EPrints - using Recaptcha.net

WRRecaptcha.pm

package EPrints::Plugin::WRRecaptcha;
use strict;
our @ISA = qw/ EPrints::Plugin /;

######################################################################
#
# Use recaptcha.net instead of Google, so people in China can add their stuff
#
######################################################################
#
# Add this file to ~/site_lib/plugins/EPrints/Plugin/WRRecaptcha.pm
#
######################################################################

package EPrints::MetaField::Recaptcha;

use strict;
no warnings 'redefine';

sub render_input_field_actual
{
	my( $self, $session, $value, $dataset, $staff, $hidden_fields, $obj, $basename ) = @_;

	my $public_key = $session->config( "recaptcha", "public_key" );

	if( !defined $public_key )
	{
		return $session->render_message( "error", $session->make_text( "public_key not set" ) );
	}

	my $frag = $session->make_doc_fragment;

	#my $url = URI->new( "https://www.google.com/recaptcha/api.js" );
	my $url = URI->new( "https://www.recaptcha.net/recaptcha/api.js" );

	$frag->appendChild( $session->make_javascript( undef,
		src => $url,
		async => 'async',
		defer => 'defer'
	) );

	$frag->appendChild( $session->make_element( "div",
		class => "g-recaptcha",
		'data-sitekey' => $public_key,
	) );

	# No-Script, for users with javascript diabled
	# $url = URI->new( "https://www.google.com/recaptcha/api/fallback" );
	$url = URI->new( "https://www.recaptcha.net/recaptcha/api/fallback" );
	$url->query_form( k => $public_key );

	my $noscript = $frag->appendChild( $session->make_element( "noscript" ) );
	$noscript->appendChild( $session->make_element( "iframe",
		src => $url,
		height => "422",
		width => "302",
		frameborder => "0"
	) );
	$noscript->appendChild( $session->make_element( "br" ) );
	$noscript->appendChild( $session->make_element( "textarea",
		id => "g-recaptcha-response",
		name => "g-recaptcha-response",
		rows => "3",
		cols => "40"
	) );

	return $frag;
}

sub form_value_actual
{
	my( $self, $repo, $object, $basename ) = @_;

	my $private_key = $repo->config( "recaptcha", "private_key" );
	my $timeout = $repo->config( "recaptcha", "timeout" ) || 5;

	if( !defined $private_key )
	{
		$repo->log( "recaptcha private_key not set" );
		return undef;
	}

	my $response = $repo->param( "g-recaptcha-response" );
	if( !EPrints::Utils::is_set( $response ) )
	{
		return "invalid-captcha-sol";
	}

	# my $url = URI->new( "https://www.google.com/recaptcha/api/siteverify" );
	my $url = URI->new( "https://www.recaptcha.net/recaptcha/api/siteverify" );

	my $ua = LWP::UserAgent->new();
	$ua->env_proxy;
	$ua->timeout( $timeout ); #LWP default timeout is 180 seconds.

	# my $r = $ua->post( "https://www.google.com/recaptcha/api/siteverify", [
	my $r = $ua->post( "https://www.recaptcha.net/recaptcha/api/siteverify", [
		secret => $private_key,
		response => $response
	]);

	# the request returned a response - but we have to check whether the human (or otherwise)
	# passed the Captcha
	if( $r->is_success )
	{
		my $hash = decode_json( $r->content );
		if( !$hash->{success} )
		{
			my $recaptcha_error = 'unknown-error';
			my $codes = $hash->{'error-codes'};
			if( $codes && scalar @{$codes} )
			{
				$recaptcha_error = join '+', @{$codes};
			}
			return $recaptcha_error;
		}
		return undef; #success!
	}

	# error talking to recaptcha, so lets continue, to avoid blocking the user
	# in case of network problems
	$repo->log( "Error contacting recaptcha: ".$r->code." ".$r->message );

	return undef;
}

1;