add honeypot

2020-11-29 11:13:42 +01:00 · 2020-11-29 11:13:42 +01:00 · 2b5f53eb5c
parent e16ea7a6cd
commit 2b5f53eb5c
1 changed files with 49 additions and 13 deletions
--- a/js/src/views/User/Login.vue
+++ b/js/src/views/User/Login.vue
@ -8,8 +8,8 @@
          title="Info"
          type="is-info"
          :aria-close-label="$t('Close')"
-          >{{ $t("You need to login.") }}</b-message
-        >
+          >{{ $t("You need to login.") }}
+        </b-message>
        <b-message
          v-else-if="errorCode === LoginError.LOGIN_PROVIDER_ERROR"
          type="is-danger"
@ -18,8 +18,8 @@
            $t("Error while login with {provider}. Retry or login another way.", {
              provider: $route.query.provider,
            })
-          }}</b-message
-        >
+          }}
+        </b-message>
        <b-message
          v-else-if="errorCode === LoginError.LOGIN_PROVIDER_NOT_FOUND"
          type="is-danger"
@ -28,8 +28,8 @@
            $t("Error while login with {provider}. This login provider doesn't exist.", {
              provider: $route.query.provider,
            })
-          }}</b-message
-        >
+          }}
+        </b-message>
        <b-message :title="$t('Error')" type="is-danger" v-for="error in errors" :key="error">
          {{ error }}
        </b-message>
@ -54,6 +54,24 @@
              v-model="credentials.password"
            />
          </b-field>
+          <div class="do-not-show">
+            <b-field :label="$t('Password')" label-for="telephone" :aria-required="false">
+              <b-input
+                aria-required="true"
+                id="telephone"
+                type="tel"
+                v-model="credentials.telephone"
+              />
+            </b-field>
+            <b-field :label="$t('Password')" label-for="creditCardNumber" :aria-required="false">
+              <b-input
+                aria-required="true"
+                id="creditCardNumber"
+                type="tel"
+                v-model="credentials.creditCardNumber"
+              />
+            </b-field>
+          </div>

          <p class="control has-text-centered" v-if="!submitted">
            <button class="button is-primary is-large">{{ $t("Login") }}</button>
@ -68,14 +86,14 @@
            <router-link
              class="button is-text"
              :to="{ name: RouteName.SEND_PASSWORD_RESET, params: { email: credentials.email } }"
-              >{{ $t("Forgot your password ?") }}</router-link
-            >
+              >{{ $t("Forgot your password ?") }}
+            </router-link>
          </p>
          <router-link
            class="button is-text"
            :to="{ name: RouteName.RESEND_CONFIRMATION, params: { email: credentials.email } }"
-            >{{ $t("Didn't receive the instructions?") }}</router-link
-          >
+            >{{ $t("Didn't receive the instructions?") }}
+          </router-link>
          <p class="control" v-if="config && config.registrationsOpen">
            <router-link
              class="button is-text"
@ -86,8 +104,8 @@
                  default_password: credentials.password,
                },
              }"
-              >{{ $t("Create an account") }}</router-link
-            >
+              >{{ $t("Create an account") }}
+            </router-link>
          </p>
        </form>
      </div>
@ -104,7 +122,7 @@ import { initializeCurrentActor, NoIdentitiesException, saveUserData } from "../
 import { ILogin } from "../../types/login.model";
 import { CURRENT_USER_CLIENT, UPDATE_CURRENT_USER_CLIENT } from "../../graphql/user";
 import RouteName from "../../router/name";
-import { LoginErrorCode, LoginError } from "../../types/login-error-code.model";
+import { LoginError, LoginErrorCode } from "../../types/login-error-code.model";
 import { ICurrentUser } from "../../types/current-user.model";
 import { CONFIG } from "../../graphql/config";
 import { IConfig } from "../../types/config.model";
@ -151,6 +169,8 @@ export default class Login extends Vue {
  credentials = {
    email: "",
    password: "",
+    telephone: "",
+    creditCardNumber: "24253475337458",
  };

  errors: string[] = [];
@ -176,6 +196,14 @@ export default class Login extends Vue {
      return;
    }

+    // antispam management
+    if (this.credentials.telephone || this.credentials.creditCardNumber !== "24253475337458") {
+      this.$router.push({
+        name: RouteName.HOME,
+      });
+      // throw new Error("Spammer detected");
+      return;
+    }
    this.errors = [];

    try {
@ -239,4 +267,12 @@ export default class Login extends Vue {
 .container .columns {
  margin: 1rem auto 3rem;
 }
+
+.do-not-show {
+  background: red;
+  width: 0;
+  height: 0;
+  overflow: hidden;
+  display: block;
+}
 </style>