1 | from DateTime import DateTime |
---|
2 | |
---|
3 | from zope.interface import implements |
---|
4 | |
---|
5 | from Acquisition import aq_parent |
---|
6 | from Products.Five import BrowserView |
---|
7 | from Products.CMFCore.utils import getToolByName |
---|
8 | |
---|
9 | from quintagroup.plonecaptchas.browser.interfaces import ICaptchaView |
---|
10 | from quintagroup.plonecaptchas.utils import decrypt, parseKey, encrypt1, getWord |
---|
11 | |
---|
12 | COOKIE_ID = 'captchahashkey' |
---|
13 | |
---|
14 | class Captcha(BrowserView): |
---|
15 | implements(ICaptchaView) |
---|
16 | |
---|
17 | def getSafeContext(self): |
---|
18 | """ Return context for this view that is acquisition aware (it's needed |
---|
19 | because when this view is called from captcha widget self.context |
---|
20 | may be some adapted object and it isn't aqcuisiton wrapped). |
---|
21 | """ |
---|
22 | if aq_parent(self.context) is not None: |
---|
23 | return self.context |
---|
24 | else: |
---|
25 | return self.context.context |
---|
26 | |
---|
27 | def image_tag(self): |
---|
28 | """ Generate an image tag linking to a captcha """ |
---|
29 | context = self.getSafeContext() |
---|
30 | hk = context.getCaptcha() |
---|
31 | resp = self.request.response |
---|
32 | if COOKIE_ID in resp.cookies: |
---|
33 | # clear the cookie first, clearing out any expiration cookie |
---|
34 | # that may have been set during verification |
---|
35 | del resp.cookies[COOKIE_ID] |
---|
36 | resp.setCookie(COOKIE_ID, hk, path='/') |
---|
37 | portal_url = getToolByName(context, 'portal_url')() |
---|
38 | img_url = '%s/getCaptchaImage/%s' % (portal_url, hk) |
---|
39 | return '<img src="%s" />' % img_url |
---|
40 | |
---|
41 | def verify(self, input): |
---|
42 | context = self.getSafeContext() |
---|
43 | result = False |
---|
44 | try: |
---|
45 | hashkey = self.request[COOKIE_ID] |
---|
46 | self.request.response.expireCookie(COOKIE_ID, path='/') |
---|
47 | |
---|
48 | decrypted_key = decrypt(context.captcha_key, hashkey) |
---|
49 | parsed_key = parseKey(decrypted_key) |
---|
50 | index = parsed_key['key'] |
---|
51 | date = parsed_key['date'] |
---|
52 | |
---|
53 | captcha_type = context.getCaptchaType() |
---|
54 | if captcha_type == 'static': |
---|
55 | img = getattr(context, '%s.jpg' % index) |
---|
56 | solution = img.title |
---|
57 | enc = encrypt1(input) |
---|
58 | else: |
---|
59 | enc = input |
---|
60 | solution = getWord(int(index)) |
---|
61 | |
---|
62 | captcha_tool = getToolByName(context, 'portal_captchas') |
---|
63 | if (enc != solution) or (captcha_tool.has_key(decrypted_key)) or (DateTime().timeTime() - float(date) > 3600): |
---|
64 | pass |
---|
65 | else: |
---|
66 | captcha_tool.addExpiredKey(decrypted_key) |
---|
67 | result = True |
---|
68 | except KeyError: |
---|
69 | pass # No cookie |
---|
70 | |
---|
71 | return result |
---|