Fakultas Ilmu Komputer UI

Commit 70f3b991 authored by Sayid Abyan Rizal Shiddiq's avatar Sayid Abyan Rizal Shiddiq
Browse files

Merge branch '1706022445-118' into 'master'

[#118] Google recaptcha

Closes #118

See merge request !41
parents ebeb7c59 8c196820
Pipeline #58169 passed with stages
in 28 minutes and 16 seconds
...@@ -69,7 +69,7 @@ ...@@ -69,7 +69,7 @@
</div> </div>
<div class="g-recaptcha" data-sitekey={{captcha_site_key}}></div>
<div class="container-login100-form-btn"> <div class="container-login100-form-btn">
<button class="login100-form-btn" type="submit"> <button class="login100-form-btn" type="submit">
Login Login
...@@ -100,6 +100,8 @@ ...@@ -100,6 +100,8 @@
<script src="../static/../static/vendor/countdowntime/countdowntime.js"></script> <script src="../static/../static/vendor/countdowntime/countdowntime.js"></script>
<!--===============================================================================================--> <!--===============================================================================================-->
<script src="../static/js/login.js"></script> <script src="../static/js/login.js"></script>
<!--===============================================================================================-->
<script src='https://www.google.com/recaptcha/api.js'></script>
</body> </body>
......
...@@ -54,7 +54,7 @@ ...@@ -54,7 +54,7 @@
<div class="work_info"> <div class="work_info">
<form class="login100-form validate-form" method="POST"> <form class="login100-form validate-form" method="POST">
{% csrf_token %} {% csrf_token %}
<input type="hidden" name="source" value="admin" />
<div class="login100-form-title p-b-43"> <div class="login100-form-title p-b-43">
Halo, Admin Halo, Admin
</div> </div>
...@@ -84,7 +84,7 @@ ...@@ -84,7 +84,7 @@
</div> </div>
</div> </div>
<div class="g-recaptcha" data-sitekey="6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe"></div>
<div class="container-login100-form-btn"> <div class="container-login100-form-btn">
<button class="login100-form-btn" type="submit"> <button class="login100-form-btn" type="submit">
Login Login
...@@ -116,6 +116,9 @@ ...@@ -116,6 +116,9 @@
<script src="../static/../static/vendor/countdowntime/countdowntime.js"></script> <script src="../static/../static/vendor/countdowntime/countdowntime.js"></script>
<!--===============================================================================================--> <!--===============================================================================================-->
<script src="../static/js/login.js"></script> <script src="../static/js/login.js"></script>
<!--===============================================================================================-->
<script src='https://www.google.com/recaptcha/api.js'></script>
</body> </body>
......
...@@ -80,7 +80,7 @@ class LoginPageContributorTest(TestCase): ...@@ -80,7 +80,7 @@ class LoginPageContributorTest(TestCase):
self.view = Login self.view = Login
self.template_name = "login.html" self.template_name = "login.html"
self.login_credential = { self.login_credential = {
"email": "kontributor@gov.id", "pass": "kontributor"} "email": "kontributor@gov.id", "pass": "kontributor", "g-recaptcha-response" : "testcaptcha"}
self.error_message = { self.error_message = {
"empty_email_or_password": "Email atau Password anda kosong.", "empty_email_or_password": "Email atau Password anda kosong.",
"wrong_email_or_password": "Email atau Password anda salah.", "wrong_email_or_password": "Email atau Password anda salah.",
...@@ -114,11 +114,11 @@ class LoginPageContributorTest(TestCase): ...@@ -114,11 +114,11 @@ class LoginPageContributorTest(TestCase):
self.assertContains(response, "Kata Sandi") self.assertContains(response, "Kata Sandi")
def test_kontributor_login_missing_email_or_password(self): def test_kontributor_login_missing_email_or_password(self):
response = self.client.post(self.url, {"email": "kontributor@gov.id"}) response = self.client.post(self.url, {"email": "kontributor@gov.id", "g-recaptcha-response" : "testcaptcha"})
self.assertIn("error_message", response.context_data) self.assertIn("error_message", response.context_data)
self.assertIn(self.error_message["empty_email_or_password"], self.assertIn(self.error_message["empty_email_or_password"],
response.context_data["error_message"]) response.context_data["error_message"])
response = self.client.post(self.url, {"pass": "kontributor"}) response = self.client.post(self.url, {"pass": "kontributor", "g-recaptcha-response" : "testcaptcha"})
self.assertIn("error_message", response.context_data) self.assertIn("error_message", response.context_data)
self.assertIn(self.error_message["empty_email_or_password"], self.assertIn(self.error_message["empty_email_or_password"],
response.context_data["error_message"]) response.context_data["error_message"])
...@@ -126,19 +126,19 @@ class LoginPageContributorTest(TestCase): ...@@ -126,19 +126,19 @@ class LoginPageContributorTest(TestCase):
def test_kontributor_login_wrong_email_or_password(self): def test_kontributor_login_wrong_email_or_password(self):
# Wrong password # Wrong password
response = self.client.post( response = self.client.post(
self.url, {"email": "kontributor@gov.id", "pass": "kontributor1"}) self.url, {"email": "kontributor@gov.id", "pass": "kontributor1", "g-recaptcha-response" : "testcaptcha"})
self.assertIn("error_message", response.context_data) self.assertIn("error_message", response.context_data)
self.assertIn(self.error_message["wrong_email_or_password"], self.assertIn(self.error_message["wrong_email_or_password"],
response.context_data["error_message"]) response.context_data["error_message"])
# Wrong email # Wrong email
response = self.client.post( response = self.client.post(
self.url, {"email": "kontributor1@gov.id", "pass": "kontributor"}) self.url, {"email": "kontributor1@gov.id", "pass": "kontributor", "g-recaptcha-response" : "testcaptcha"})
self.assertIn("error_message", response.context_data) self.assertIn("error_message", response.context_data)
self.assertIn(self.error_message["wrong_email_or_password"], self.assertIn(self.error_message["wrong_email_or_password"],
response.context_data["error_message"]) response.context_data["error_message"])
# Wrong email and password # Wrong email and password
response = self.client.post( response = self.client.post(
self.url, {"email": "kontributor1@gov.id", "pass": "kontributor1"}) self.url, {"email": "kontributor1@gov.id", "pass": "kontributor1", "g-recaptcha-response" : "testcaptcha"})
self.assertIn("error_message", response.context_data) self.assertIn("error_message", response.context_data)
self.assertIn(self.error_message["wrong_email_or_password"], self.assertIn(self.error_message["wrong_email_or_password"],
response.context_data["error_message"]) response.context_data["error_message"])
......
from django.contrib.auth import authenticate, login from django.contrib.auth import authenticate, login
from django.http import HttpResponseRedirect, QueryDict from django.http import HttpResponseRedirect, QueryDict
from django.views.generic import TemplateView from django.views.generic import TemplateView
from django.conf import settings
from django.contrib import messages
import urllib
import json
class Login(TemplateView): class Login(TemplateView):
...@@ -27,17 +30,31 @@ class Login(TemplateView): ...@@ -27,17 +30,31 @@ class Login(TemplateView):
def get(self, request, *args, **kwargs): def get(self, request, *args, **kwargs):
context = self.get_context_data(**kwargs) context = self.get_context_data(**kwargs)
context['captcha_site_key'] = settings.GOOGLE_RECAPTCHA_SITE_KEY
return self.render_to_response(context=context) return self.render_to_response(context=context)
def post(self, request, *args, **kwargs): def post(self, request, *args, **kwargs):
email = request.POST.get("email", None) email = request.POST.get("email", None)
password = request.POST.get("pass", None) password = request.POST.get("pass", None)
context = self.get_context_data(*args, **kwargs)
if email is None or password is None: if email is None or password is None:
context = self.get_context_data(*args, **kwargs) context = self.get_context_data(*args, **kwargs)
context["error_message"] = "Email atau Password anda kosong." context["error_message"] = "Email atau Password anda kosong."
return self.render_to_response(context=context) return self.render_to_response(context=context)
else: else:
recaptcha_response = request.POST.get('g-recaptcha-response')
url = 'https://www.google.com/recaptcha/api/siteverify'
values = {
'secret': settings.GOOGLE_RECAPTCHA_SECRET_KEY,
'response': recaptcha_response
}
data = urllib.parse.urlencode(values).encode()
req = urllib.request.Request(url, data=data)
response = urllib.request.urlopen(req)
result = json.loads(response.read().decode())
if result['success']:
user = authenticate(email=email, password=password) user = authenticate(email=email, password=password)
if user is not None: if user is not None:
login(request, user) login(request, user)
...@@ -51,6 +68,8 @@ class Login(TemplateView): ...@@ -51,6 +68,8 @@ class Login(TemplateView):
redirect_to = querystring['next'] redirect_to = querystring['next']
return HttpResponseRedirect(redirect_to) return HttpResponseRedirect(redirect_to)
else: else:
context = self.get_context_data(*args, **kwargs)
context["error_message"] = "Email atau Password anda salah." context["error_message"] = "Email atau Password anda salah."
return self.render_to_response(context=context) return self.render_to_response(context=context)
else:
messages.error(request, 'Invalid reCAPTCHA. Please try again.')
return self.render_to_response(context=context)
...@@ -14,6 +14,7 @@ import os ...@@ -14,6 +14,7 @@ import os
import dj_database_url import dj_database_url
from decouple import config from decouple import config
from django.contrib.messages import constants as messages
# Build paths inside the project like this: os.path.join(BASE_DIR, ...) # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
...@@ -145,6 +146,16 @@ USE_L10N = True ...@@ -145,6 +146,16 @@ USE_L10N = True
USE_TZ = True USE_TZ = True
MESSAGE_TAGS = {
messages.DEBUG: 'alert-info',
messages.INFO: 'alert-info',
messages.SUCCESS: 'alert-success',
messages.WARNING: 'alert-warning',
messages.ERROR: 'alert-danger',
}
GOOGLE_RECAPTCHA_SECRET_KEY = config('GOOGLE_RECHAPTCHA', default= "6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe")
GOOGLE_RECAPTCHA_SITE_KEY = config('CLIENT_RECHAPTCHA', default= "6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI")
# Static files (CSS, JavaScript, Images) # Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/3.0/howto/static-files/ # https://docs.djangoproject.com/en/3.0/howto/static-files/
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment