From 58a045ed29efd2b32338aad1b50d936ccf4a6cfe Mon Sep 17 00:00:00 2001
From: "byte[]" <byteslice@airmail.cc>
Date: Fri, 15 Nov 2019 11:14:23 -0500
Subject: [PATCH] add captcha verification

---
 config/config.exs                             |  5 ++-
 lib/philomena/captcha.ex                      |  7 +++
 .../templates/captcha/create.html.slime       |  2 +-
 .../controllers/controller_callbacks.ex       | 43 +++++++++++++++++++
 .../controllers/controller_callbacks.ex       |  2 +-
 5 files changed, 55 insertions(+), 4 deletions(-)
 create mode 100644 lib/pow_captcha/phoenix/controllers/controller_callbacks.ex

diff --git a/config/config.exs b/config/config.exs
index c9a7b34c..754c6f27 100644
--- a/config/config.exs
+++ b/config/config.exs
@@ -21,9 +21,10 @@ config :philomena, :pow,
   repo: Philomena.Repo,
   web_module: PhilomenaWeb,
   users_context: Philomena.Users,
-  extensions: [PowResetPassword, PowLockout, PowPersistentSession],
+  extensions: [PowResetPassword, PowLockout, PowCaptcha, PowPersistentSession],
   controller_callbacks: Pow.Extension.Phoenix.ControllerCallbacks,
-  mailer_backend: PhilomenaWeb.PowMailer
+  mailer_backend: PhilomenaWeb.PowMailer,
+  captcha_verifier: Philomena.Captcha
 
 config :bcrypt_elixir,
   log_rounds: 12
diff --git a/lib/philomena/captcha.ex b/lib/philomena/captcha.ex
index 4f09723f..7648e4dc 100644
--- a/lib/philomena/captcha.ex
+++ b/lib/philomena/captcha.ex
@@ -127,4 +127,11 @@ defmodule Philomena.Captcha do
 
   def valid_solution?(_solution_id, _solution),
     do: false
+
+  def valid_solution?(%{"captcha" => %{"id" => id, "sln" => solution}}) do
+    valid_solution?(id, solution)
+  end
+
+  def valid_solution?(_params),
+    do: false
 end
diff --git a/lib/philomena_web/templates/captcha/create.html.slime b/lib/philomena_web/templates/captcha/create.html.slime
index 650cc52b..bfce1459 100644
--- a/lib/philomena_web/templates/captcha/create.html.slime
+++ b/lib/philomena_web/templates/captcha/create.html.slime
@@ -17,4 +17,4 @@ div
       label> for="captcha_sln[#{i}]"
         | Name of pony with cutie mark #
         = i
-      = select :captcha, "sln[#{i}]", options, class: "input"
+      = select :captcha, "sln[#{i}]", options, class: "input", name: "captcha[sln][#{i}]"
diff --git a/lib/pow_captcha/phoenix/controllers/controller_callbacks.ex b/lib/pow_captcha/phoenix/controllers/controller_callbacks.ex
new file mode 100644
index 00000000..e59af33a
--- /dev/null
+++ b/lib/pow_captcha/phoenix/controllers/controller_callbacks.ex
@@ -0,0 +1,43 @@
+defmodule PowCaptcha.Phoenix.ControllerCallbacks do
+  @moduledoc """
+  Controller callback logic for captcha verification.
+  """
+  use Pow.Extension.Phoenix.ControllerCallbacks.Base
+
+  alias Pow.Config
+  alias Plug.Conn
+  alias Phoenix.Controller
+
+  alias Pow.Phoenix.RegistrationController
+  alias PowResetPassword.Phoenix.ResetPasswordController
+
+  @doc false
+  @impl true
+  def before_process(RegistrationController, :create, conn, config) do
+    verifier = Config.get(config, :captcha_verifier)
+    return_path = routes(conn).registration_path(conn, :new)
+
+    verifier.valid_solution?(conn.params)
+    |> maybe_halt(conn, return_path)
+  end
+
+  def before_process(ResetPasswordController, :create, conn, config) do
+    verifier = Config.get(config, :captcha_verifier)
+    return_path = routes(conn).path_for(conn, ResetPasswordController, :new)
+
+    verifier.valid_solution?(conn.params)
+    |> maybe_halt(conn, return_path)
+  end
+
+
+  defp maybe_halt(false, conn, return_path) do
+    conn
+    |> Controller.put_flash(:error, "There was an error verifying you're not a robot. Please try again.")
+    |> Controller.redirect(to: return_path)
+    |> Conn.halt()
+  end
+
+  defp maybe_halt(true, conn, _return_path) do
+    conn
+  end
+end
\ No newline at end of file
diff --git a/lib/pow_lockout/phoenix/controllers/controller_callbacks.ex b/lib/pow_lockout/phoenix/controllers/controller_callbacks.ex
index 1439cb23..91936a0c 100644
--- a/lib/pow_lockout/phoenix/controllers/controller_callbacks.ex
+++ b/lib/pow_lockout/phoenix/controllers/controller_callbacks.ex
@@ -1,6 +1,6 @@
 defmodule PowLockout.Phoenix.ControllerCallbacks do
   @moduledoc """
-  Controller callback logic for e-mail confirmation.
+  Controller callback logic for account lockout.
 
   ### User is locked out