Fakultas Ilmu Komputer UI

Commit 8c196820 authored by Sayid Abyan Rizal Shiddiq's avatar Sayid Abyan Rizal Shiddiq
Browse files

[#118] Google recaptcha

parent 26195ff4
......@@ -69,7 +69,7 @@
</div>
<div class="g-recaptcha" data-sitekey={{captcha_site_key}}></div>
<div class="container-login100-form-btn">
<button class="login100-form-btn" type="submit">
Login
......@@ -100,6 +100,8 @@
<script src="../static/../static/vendor/countdowntime/countdowntime.js"></script>
<!--===============================================================================================-->
<script src="../static/js/login.js"></script>
<!--===============================================================================================-->
<script src='https://www.google.com/recaptcha/api.js'></script>
</body>
......
......@@ -54,7 +54,7 @@
<div class="work_info">
<form class="login100-form validate-form" method="POST">
{% csrf_token %}
<input type="hidden" name="source" value="admin" />
<div class="login100-form-title p-b-43">
Halo, Admin
</div>
......@@ -84,7 +84,7 @@
</div>
</div>
<div class="g-recaptcha" data-sitekey="6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe"></div>
<div class="container-login100-form-btn">
<button class="login100-form-btn" type="submit">
Login
......@@ -116,6 +116,9 @@
<script src="../static/../static/vendor/countdowntime/countdowntime.js"></script>
<!--===============================================================================================-->
<script src="../static/js/login.js"></script>
<!--===============================================================================================-->
<script src='https://www.google.com/recaptcha/api.js'></script>
</body>
......
......@@ -80,7 +80,7 @@ class LoginPageContributorTest(TestCase):
self.view = Login
self.template_name = "login.html"
self.login_credential = {
"email": "kontributor@gov.id", "pass": "kontributor"}
"email": "kontributor@gov.id", "pass": "kontributor", "g-recaptcha-response" : "testcaptcha"}
self.error_message = {
"empty_email_or_password": "Email atau Password anda kosong.",
"wrong_email_or_password": "Email atau Password anda salah.",
......@@ -114,11 +114,11 @@ class LoginPageContributorTest(TestCase):
self.assertContains(response, "Kata Sandi")
def test_kontributor_login_missing_email_or_password(self):
response = self.client.post(self.url, {"email": "kontributor@gov.id"})
response = self.client.post(self.url, {"email": "kontributor@gov.id", "g-recaptcha-response" : "testcaptcha"})
self.assertIn("error_message", response.context_data)
self.assertIn(self.error_message["empty_email_or_password"],
response.context_data["error_message"])
response = self.client.post(self.url, {"pass": "kontributor"})
response = self.client.post(self.url, {"pass": "kontributor", "g-recaptcha-response" : "testcaptcha"})
self.assertIn("error_message", response.context_data)
self.assertIn(self.error_message["empty_email_or_password"],
response.context_data["error_message"])
......@@ -126,19 +126,19 @@ class LoginPageContributorTest(TestCase):
def test_kontributor_login_wrong_email_or_password(self):
# Wrong password
response = self.client.post(
self.url, {"email": "kontributor@gov.id", "pass": "kontributor1"})
self.url, {"email": "kontributor@gov.id", "pass": "kontributor1", "g-recaptcha-response" : "testcaptcha"})
self.assertIn("error_message", response.context_data)
self.assertIn(self.error_message["wrong_email_or_password"],
response.context_data["error_message"])
# Wrong email
response = self.client.post(
self.url, {"email": "kontributor1@gov.id", "pass": "kontributor"})
self.url, {"email": "kontributor1@gov.id", "pass": "kontributor", "g-recaptcha-response" : "testcaptcha"})
self.assertIn("error_message", response.context_data)
self.assertIn(self.error_message["wrong_email_or_password"],
response.context_data["error_message"])
# Wrong email and password
response = self.client.post(
self.url, {"email": "kontributor1@gov.id", "pass": "kontributor1"})
self.url, {"email": "kontributor1@gov.id", "pass": "kontributor1", "g-recaptcha-response" : "testcaptcha"})
self.assertIn("error_message", response.context_data)
self.assertIn(self.error_message["wrong_email_or_password"],
response.context_data["error_message"])
......
from django.contrib.auth import authenticate, login
from django.http import HttpResponseRedirect, QueryDict
from django.views.generic import TemplateView
from django.conf import settings
from django.contrib import messages
import urllib
import json
class Login(TemplateView):
......@@ -27,30 +30,46 @@ class Login(TemplateView):
def get(self, request, *args, **kwargs):
context = self.get_context_data(**kwargs)
context['captcha_site_key'] = settings.GOOGLE_RECAPTCHA_SITE_KEY
return self.render_to_response(context=context)
def post(self, request, *args, **kwargs):
email = request.POST.get("email", None)
password = request.POST.get("pass", None)
context = self.get_context_data(*args, **kwargs)
if email is None or password is None:
context = self.get_context_data(*args, **kwargs)
context["error_message"] = "Email atau Password anda kosong."
return self.render_to_response(context=context)
else:
user = authenticate(email=email, password=password)
if user is not None:
login(request, user)
redirect_to = "/"
querystring = QueryDict(request.META['QUERY_STRING'])
if request.user.is_admin:
redirect_to = "/sukses-admin/"
elif request.user.is_contributor:
redirect_to = "/sukses-kontributor/"
if 'next' in querystring:
redirect_to = querystring['next']
return HttpResponseRedirect(redirect_to)
else:
recaptcha_response = request.POST.get('g-recaptcha-response')
url = 'https://www.google.com/recaptcha/api/siteverify'
values = {
'secret': settings.GOOGLE_RECAPTCHA_SECRET_KEY,
'response': recaptcha_response
}
data = urllib.parse.urlencode(values).encode()
req = urllib.request.Request(url, data=data)
response = urllib.request.urlopen(req)
result = json.loads(response.read().decode())
if result['success']:
user = authenticate(email=email, password=password)
if user is not None:
login(request, user)
redirect_to = "/"
querystring = QueryDict(request.META['QUERY_STRING'])
if request.user.is_admin:
redirect_to = "/sukses-admin/"
elif request.user.is_contributor:
redirect_to = "/sukses-kontributor/"
if 'next' in querystring:
redirect_to = querystring['next']
return HttpResponseRedirect(redirect_to)
else:
context["error_message"] = "Email atau Password anda salah."
return self.render_to_response(context=context)
else:
context = self.get_context_data(*args, **kwargs)
context["error_message"] = "Email atau Password anda salah."
return self.render_to_response(context=context)
messages.error(request, 'Invalid reCAPTCHA. Please try again.')
return self.render_to_response(context=context)
......@@ -14,6 +14,7 @@ import os
import dj_database_url
from decouple import config
from django.contrib.messages import constants as messages
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
......@@ -145,6 +146,16 @@ USE_L10N = True
USE_TZ = True
MESSAGE_TAGS = {
messages.DEBUG: 'alert-info',
messages.INFO: 'alert-info',
messages.SUCCESS: 'alert-success',
messages.WARNING: 'alert-warning',
messages.ERROR: 'alert-danger',
}
GOOGLE_RECAPTCHA_SECRET_KEY = config('GOOGLE_RECHAPTCHA', default= "6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe")
GOOGLE_RECAPTCHA_SITE_KEY = config('CLIENT_RECHAPTCHA', default= "6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI")
# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/3.0/howto/static-files/
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment