Commit bc1fd6d8 authored by fred's avatar fred
Browse files

add secondary bot check

parent 4a66ad13
# -*- coding: utf-8 -*-
# Generated by Django 1.11.29 on 2021-01-31 17:14
from __future__ import unicode_literals
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('newsletter', '0003_auto_20210131_1630'),
]
operations = [
migrations.AddField(
model_name='subscriber',
name='bot_check1',
field=models.BooleanField(default=False),
),
migrations.AddField(
model_name='subscriber',
name='bot_check2',
field=models.BooleanField(default=False),
),
]
......@@ -33,16 +33,18 @@ class Subscriber(models.Model) :
is_validated = models.NullBooleanField()
is_registered = models.NullBooleanField()
password = models.CharField(max_length=100)
bot_check1 = models.BooleanField(default=False)
bot_check2 = models.BooleanField(default=False)
def __unicode__(self) :
return self.email
def save(self, *args, **kwargs):
super(Subscriber, self).save(*args, **kwargs)
if self.is_validated is None:
self.send_confirmation_email()
def is_from_bot(self):
return bool(self.bot_check1 or self.bot_check2)
def send_confirmation_email(self):
if self.is_from_bot():
return
self.password = hashlib.sha1(force_bytes(str(random.random()))).hexdigest()
confirm_subject = loader.get_template('newsletter/confirmation_email_subject.txt')
confirm_body = loader.get_template('newsletter/confirmation_email_body.txt')
......
......@@ -3,6 +3,14 @@
{% csrf_token %}
<p>{% trans 'Every Monday, the news of the Panik week:' %}</p>
<input required name="email" type="email" placeholder="votre adresse email">
<div style="display: none"><label><input type="checkbox" name="validation">Cocher empêchera la création.</input></label>
<div style="display: none; display:block;">
<label><input type="checkbox" name="validation">Cocher empêchera la création.</input></label>
<label><input type="checkbox" name="validation2" id="validation2">Celle-ci doit par contre être cochée (déso les personnes sans js).</input></label>
<script>
(function() {
const checkbox = document.getElementById('validation2');
checkbox.checked = true;
})();
</script>
</div>
<button>{% trans 'Subscribe' %}</button>
......@@ -33,11 +33,14 @@ class SubscribeView(CreateView):
success_url = reverse_lazy('newsletter-thanks')
def form_valid(self, form):
if 'validation' in self.request.POST:
# anti-bot checkbox, if present, do not create subscription,
# but redirect to success page nevertheless
return HttpResponseRedirect(self.success_url)
return super().form_valid(form)
resp = super().form_valid(form)
# anti-bot checkboxes, if triggered, do not send confirmation email
# but redirect to success page nevertheless
self.object.bot_check1 = bool('validation' in self.request.POST)
self.object.bot_check2 = bool('validation2' not in self.request.POST)
if not self.object.is_from_bot():
self.object.send_confirmation_email()
return resp
subscribe = SubscribeView.as_view()
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment