From 10edf75891bf86a241bde94023a3d6a4c3d3f0ad Mon Sep 17 00:00:00 2001 From: karthikmv Date: Thu, 7 Apr 2022 17:04:57 +0530 Subject: [PATCH] added recaptcha verification --- CDC_Backend/APIs/companyViews.py | 5 +++-- CDC_Backend/APIs/constants.py | 1 + CDC_Backend/APIs/utils.py | 16 ++++++++++++++++ CDC_Backend/CDC_Backend/settings.py | 2 ++ 4 files changed, 22 insertions(+), 2 deletions(-) diff --git a/CDC_Backend/APIs/companyViews.py b/CDC_Backend/APIs/companyViews.py index b133b81..c03f695 100644 --- a/CDC_Backend/APIs/companyViews.py +++ b/CDC_Backend/APIs/companyViews.py @@ -16,14 +16,15 @@ logger = logging.getLogger('db') IS_COMPENSATION_DETAILS_PDF, ALLOWED_BRANCH, SELECTION_PROCEDURE_ROUNDS, SELECTION_PROCEDURE_DETAILS, IS_SELECTION_PROCEDURE_DETAILS_PDF, TENTATIVE_DATE_OF_JOINING, - TENTATIVE_NO_OF_OFFERS, OTHER_REQUIREMENTS + TENTATIVE_NO_OF_OFFERS, OTHER_REQUIREMENTS, RECAPTCHA_VALUE ]) def addPlacement(request): try: data = request.data files = request.FILES opening = Placement() - + if not verify_recaptcha(data[RECAPTCHA_VALUE]): + raise Exception("Recaptcha Failed") opening.id = generateRandomString() # Add a company details in the opening opening.company_name = data[COMPANY_NAME] diff --git a/CDC_Backend/APIs/constants.py b/CDC_Backend/APIs/constants.py index af96560..0fca0ae 100644 --- a/CDC_Backend/APIs/constants.py +++ b/CDC_Backend/APIs/constants.py @@ -117,6 +117,7 @@ OTHER_REQUIREMENTS = 'other_requirements' DEADLINE_DATETIME = 'deadline_datetime' OFFER_ACCEPTED = 'offer_accepted' EMAIL_VERIFIED = 'email_verified' +RECAPTCHA_VALUE = 'recaptchakey' STUDENT_LIST = "student_list" STUDENT_ID = "student_id" diff --git a/CDC_Backend/APIs/utils.py b/CDC_Backend/APIs/utils.py index d00e35c..fc17705 100644 --- a/CDC_Backend/APIs/utils.py +++ b/CDC_Backend/APIs/utils.py @@ -19,6 +19,7 @@ from google.auth.transport import requests from google.oauth2 import id_token from rest_framework import status from rest_framework.response import Response +import requests as rq from .constants import * from .models import User, PrePlacementOffer, PlacementApplication @@ -233,3 +234,18 @@ def generateOneTimeVerificationLink(email, opening_id, opening_type): print(sys.exc_info()) logger.warning("Utils - generateOneTimeVerificationLink: " + str(sys.exc_info())) return False, "_" + +def verify_recaptcha(request): + try: + data = { + 'secret': settings.RECAPTCHA_SECRET_KEY, + 'response': request + } + r = rq.post('https://www.google.com/recaptcha/api/siteverify', data=data) + result = r.json() + # logger.info("Recaptcha Response: " + str(result)+"request: "+str(data)) + return result['success'] + except: + print(sys.exc_info()) + logger.warning("Utils - verify_recaptcha: " + str(sys.exc_info())) + return False, "_" \ No newline at end of file diff --git a/CDC_Backend/CDC_Backend/settings.py b/CDC_Backend/CDC_Backend/settings.py index d524b5b..c96c4d8 100644 --- a/CDC_Backend/CDC_Backend/settings.py +++ b/CDC_Backend/CDC_Backend/settings.py @@ -161,6 +161,8 @@ EMAIL_PORT = 587 EMAIL_HOST_USER = os.environ.get("EMAIL") # 'email here' EMAIL_HOST_PASSWORD = os.environ.get("EMAIL_PASSWORD") # 'password here' +RECAPTCHA_SECRET_KEY = os.environ.get("RECAPTCHA_SECRET_KEY") + LOGGING = { 'version': 1, 'disable_existing_loggers': False,