paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-04 05:53:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

altcha: More error-proofing around settings validation.

Browse Source
This commit is contained in:
Alex Vandiver
2025-07-25 23:25:19 +00:00
committed by Tim Abbott
parent f0f916f538
commit 8af90294d8
2 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
zerver/forms.py
View File

@@ -403,6 +403,8 @@ class CaptchaRealmCreationForm(RealmCreationForm):
def clean_captcha(self) -> str:
payload = self.data.get("captcha", "")
if not settings.USING_CAPTCHA or not settings.ALTCHA_HMAC_KEY: # nocoverage
raise forms.ValidationError(_("Challenges are not enabled."))
try:
ok, err = verify_solution(payload, settings.ALTCHA_HMAC_KEY, check_expires=True)

3
zerver/views/antispam.py
View File

@@ -25,6 +25,9 @@ class AltchaPayload(BaseModel):
def get_challenge(
request: HttpRequest,
) -> HttpResponseBase:
if not settings.USING_CAPTCHA or not settings.ALTCHA_HMAC_KEY: # nocoverage
raise JsonableError(_("Challenges are not enabled."))
now = timezone_now()
expires = now + timedelta(minutes=1)
try: