diff --git a/azure-pipelines.yml b/azure-pipelines.yml
index acd5f9ed..6d1148ba 100644
--- a/azure-pipelines.yml
+++ b/azure-pipelines.yml
@@ -35,7 +35,7 @@ steps:
inputs:
command: build
projects: '**/*.sln'
- arguments: '--no-restore --configuration $(BuildConfiguration) -p:VersionPrefix=2.0.$(Build.BuildId) -p:FileVersion=2.0.$(Build.BuildId).0'
+ arguments: '--no-restore --configuration $(BuildConfiguration) -p:VersionPrefix=2.11.$(Build.BuildId) -p:FileVersion=2.11.$(Build.BuildId).0'
- script: dotnet test source/DasBlog.Tests/UnitTests/ --logger trx;LogfileName=test_results.xml --results-directory $(System.DefaultWorkingDirectory)/test_results --filter Category=UnitTest
displayName: Run Unit Tests on Windows
diff --git a/source/DasBlog.Services/ConfigFile/Interfaces/ISiteConfig.cs b/source/DasBlog.Services/ConfigFile/Interfaces/ISiteConfig.cs
index 3891406a..eaa59221 100644
--- a/source/DasBlog.Services/ConfigFile/Interfaces/ISiteConfig.cs
+++ b/source/DasBlog.Services/ConfigFile/Interfaces/ISiteConfig.cs
@@ -206,6 +206,12 @@ public interface ISiteConfig
bool EnableCaptcha { get; set; }
+ string RecaptchaSiteKey { get; set; }
+
+ string RecaptchaSecretKey { get; set; }
+
+ double RecaptchaMinimumScore { get; set; }
+
bool EnableReferralUrlBlackList404s { get; set; }
bool EnableMovableTypeBlackList { get; set; }
diff --git a/source/DasBlog.Services/ConfigFile/SiteConfig.cs b/source/DasBlog.Services/ConfigFile/SiteConfig.cs
index 2de11506..764ad380 100644
--- a/source/DasBlog.Services/ConfigFile/SiteConfig.cs
+++ b/source/DasBlog.Services/ConfigFile/SiteConfig.cs
@@ -130,6 +130,9 @@ public SiteConfig() { }
public string ReferralUrlBlackList { get; set; }
public string[] ReferralUrlBlackListArray { get; set; }
public bool EnableCaptcha { get; set; }
+ public string RecaptchaSiteKey { get; set; }
+ public string RecaptchaSecretKey { get; set; }
+ public double RecaptchaMinimumScore {get; set; }
public bool EnableReferralUrlBlackList404s { get; set; }
public bool EnableMovableTypeBlackList { get; set; }
public string ChannelImageUrl { get; set; }
diff --git a/source/DasBlog.Tests/UnitTests/SiteConfigTest.cs b/source/DasBlog.Tests/UnitTests/SiteConfigTest.cs
index a2acbec1..a9401648 100644
--- a/source/DasBlog.Tests/UnitTests/SiteConfigTest.cs
+++ b/source/DasBlog.Tests/UnitTests/SiteConfigTest.cs
@@ -89,6 +89,9 @@ public class SiteConfigTest : ISiteConfig
public string ReferralUrlBlackList { get => throw new NotImplementedException(); set => throw new NotImplementedException(); }
public string[] ReferralUrlBlackListArray { get => throw new NotImplementedException(); set => throw new NotImplementedException(); }
public bool EnableCaptcha { get => throw new NotImplementedException(); set => throw new NotImplementedException(); }
+ public string RecaptchaSiteKey { get => throw new NotImplementedException(); set => throw new NotImplementedException(); }
+ public string RecaptchaSecretKey { get => throw new NotImplementedException(); set => throw new NotImplementedException(); }
+ public double RecaptchaMinimumScore { get => throw new NotImplementedException(); set => throw new NotImplementedException(); }
public bool EnableReferralUrlBlackList404s { get => throw new NotImplementedException(); set => throw new NotImplementedException(); }
public bool EnableMovableTypeBlackList { get => throw new NotImplementedException(); set => throw new NotImplementedException(); }
public string ChannelImageUrl { get => throw new NotImplementedException(); set => throw new NotImplementedException(); }
diff --git a/source/DasBlog.Web.UI/Config/site.Development.config b/source/DasBlog.Web.UI/Config/site.Development.config
index d102040e..6f63f78c 100644
--- a/source/DasBlog.Web.UI/Config/site.Development.config
+++ b/source/DasBlog.Web.UI/Config/site.Development.config
@@ -151,6 +151,9 @@
falsepoker;casino;pharmacy;sex;piss;cock;fuck;shit;pussy;gay;boys;girls;cheap;drugs;shipping;pussy;shemale;nude;slots;gambling;poker;uncut;taboo;pervert;fanta;hotbod;hotg;drunk;megavideo;femdom;incest;e-finance;holdem;deal;loan;consolidation;top-deals;hold-em;4-you;cell-phone;24x7;cute;spank;bott;girl;glamor;glamour;ortho;mortgage;models;cunt;cock;virgin;prussia;megavideo;debt;porn;4u;nude;naked;assh;hole;drug;bargin;insurance;xxx;teen;fatties;flower;leading;pill;diet;weight;gain;loss;viag;levit;best;online-dat;file://;scat;incest;credit;mortgage;calculator;esite;golf;gokura;oldie;fuzz;strap;ein.be;texasproptax;alphacarolinas;ourtownhelps;acrs;fortisenterprises;kardtoons;hermosa.us;monavaletoys;australia-;travel;berwick;sedona;handmade;digitaltwist;normytexas;xopy;superdolphins;instant;popwow;sportsparent;condo;flaf;mediavisor;gables;stmary;whichis;oiline;crepe;tmsa;easymoney;loddes;rimp;milf;halloween;bdsm;paris;hentai;britney;4free;ownsthis;fidelity;uae;cash;labels;hotel;spood;newtruths;krant;twinky;nehru;ansar;tclighting;reservedining;parkviewsoc;hometeaminspect;stories-on;marshally;suttonjames;hdic;pagetwo;ingy;psyche;seedfarm;azian;sportingcolor;atlanta2000;rifp;mor-lit;catcha;sysrem;exitq;rethy;lemon;zone-b51;jfcadvocacy;weighweb;mp-forum;darkangel;gargz;grot;yonet;middlecay;merchant;lvcpa;hassler;taklar;simonr;pisoc;alumni;applyonline;clonaze;rulo;tecrep;learnhow;arsc;69-review;exotic;adult;18dvd;nett;cialis;yelucie;dildo;ikill;saluk;doobu;cream;blonde;oncam;basket;her-first;lutsch;nicht;fundel;rausg;omni;cum;cxa.de;tits;sami;alters;krank;it2u;sperm;fick;kred;studiomoney;ca-america;vrajitor;pkv.net;buy-2005;gaming;uncovered;corpor;firsthori;win-2005;vinhas;forex;conjur;bellen;personalsites;geert;learningphp;ms-inc;slots;ejac;blackjack;wins;wslp;zindagi;ladysroom;nerosang;wadoo;owned;dvdwizard;scout;op-clan;three.us;vegas;hosting;texas;whvc;ua-;bodyshop;stumble;slot;findmore;bardak;hernya;adult-;texas;craps;porno;codone;azerfalse
+ your_google_recaptcha_site_key_here
+ your_google_recaptcha_secret_key_here
+ 0.7falsefalsefalse
diff --git a/source/DasBlog.Web.UI/Config/site.config b/source/DasBlog.Web.UI/Config/site.config
index e9b23c00..cd54954e 100644
--- a/source/DasBlog.Web.UI/Config/site.config
+++ b/source/DasBlog.Web.UI/Config/site.config
@@ -153,6 +153,9 @@
falsepoker;casino;pharmacy;sex;piss;cock;fuck;shit;pussy;gay;boys;girls;cheap;drugs;shipping;pussy;shemale;nude;slots;gambling;poker;uncut;taboo;pervert;fanta;hotbod;hotg;drunk;megavideo;femdom;incest;e-finance;holdem;deal;loan;consolidation;top-deals;hold-em;4-you;cell-phone;24x7;cute;spank;bott;girl;glamor;glamour;ortho;mortgage;models;cunt;cock;virgin;prussia;megavideo;debt;porn;4u;nude;naked;assh;hole;drug;bargin;insurance;xxx;teen;fatties;flower;leading;pill;diet;weight;gain;loss;viag;levit;best;online-dat;file://;scat;incest;credit;mortgage;calculator;esite;golf;gokura;oldie;fuzz;strap;ein.be;texasproptax;alphacarolinas;ourtownhelps;acrs;fortisenterprises;kardtoons;hermosa.us;monavaletoys;australia-;travel;berwick;sedona;handmade;digitaltwist;normytexas;xopy;superdolphins;instant;popwow;sportsparent;condo;flaf;mediavisor;gables;stmary;whichis;oiline;crepe;tmsa;easymoney;loddes;rimp;milf;halloween;bdsm;paris;hentai;britney;4free;ownsthis;fidelity;uae;cash;labels;hotel;spood;newtruths;krant;twinky;nehru;ansar;tclighting;reservedining;parkviewsoc;hometeaminspect;stories-on;marshally;suttonjames;hdic;pagetwo;ingy;psyche;seedfarm;azian;sportingcolor;atlanta2000;rifp;mor-lit;catcha;sysrem;exitq;rethy;lemon;zone-b51;jfcadvocacy;weighweb;mp-forum;darkangel;gargz;grot;yonet;middlecay;merchant;lvcpa;hassler;taklar;simonr;pisoc;alumni;applyonline;clonaze;rulo;tecrep;learnhow;arsc;69-review;exotic;adult;18dvd;nett;cialis;yelucie;dildo;ikill;saluk;doobu;cream;blonde;oncam;basket;her-first;lutsch;nicht;fundel;rausg;omni;cum;cxa.de;tits;sami;alters;krank;it2u;sperm;fick;kred;studiomoney;ca-america;vrajitor;pkv.net;buy-2005;gaming;uncovered;corpor;firsthori;win-2005;vinhas;forex;conjur;bellen;personalsites;geert;learningphp;ms-inc;slots;ejac;blackjack;wins;wslp;zindagi;ladysroom;nerosang;wadoo;owned;dvdwizard;scout;op-clan;three.us;vegas;hosting;texas;whvc;ua-;bodyshop;stumble;slot;findmore;bardak;hernya;adult-;texas;craps;porno;codone;azerfalse
+ your_google_recaptcha_site_key_here
+ your_google_recaptcha_secret_key_here
+ 0.7falsefalsefalse
diff --git a/source/DasBlog.Web.UI/Controllers/BlogPostController.cs b/source/DasBlog.Web.UI/Controllers/BlogPostController.cs
index 670e76e0..098fa96c 100644
--- a/source/DasBlog.Web.UI/Controllers/BlogPostController.cs
+++ b/source/DasBlog.Web.UI/Controllers/BlogPostController.cs
@@ -19,6 +19,8 @@
using System.Linq;
using System.Net;
using DasBlog.Web.Services;
+using reCAPTCHA.AspNetCore.Attributes;
+using reCAPTCHA.AspNetCore;
namespace DasBlog.Web.Controllers
{
@@ -34,11 +36,12 @@ public class BlogPostController : DasBlogBaseController
private readonly ILogger logger;
private readonly IBlogPostViewModelCreator modelViewCreator;
private readonly IMemoryCache memoryCache;
+ private readonly IRecaptchaService recaptcha;
public BlogPostController(IBlogManager blogManager, IHttpContextAccessor httpContextAccessor, IDasBlogSettings dasBlogSettings,
IMapper mapper, ICategoryManager categoryManager, IFileSystemBinaryManager binaryManager, ILogger logger,
- IBlogPostViewModelCreator modelViewCreator, IMemoryCache memoryCache)
+ IBlogPostViewModelCreator modelViewCreator, IMemoryCache memoryCache,IRecaptchaService recaptcha)
: base(dasBlogSettings)
{
this.blogManager = blogManager;
@@ -50,6 +53,7 @@ public BlogPostController(IBlogManager blogManager, IHttpContextAccessor httpCon
this.logger = logger;
this.modelViewCreator = modelViewCreator;
this.memoryCache = memoryCache;
+ this.recaptcha = recaptcha;
}
[AllowAnonymous]
@@ -346,7 +350,11 @@ public IActionResult AddComment(AddCommentViewModel addcomment)
return Comment(addcomment.TargetEntryId);
}
- if (dasBlogSettings.SiteConfiguration.CheesySpamQ.Trim().Length > 0 &&
+ // Optional in case of Captcha. Commenting the settings in the config file
+ // Will disable this check. People will typically disable this when using captcha.
+ if (!String.IsNullOrEmpty(dasBlogSettings.SiteConfiguration.CheesySpamQ) &&
+ !String.IsNullOrEmpty(dasBlogSettings.SiteConfiguration.CheesySpamA) &&
+ dasBlogSettings.SiteConfiguration.CheesySpamQ.Trim().Length > 0 &&
dasBlogSettings.SiteConfiguration.CheesySpamA.Trim().Length > 0)
{
if (string.Compare(addcomment.CheesyQuestionAnswered, dasBlogSettings.SiteConfiguration.CheesySpamA,
@@ -356,6 +364,23 @@ public IActionResult AddComment(AddCommentViewModel addcomment)
}
}
+ if(dasBlogSettings.SiteConfiguration.EnableCaptcha)
+ {
+ var recaptchaTask = recaptcha.Validate(Request);
+ recaptchaTask.Wait();
+ var recaptchaResult = recaptchaTask.Result;
+ if ((!recaptchaResult.success || recaptchaResult.score != 0) &&
+ recaptchaResult.score < dasBlogSettings.SiteConfiguration.RecaptchaMinimumScore )
+ {
+ // Todo: Rajiv Popat: This just redirects to the comment page. Ideally user should be informed that
+ // the captch is invalid and he should be shown an error page with ability to fix the issue.
+ // We need to have the ability to show errors and let the user fix typos in Captcha or Cheesy
+ // Question. For now we are following the sample implementation as Cheesy Spam Question above
+ // for the sake of consistency but this should be fixed everywhere.
+ return Comment(addcomment.TargetEntryId);
+ }
+ }
+
addcomment.Content = dasBlogSettings.FilterHtml(addcomment.Content);
var commt = mapper.Map(addcomment);
diff --git a/source/DasBlog.Web.UI/DasBlog.Web.csproj b/source/DasBlog.Web.UI/DasBlog.Web.csproj
index 7c6c3279..4a0afa48 100644
--- a/source/DasBlog.Web.UI/DasBlog.Web.csproj
+++ b/source/DasBlog.Web.UI/DasBlog.Web.csproj
@@ -22,6 +22,7 @@
+
diff --git a/source/DasBlog.Web.UI/Models/AdminViewModels/SiteViewModel.cs b/source/DasBlog.Web.UI/Models/AdminViewModels/SiteViewModel.cs
index 494c8cab..aa75f22e 100644
--- a/source/DasBlog.Web.UI/Models/AdminViewModels/SiteViewModel.cs
+++ b/source/DasBlog.Web.UI/Models/AdminViewModels/SiteViewModel.cs
@@ -141,9 +141,26 @@ public class SiteViewModel
[DisplayName("Spam prevention answer")]
[Description("Cheesy Spam Answer - Defines an answer that the commenters need to respond with in order to submit a comment (only enabled when CheesySpamQ has a val")]
[StringLength(300, MinimumLength = 1, ErrorMessage = "{0} should be between 1 to 300 characters")]
-
public string CheesySpamA { get; set; }
+ [DisplayName("Enable Captcha")]
+ [Description("Let's You Decide if you want to use Google's Recaptcha to Prevents Bots from spamming the comments on your posts.")]
+ public bool EnableCaptcha { get; set; }
+
+ [DisplayName("Recapcha Minimum Score")]
+ [Description("Minimum Score for the Recaptcha to be considered pass. For example if you are asked to identify an image at least 50% of the images must be identified if score if 0.5")]
+ [Range(0.0, 1.0, ErrorMessage = "Values should be between 0 and 1")]
+ public double RecaptchaMinimumScore { get; set; }
+
+ [DisplayName("Google Recaptha Site Key")]
+ [Description("Recaptcha Site Key Based on Recaptha Configured On Google Recaptcha Admin Site.")]
+ [StringLength(300, MinimumLength = 1, ErrorMessage = "{0} should be between 1 to 300 characters")]
+ public string RecaptchaSiteKey { get; set; }
+
+ [DisplayName("Google Recaptcha Secret Key")]
+ [Description("Recaptcha Secret Key based on Recaptcha configured on Google Recaptha Admin Site.")]
+ [StringLength(300, MinimumLength = 1, ErrorMessage = "{0} should be between 1 to 300 characters")]
+ public string RecaptchaSecretKey { get; set; }
[DisplayName("Enable unique URls")]
[Description(@"Enable Title PermaLink Unique - Ensures all urls are unique by adding a date to the URL '\somepost' becomes '20191112\some - post'")]
@@ -292,8 +309,7 @@ public class SiteViewModel
public bool EnableReferralUrlBlackList { get; set; }
public string ReferralUrlBlackList { get; set; }
public string[] ReferralUrlBlackListArray { get; set; }
- public bool EnableCaptcha { get; set; }
- public bool EnableReferralUrlBlackList404s { get; set; }
+ public bool EnableReferralUrlBlackList404s { get; set; }
public bool EnableMovableTypeBlackList { get; set; }
public bool EnableCrossPostFooter { get; set; }
public string CrossPostFooter { get; set; }
diff --git a/source/DasBlog.Web.UI/Startup.cs b/source/DasBlog.Web.UI/Startup.cs
index 5d2a4ef9..b5c14e0a 100644
--- a/source/DasBlog.Web.UI/Startup.cs
+++ b/source/DasBlog.Web.UI/Startup.cs
@@ -36,6 +36,7 @@
using System.Security.Principal;
using System.Threading;
using System.Threading.Tasks;
+using reCAPTCHA.AspNetCore;
namespace DasBlog.Web
{
@@ -50,6 +51,8 @@ public class Startup
private readonly string LogFolderPath;
private readonly string BinariesPath;
private readonly string BinariesUrlRelativePath;
+ private readonly string RecaptchaSiteKey;
+ private readonly string RecaptchaSecretKey;
private readonly IWebHostEnvironment hostingEnvironment;
@@ -73,6 +76,8 @@ public Startup(IWebHostEnvironment env)
BinariesPath = new DirectoryInfo(Path.Combine(env.ContentRootPath, Configuration.GetValue("BinariesDir"))).FullName;
ThemeFolderPath = new DirectoryInfo(Path.Combine(hostingEnvironment.ContentRootPath, "Themes", Configuration.GetSection("Theme").Value)).FullName;
LogFolderPath = new DirectoryInfo(Path.Combine(hostingEnvironment.ContentRootPath, Configuration.GetSection("LogDir").Value)).FullName;
+ RecaptchaSiteKey = Configuration.GetSection("RecaptchaSiteKey").Value;
+ RecaptchaSecretKey = Configuration.GetSection("RecaptchaSecretKey").Value;
BinariesUrlRelativePath = "content/binary";
}
@@ -225,6 +230,12 @@ public void ConfigureServices(IServiceCollection services)
services
.AddControllersWithViews()
.AddRazorRuntimeCompilation();
+
+ services.AddRecaptcha(options =>
+ {
+ options.SiteKey = RecaptchaSiteKey;
+ options.SecretKey = RecaptchaSecretKey;
+ });
services.Configure(options =>
{
diff --git a/source/DasBlog.Web.UI/Views/Admin/Settings.cshtml b/source/DasBlog.Web.UI/Views/Admin/Settings.cshtml
index 9a1ad0b1..ec70df0d 100644
--- a/source/DasBlog.Web.UI/Views/Admin/Settings.cshtml
+++ b/source/DasBlog.Web.UI/Views/Admin/Settings.cshtml
@@ -227,7 +227,39 @@
-