1.0.1",
"category": "Authentication",
"website": "https://github.com/OCA/server-auth",
"author": "Antiun Ingeniería S.L., "
Expand Down
3 changes: 3 additions & 0 deletions auth_signup_verify_email/controllers/main.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
from email_validator import EmailSyntaxError, EmailUndeliverableError, validate_email

from odoo import _
from odoo.exceptions import UserError
from odoo.http import request, route

from odoo.addons.auth_signup.controllers.main import AuthSignupHome
Expand All @@ -26,6 +27,8 @@ def passwordless_signup(self):

# Check good format of e-mail
try:
if not request.env["ir.http"]._verify_request_recaptcha_token("signup"):
raise UserError(_("Suspicious activity detected by Google reCaptcha."))
validate_email(values.get("login", ""))
except EmailSyntaxError as error:
qcontext["error"] = getattr(
Expand Down
11 changes: 11 additions & 0 deletions auth_signup_verify_email/tests/test_verify_email.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
from odoo.tests.common import HttpCase
from odoo.tools.misc import mute_logger

from odoo.addons.base.models import ir_http
from odoo.addons.mail.models import mail_template


Expand Down Expand Up @@ -45,6 +46,16 @@ def test_bad_email(self):
doc = self.html_doc(data=self.data)
self.assertTrue(doc.xpath('//p[@class="alert alert-danger"]'))

@mute_logger("odoo.addons.auth_signup_verify_email.controllers.main")
def test_recaptcha_failure(self):
"""Test recaptcha failure path."""
self.data["login"] = "contributors@odoo-community.org"
with patch(
ir_http.__name__ + "._verify_request_recaptcha_token", return_value=False
):
doc = self.html_doc(data=self.data)
self.assertTrue(doc.xpath('//p[@class="alert alert-danger"]'))

@mute_logger("odoo.addons.auth_signup_verify_email.controllers.main")
def test_good_email(self):
"""Test acceptance of good emails."""
Expand Down

0 comments on commit 3cbda9e

Please sign in to comment.