mirror of
https://0xacab.org/sutty/sutty
synced 2024-11-22 20:46:21 +00:00
feat: bloquear spambots después de un minuto #17722
This commit is contained in:
parent
93ad72f86d
commit
f00e3b8230
2 changed files with 41 additions and 0 deletions
|
@ -7,6 +7,7 @@ class RegistrationsController < Devise::RegistrationsController
|
||||||
class SpambotError < StandardError; end
|
class SpambotError < StandardError; end
|
||||||
|
|
||||||
prepend_before_action :anti_spambot_traps, only: %i[create]
|
prepend_before_action :anti_spambot_traps, only: %i[create]
|
||||||
|
prepend_after_action :lock_spambots, only: %i[create]
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
|
@ -18,6 +19,15 @@ class RegistrationsController < Devise::RegistrationsController
|
||||||
@spambot ||= params.dig(:usuarie, :name).present?
|
@spambot ||= params.dig(:usuarie, :name).present?
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# Bloquea las cuentas de spam dentro de un minuto, para hacerles creer
|
||||||
|
# que la cuenta se creó correctamente.
|
||||||
|
def lock_spambots
|
||||||
|
return unless spambot?
|
||||||
|
return unless current_usuarie
|
||||||
|
|
||||||
|
LockUsuarieJob.set(wait: 1.minute).perform_later(usuarie: current_usuarie)
|
||||||
|
end
|
||||||
|
|
||||||
# Detecta e informa spambots muy simples
|
# Detecta e informa spambots muy simples
|
||||||
#
|
#
|
||||||
# @return [nil]
|
# @return [nil]
|
||||||
|
@ -38,4 +48,16 @@ class RegistrationsController < Devise::RegistrationsController
|
||||||
p['usuarie'].delete 'password_confirmation'
|
p['usuarie'].delete 'password_confirmation'
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# Si le usuarie es considerade spambot, no enviamos el correo de
|
||||||
|
# confirmación al crear la cuenta.
|
||||||
|
def sign_up_params
|
||||||
|
if spambot?
|
||||||
|
params[:usuarie][:confirmed_at] = Time.now.utc
|
||||||
|
|
||||||
|
devise_parameter_sanitizer.permit(:sign_up, keys: %i[confirmed_at])
|
||||||
|
end
|
||||||
|
|
||||||
|
super
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
19
app/jobs/lock_usuarie_job.rb
Normal file
19
app/jobs/lock_usuarie_job.rb
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
# frozen_string_literal: true
|
||||||
|
|
||||||
|
# Bloquea el acceso a une usuarie
|
||||||
|
class LockUsuarieJob < ApplicationJob
|
||||||
|
# Cambiamos la contraseña, aplicamos un bloqueo y cerramos la sesión
|
||||||
|
# para que no pueda volver a entrar hasta que siga las instrucciones
|
||||||
|
# de desbloqueo.
|
||||||
|
#
|
||||||
|
# @param :usuarie [Usuarie]
|
||||||
|
# @return [nil]
|
||||||
|
def perform(usuarie:)
|
||||||
|
password = SecureRandom.base36
|
||||||
|
|
||||||
|
usuarie.skip_password_change_notification!
|
||||||
|
usuarie.update(password: password, password_confirmation: password, remember_created_at: nil, locked_at: Time.utc.now)
|
||||||
|
|
||||||
|
nil
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in a new issue