aaronleetw/Attendance
1
0
Fork 0
mirror of https://github.com/aaronleetw/Attendance.git synced 2024-11-14 19:11:39 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added recaptcha

Browse source
This commit is contained in:
Aaron Lee 2021-09-23 22:21:59 +08:00
parent f566884b44
commit 18f62768e0
3 changed files with 45 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

35
app.py
View file

@ -9,6 +9,7 @@ import pandas as pd
import base64
from random import randint
from dotenv import load_dotenv
import requests
load_dotenv()
app = Flask(__name__)
@ -45,6 +46,17 @@ def check_permission():
db.child("Users").child(session['uid']).child("showUpload").get().val() == '1')
def verify_recaptcha(response):
data = {
'secret': os.environ.get('RECAPTCHA_SECRET'),
'response': response,
'remoteip': request.remote_addr
}
r = requests.post(
'https://www.google.com/recaptcha/api/siteverify', data=data)
return r.json()['success']
def manageProcess(fCommand, fData):
if (check_login_status()):
return redirect('/logout')
@ -218,7 +230,7 @@ def manageProcess(fCommand, fData):
return redirect('/logout')
@ app.route('/', methods=['GET', 'POST'])
@ app.route('/', methods=['GET'])
def index():
if request.method == 'GET':
if check_login_status():
@ -227,15 +239,18 @@ def index():
elif request.method == 'POST':
if check_login_status():
try:
user = auth.sign_in_with_email_and_password(
request.form['username'] + "@group-attendance.fhjh.tp.edu.tw", request.form['password'])
session['is_logged_in'] = True
session['email'] = user['email']
session['uid'] = user['localId']
session['token'] = user['idToken']
session['refreshToken'] = user['refreshToken']
session['loginTime'] = datetime.now(tz)
return redirect('/manage')
if (verify_recaptcha(request.form['g-recaptcha-response'])):
user = auth.sign_in_with_email_and_password(
request.form['username'] + "@group-attendance.fhjh.tp.edu.tw", request.form['password'])
session['is_logged_in'] = True
session['email'] = user['email']
session['uid'] = user['localId']
session['token'] = user['idToken']
session['refreshToken'] = user['refreshToken']
session['loginTime'] = datetime.now(tz)
return redirect('/manage')
else:
return render_template('login.html', error=True)
except Exception as e:
return render_template('login.html', error=True)
else:

10
static/allpages.css
View file

@ -137,4 +137,14 @@ div.showTime {
border:1px solid black;
color:rgb(77, 77, 77);
background:rgb(179, 255, 169);
}
.grecaptcha-badge {
display: none;
}
.disclaimer {
color: rgb(160, 160, 160);
font-size: 0.7524em;
margin-bottom: 20px;
}

12
templates/login.html
View file

@ -19,6 +19,7 @@
gtag('config', 'G-H6D61RSBHR');
</script>
<script src="https://www.google.com/recaptcha/api.js"></script>
</head>
<body>
@ -28,7 +29,7 @@
<div class="row">
<div class="col"></div>
<div class="col-md-5">
<form action="/" method="post">
<form action="/" id="loginForm" method="post">
<div class="form-group row" style="margin-bottom: 10px;">
<div class="col-3 center"><label for="username" style="font-size: 19px">Username 帳號: </label>
</div>
@ -41,9 +42,15 @@
<div class="col-9 center-input"><input type="password" class="form-control" name="password"
id="password"></div>
</div>
<button type="submit" class="btn btn-primary btn-block" onclick="loadingAnimation()">Login
<button class="btn btn-primary btn-block g-recaptcha"
data-sitekey="6LevCYccAAAAAAQ8XL6Bay_Nn22OyX9-9Shhi62M" data-callback='loadingAnimation'>Login
登入</button>
</form>
<div class="disclaimer">
This site is protected by reCAPTCHA and the Google
<a target="_blank" href="https://policies.google.com/privacy">Privacy Policy</a> and
<a target="_blank" href="https://policies.google.com/terms">Terms of Service</a> apply.
</div>
{% if error %}
<div class="alert alert-danger" role="alert">
帳號或密碼錯誤,請重新輸入<br>
@ -69,6 +76,7 @@
<script type=" text/javascript" src="/static/jquery.min.js"></script>
<script>
function loadingAnimation() {
$('#loginForm').submit();
$('.container').hide();
$('#loading').show();
}