From 92bb56e34438946331e629cb20facb588a373595 Mon Sep 17 00:00:00 2001
From: Nabeel Shahzad <nshahzad@gmail.com>
Date: Fri, 16 Mar 2018 11:38:06 -0500
Subject: [PATCH] Add recaptcha implementation #212

---
 .../Controllers/Auth/RegisterController.php   | 28 ++++++++++++----
 app/Models/User.php                           |  1 +
 config/captcha.php                            | 18 +++++++++--
 .../Installer/Resources/views/app.blade.php   |  1 +
 resources/lang/en/validation.php              |  4 +++
 resources/stubs/installer/config.stub         | 15 +++++++--
 resources/views/layouts/default/app.blade.php |  2 +-
 .../layouts/default/auth/register.blade.php   | 32 +++++++++++++------
 8 files changed, 80 insertions(+), 21 deletions(-)

diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php
index e27b02b2..1abb0350 100755
--- a/app/Http/Controllers/Auth/RegisterController.php
+++ b/app/Http/Controllers/Auth/RegisterController.php
@@ -69,20 +69,27 @@ class RegisterController extends Controller
      */
     protected function validator(array $data)
     {
-        return Validator::make($data, [
+        $rules = [
             'name' => 'required|max:255',
             'email' => 'required|email|max:255|unique:users',
             'airline_id' => 'required',
             'home_airport_id' => 'required',
             'password' => 'required|min:5|confirmed',
-        ]);
+        ];
+
+        if (config('captcha.enabled')) {
+            $rules['g-recaptcha-response'] = 'required|captcha';
+        }
+
+        return Validator::make($data, $rules);
     }
 
     /**
      * Get a validator for an incoming registration request.
      * @param  array $data
-     * @return \Illuminate\Contracts\Validation\Validator
+     * @return User
      * @throws \RuntimeException
+     * @throws \Exception
      */
     protected function create(array $data)
     {
@@ -106,20 +113,27 @@ class RegisterController extends Controller
 
     /**
      * Handle a registration request for the application.
-     * @throws \RuntimeException
+     * @param Request $request
+     * @return mixed
+     * @throws \Exception
      */
     public function register(Request $request)
     {
-        $this->validate(request(), [
+        $rules = [
             'name' => 'required',
             'email' => 'required|email|unique:users,email',
             'airline_id' => 'required',
             'home_airport_id' => 'required',
             'password' => 'required|confirmed'
-        ]);
+        ];
+
+        if(config('captcha.enabled')) {
+            $rules['g-recaptcha-response'] = 'required|captcha';
+        }
+
+        $this->validate(request(), $rules);
 
         $user = $this->create($request->all());
-
         if($user->state === UserState::PENDING) {
             return view('auth.pending');
         }
diff --git a/app/Models/User.php b/app/Models/User.php
index d733adc3..d5a32865 100755
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -23,6 +23,7 @@ use Laratrust\Traits\LaratrustUserTrait;
  * @property Rank rank
  * @property Journal journal
  * @property string pilot_id
+ * @property int state
  * @mixin \Illuminate\Notifications\Notifiable
  * @mixin \Laratrust\Traits\LaratrustUserTrait
  */
diff --git a/config/captcha.php b/config/captcha.php
index 18bac4b3..689fcebb 100644
--- a/config/captcha.php
+++ b/config/captcha.php
@@ -1,8 +1,22 @@
 <?php
 
+/*
+ * The keys can be created here
+ * https://www.google.com/recaptcha/admin
+ *
+ * Don't edit this file directly, add the section to your config.php
+ */
 return [
-    'secret' => env('NOCAPTCHA_SECRET'),
-    'sitekey' => env('NOCAPTCHA_SITEKEY'),
+    'enabled' => false,
+    'sitekey' => '',
+    'secret' => '',
+
+    # Attributes can be found here:
+    # https://developers.google.com/recaptcha/docs/display#render_param
+    'attributes' => [
+        'data-theme' => 'light',
+    ],
+
     'options' => [
         'timeout' => 2.0,
     ],
diff --git a/modules/Installer/Resources/views/app.blade.php b/modules/Installer/Resources/views/app.blade.php
index 30ff3501..3ebde57e 100644
--- a/modules/Installer/Resources/views/app.blade.php
+++ b/modules/Installer/Resources/views/app.blade.php
@@ -87,6 +87,7 @@
         });
     });
 </script>
+
 @yield('scripts')
 
 </body>
diff --git a/resources/lang/en/validation.php b/resources/lang/en/validation.php
index 504bd16b..b08f0383 100755
--- a/resources/lang/en/validation.php
+++ b/resources/lang/en/validation.php
@@ -105,6 +105,10 @@ return [
         'source_name' => [
             'required' => 'PIREP Source is required',
         ],
+        'g-recaptcha-response' => [
+            'required' => 'Please verify that you are not a robot.',
+            'captcha' => 'Captcha error! try again later or contact site admin.',
+        ],
     ],
 
     /**
diff --git a/resources/stubs/installer/config.stub b/resources/stubs/installer/config.stub
index a5a6e870..a686974c 100644
--- a/resources/stubs/installer/config.stub
+++ b/resources/stubs/installer/config.stub
@@ -47,10 +47,21 @@ return [
         'prefix' => 'phpvms_',
     ],
 
+    /*
+     * You can get a captcha key from here:
+     * https://www.google.com/recaptcha/admin
+     */
     'captcha' => [
-        'enabled' => true,
-        'secret' => '',
+        'enabled' => false,
+
         'sitekey' => '',
+        'secret' => '',
+
+        # Attributes can be found here:
+        # https://developers.google.com/recaptcha/docs/display#render_param
+        'attributes' => [
+            'data-theme' => 'light',
+        ],
     ],
 
     # overrides database.php
diff --git a/resources/views/layouts/default/app.blade.php b/resources/views/layouts/default/app.blade.php
index 2705ef86..17940834 100644
--- a/resources/views/layouts/default/app.blade.php
+++ b/resources/views/layouts/default/app.blade.php
@@ -23,6 +23,7 @@
     <link href="{{ public_asset('/assets/system/css/vendor.css') }}" rel="stylesheet"/>
 
     @yield('css')
+    @yield('scripts_head')
 </head>
 <body>
 <!-- Navbar -->
@@ -90,6 +91,5 @@ $(document).ready(function () {
 });
 </script>
 
-
 </body>
 </html>
diff --git a/resources/views/layouts/default/auth/register.blade.php b/resources/views/layouts/default/auth/register.blade.php
index cbce2279..2f2cf331 100644
--- a/resources/views/layouts/default/auth/register.blade.php
+++ b/resources/views/layouts/default/auth/register.blade.php
@@ -12,7 +12,7 @@
         <div class="panel-body">
             <h2>Register</h2>
             <label for="name" class="control-label">Full Name</label>
-            <div class="input-group form-group-no-border{{ $errors->has('name') ? ' has-danger' : '' }}">
+            <div class="input-group form-group-no-border {{ $errors->has('name') ? 'has-danger' : '' }}">
                 {{ Form::text('name', null, ['class' => 'form-control']) }}
             </div>
             @if ($errors->has('name'))
@@ -20,7 +20,7 @@
             @endif
 
             <label for="email" class="control-label">Email Address</label>
-            <div class="input-group form-group-no-border{{ $errors->has('email') ? ' has-danger' : '' }}">
+            <div class="input-group form-group-no-border {{ $errors->has('email') ? 'has-danger' : '' }}">
                 {{ Form::text('email', null, ['class' => 'form-control']) }}
             </div>
             @if ($errors->has('email'))
@@ -28,7 +28,7 @@
             @endif
 
             <label for="airline" class="control-label">Airline</label>
-            <div class="input-group form-group-no-border{{ $errors->has('airline') ? ' has-danger' : '' }}">
+            <div class="input-group form-group-no-border {{ $errors->has('airline') ? 'has-danger' : '' }}">
                 {{ Form::select('airline_id', $airlines, null , ['class' => 'form-control select2']) }}
             </div>
             @if ($errors->has('airline_id'))
@@ -36,7 +36,7 @@
             @endif
 
             <label for="home_airport" class="control-label">Home Airport</label>
-            <div class="input-group form-group-no-border{{ $errors->has('home_airport') ? ' has-danger' : '' }}">
+            <div class="input-group form-group-no-border {{ $errors->has('home_airport') ? 'has-danger' : '' }}">
                 {{ Form::select('home_airport_id', $airports, null , ['class' => 'form-control select2']) }}
             </div>
             @if ($errors->has('home_airport_id'))
@@ -44,7 +44,7 @@
             @endif
 
             <label for="timezone" class="control-label">Timezone</label>
-            <div class="input-group form-group-no-border{{ $errors->has('timezone') ? ' has-danger' : '' }}">
+            <div class="input-group form-group-no-border {{ $errors->has('timezone') ? 'has-danger' : '' }}">
                 {{ Form::select('timezone', $timezones, null, ['id'=>'timezone', 'class' => 'form-control select2' ]) }}
             </div>
             @if ($errors->has('timezone'))
@@ -52,7 +52,7 @@
             @endif
 
             <label for="password" class="control-label">Password</label>
-            <div class="input-group form-group-no-border{{ $errors->has('password') ? ' has-danger' : '' }}">
+            <div class="input-group form-group-no-border {{ $errors->has('password') ? 'has-danger' : '' }}">
                 {{ Form::password('password', ['class' => 'form-control']) }}
             </div>
             @if ($errors->has('password'))
@@ -60,14 +60,24 @@
             @endif
 
             <label for="password_confirmation" class="control-label">Confirm Password</label>
-            <div class="input-group form-group-no-border{{ $errors->has('password_confirmation') ? ' has-danger' : '' }}">
+            <div class="input-group form-group-no-border {{ $errors->has('password_confirmation') ? 'has-danger' : '' }}">
                 {{ Form::password('password_confirmation', ['class' => 'form-control']) }}
             </div>
             @if ($errors->has('password_confirmation'))
-            <p class="text-danger">{{ $errors->first('password_confirmation') }}</p>
+                <p class="text-danger">{{ $errors->first('password_confirmation') }}</p>
             @endif
 
-            @include("auth.toc")
+            @if(config('captcha.enabled'))
+                <label for="g-recaptcha-response" class="control-label">Fill out the captcha</label>
+                <div class="input-group form-group-no-border {{ $errors->has('g-recaptcha-response') ? 'has-danger' : '' }}">
+                    {!! NoCaptcha::display(config('captcha.attributes')) !!}
+                </div>
+                @if ($errors->has('g-recaptcha-response'))
+                    <p class="text-danger">{{ $errors->first('g-recaptcha-response') }}</p>
+                @endif
+            @endif
+
+            @include('auth.toc')
 
             <div style="width: 100%; text-align: right; padding-top: 20px;">
                 By registering, you agree to the Term and Conditions<br /><br />
@@ -82,3 +92,7 @@
 <div class="col-sm-4"></div>
 </div>
 @endsection
+
+@section('scripts')
+{!! NoCaptcha::renderJs(config('app.locale')) !!}
+@endsection