From eceddf109a20419f9415b630f40f544f6a33a15c Mon Sep 17 00:00:00 2001 From: Wyatt Johnson Date: Mon, 20 Mar 2017 12:35:22 -0600 Subject: [PATCH] Added reCAPTCHA docs --- README.md | 2 ++ services/passport.js | 5 +++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 64fe2739c..7e303f70e 100644 --- a/README.md +++ b/README.md @@ -41,6 +41,8 @@ Facebook Login enabled app. - `TALK_SMTP_HOST` (*required for email*) - SMTP host url with format `smtp.domain.com`. - `TALK_SMTP_PORT` (*required for email*) - SMTP port. - `TALK_INSTALL_LOCK` (_optional for dynamic setup_) - Defaults to `FALSE`. When `TRUE`, disables the dynamic setup endpoint. +- `TALK_RECAPTCHA_SECRET` (*required for reCAPTCHA support*) - server secret used for enabling reCAPTCHA powered logins. If not provided it will instead default to providing only a time based lockout. +- `TALK_RECAPTCHA_PUBLIC` (*required for reCAPTCHA support*) - client secret used for enabling reCAPTCHA powered logins. If not provided it will instead default to providing only a time based lockout. Refer to the wiki page on [Configuration Loading](https://github.com/coralproject/talk/wiki/Configuration-Loading) for alternative methods of loading configuration during development. diff --git a/services/passport.js b/services/passport.js index 4ec80bb60..f1994392f 100644 --- a/services/passport.js +++ b/services/passport.js @@ -116,14 +116,15 @@ const CheckIfNeedsRecaptcha = (user, email) => { * This stores the Recaptcha secret. */ const RECAPTCHA_SECRET = process.env.TALK_RECAPTCHA_SECRET; +const RECAPTCHA_PUBLIC = process.env.TALK_RECAPTCHA_PUBLIC; /** * This is true when the recaptcha secret is provided and the Recaptcha feature * is to be enabled. */ -const RECAPTCHA_ENABLED = RECAPTCHA_SECRET && RECAPTCHA_SECRET.length > 0; +const RECAPTCHA_ENABLED = RECAPTCHA_SECRET && RECAPTCHA_SECRET.length > 0 && RECAPTCHA_PUBLIC && RECAPTCHA_PUBLIC.length > 0; if (!RECAPTCHA_ENABLED) { - console.log('Recaptcha is not enabled for login/signup abuse prevention, set TALK_RECAPTCHA_SECRET to enable Recaptcha.'); + console.log('Recaptcha is not enabled for login/signup abuse prevention, set TALK_RECAPTCHA_SECRET and TALK_RECAPTCHA_PUBLIC to enable Recaptcha.'); } /**