From 47cdf79b20ddab3097bf56623350cffa8f39ddc9 Mon Sep 17 00:00:00 2001
From: rimu <3310831+rimu@users.noreply.github.com>
Date: Sat, 6 Jan 2024 19:48:10 +1300
Subject: [PATCH] use recaptcha 2 instead of 3 as it's easier to integrate

---
 app/auth/forms.py                | 5 ++---
 app/auth/routes.py               | 2 --
 app/templates/auth/register.html | 4 ++++
 config.py                        | 4 ++--
 4 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/app/auth/forms.py b/app/auth/forms.py
index e98ca625..dcf98f65 100644
--- a/app/auth/forms.py
+++ b/app/auth/forms.py
@@ -1,9 +1,8 @@
-from flask_wtf import FlaskForm
+from flask_wtf import FlaskForm, RecaptchaField
 from wtforms import StringField, PasswordField, SubmitField, HiddenField
 from wtforms.validators import ValidationError, DataRequired, Email, EqualTo, Length
 from flask_babel import _, lazy_gettext as _l
 from app.models import User, Community
-from app.auth.recaptcha3 import Recaptcha3Field
 
 
 class LoginForm(FlaskForm):
@@ -20,7 +19,7 @@ class RegistrationForm(FlaskForm):
     password2 = PasswordField(
         _l('Repeat password'), validators=[DataRequired(),
                                            EqualTo('password')])
-    recaptcha = Recaptcha3Field(action="TestAction", execute_on_load=True)
+    recaptcha = RecaptchaField()
 
     submit = SubmitField(_l('Register'))
 
diff --git a/app/auth/routes.py b/app/auth/routes.py
index d57ac52e..2209bdd7 100644
--- a/app/auth/routes.py
+++ b/app/auth/routes.py
@@ -79,8 +79,6 @@ def register():
     if current_user.is_authenticated:
         return redirect(url_for('main.index'))
     form = RegistrationForm()
-    if current_app.config['MODE'] == 'development':
-        del form.recaptcha
     if form.validate_on_submit():
         if form.email.data == '': # ignore any registration where the email field is filled out. spam prevention
             if form.real_email.data.lower().startswith('postmaster@') or form.real_email.data.lower().startswith('abuse@') or \
diff --git a/app/templates/auth/register.html b/app/templates/auth/register.html
index 94bd5fa2..4e99578d 100644
--- a/app/templates/auth/register.html
+++ b/app/templates/auth/register.html
@@ -1,6 +1,10 @@
 {% extends "base.html" %}
 {% from 'bootstrap/form.html' import render_form %}
 
+{% block scripts %}
+    <script src='https://www.google.com/recaptcha/api.js' async defer nonce="{{ session['nonce'] }}"></script>
+{% endblock %}
+
 {% block app_content %}
 
         <div class="row">
diff --git a/config.py b/config.py
index 8256040b..13649bf6 100644
--- a/config.py
+++ b/config.py
@@ -16,8 +16,8 @@ class Config(object):
     MAIL_USE_TLS = os.environ.get('MAIL_USE_TLS') is not None
     MAIL_USERNAME = os.environ.get('MAIL_USERNAME')
     MAIL_PASSWORD = os.environ.get('MAIL_PASSWORD')
-    RECAPTCHA3_PUBLIC_KEY = os.environ.get("RECAPTCHA3_PUBLIC_KEY")
-    RECAPTCHA3_PRIVATE_KEY = os.environ.get("RECAPTCHA3_PRIVATE_KEY")
+    RECAPTCHA_PUBLIC_KEY = os.environ.get("RECAPTCHA_PUBLIC_KEY")
+    RECAPTCHA_PRIVATE_KEY = os.environ.get("RECAPTCHA_PRIVATE_KEY")
     MODE = os.environ.get('MODE') or 'development'
     LANGUAGES = ['en']
     FULL_AP_CONTEXT = os.environ.get('FULL_AP_CONTEXT') or True