Add reCaptcha

WebApp/ApiModule.cs

@@ -1,8 +1,11 @@
 using System;
 using System.Collections.Generic;
 using System.Linq;
+using System.Net;
+using System.Net.Http;
 using System.Threading;
 using System.Threading.Tasks;
+using System.Web.Script.Serialization;
 
 using TrulyQuantumChess.Kernel.Errors;
 using TrulyQuantumChess.Kernel.Moves;
@@ -29,7 +32,38 @@ public ApiModule()
             // Post["/submit_move", true] = SubmitMove;
         }
 
+        private struct RecaptchaResponseModel {
+            public bool success;
+            public string challenge_ts;
+            public string hostname;
+            public string[] error_codes;
+        }
+
+        private static readonly JavaScriptSerializer Serializer_ =
+            new JavaScriptSerializer();
+
+        private async Task<bool> ValidateCaptchaResponse(string captcha_response) {
+            using (var client = new HttpClient()) {
+                var values = new Dictionary<String, String> {
+                    { "secret", WebAppConfig.Instance.Captcha.Secret },
+                    { "response", captcha_response }
+                };
+                var content = new FormUrlEncodedContent(values);
+                var response = await client.PostAsync("https://www.google.com/recaptcha/api/siteverify", content);
+                var response_string = await response.Content.ReadAsStringAsync();
+                response_string = response_string.Replace("error-codes", "error_codes"); // I know this is a hack. I don't care.
+                RecaptchaResponseModel model = Serializer_.Deserialize<RecaptchaResponseModel>(response_string);
+                return model.success;
+            }
+        }
+
         private async Task<dynamic> NewGame(dynamic args, CancellationToken cancellation_token) {
+            if (WebAppConfig.Instance.Captcha.Enabled) {
+                bool captcha_validated = await ValidateCaptchaResponse(Request.Query["captcha_response"]);
+                if (!captcha_validated) {
+                    return 500;
+                }
+            }
             var engine = new QuantumChessEngine();
             string game_id = await WebAppManagers.DatabaseManager.InsertEngine(engine);
             var new_game_response = new Model.NewGameResponse() {

WebApp/Content/index.js

@@ -1,6 +1,16 @@
-$(function() {
-    $("#play_btn").click(function() {
-        $.get(prefix + "/api/new_game", {}, function(data) {
+var g_captcha_response = "";
+
+function captcha_callback(captcha_response) {
+    g_captcha_response = captcha_response;
+}
+
+$(function() {
+    $("#launch_new_game_btn").click(function() {
+        $.get(prefix + "/api/new_game",
+        {
+            "captcha_response": g_captcha_response
+        },
+        function(data) {
             var gameId = data.gameId;
             window.location = prefix + "/play?gameId=" + gameId;
         });

WebApp/HtmlModule.cs

@@ -18,6 +18,8 @@ private dynamic Index(dynamic args) {
             return View["Index.sshtml", new {
                 WebAppConfig.Instance.Prefix,
                 WebAppConfig.Instance.DocUrl,
+                CaptchaEnabled = WebAppConfig.Instance.Captcha.Enabled,
+                CaptchaCode = WebAppConfig.Instance.Captcha.Public,
                 PageTitle = "Truly Quantum Chess",
             }];
         }

WebApp/Templates/Index.sshtml

@@ -2,13 +2,35 @@
 
 @Section['Head']
 	<script src="@Model.Prefix/content/index.js"></script>
+	@If.CaptchaEnabled
+		<script src='https://www.google.com/recaptcha/api.js'></script>
+	@EndIf
 @EndSection
 
 @Section['Body']
 	<div class="centered">
 		<img src="@Model.Prefix/content/logo.png"></img>
 		<br><br>
-		<button id="play_btn" class="btn btn-primary">Play with friend</button>
+		<button id="play_btn" class="btn btn-primary" data-toggle="modal" data-target="#play_modal">Play with friend</button>
 		<a target="_blank" href="@Model.DocUrl" class="btn btn-default">Rules of quantum chess</a>
 	</div>
+	<div class="modal fade" id="play_modal" tabindex="-1" role="dialog" aria-labelledby="play_modal_title">
+		<div class="modal-dialog" role="document">
+			<div class="modal-content">
+				<div class="modal-header">
+					<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+					<h4 class="modal-title" id="play_modal_title">Play with friend</h4>
+				</div>
+				<div class="modal-body">
+					@If.CaptchaEnabled
+						<div class="g-recaptcha" data-sitekey="@Model.CaptchaCode" data-callback="captcha_callback"></div>
+					@EndIf
+				</div>
+				<div class="modal-footer">
+					<button type="button" class="btn btn-default" data-dismiss="modal">Cancel</button>
+					<button type="button" class="btn btn-primary" id="launch_new_game_btn">Launch new game</button>
+				</div>
+			</div>
+		</div>
+	</div>
 @EndSection

WebApp/Templates/Play.sshtml

@@ -21,7 +21,7 @@
 		<span id="game_state">Copy the URL of this page and send it to your friend</span>
 		<br>
 		<div id="new_game" hidden="true">
-			<a href="@Model.Prefix" class="btn btn-default">New game</a>
+			<a href="@Model.Prefix/" class="btn btn-default">New game</a>
 			<br> <br>
 		</div>
 		<strong>active player: <span id="active_player">-</span></strong>

WebApp/WebApp.csproj

@@ -48,6 +48,9 @@
     <Reference Include="MongoDB.Driver">
       <HintPath>..\packages\MongoDB.Driver.2.4.2\lib\net45\MongoDB.Driver.dll</HintPath>
     </Reference>
+    <Reference Include="System.Net.Http" />
+    <Reference Include="System.Net" />
+    <Reference Include="System.Net.Http.WebRequest" />
   </ItemGroup>
   <ItemGroup>
     <Compile Include="Program.cs" />
@@ -160,6 +163,7 @@
     <None Include="Templates\ActiveGames.sshtml">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>
+    <None Include="WebAppConfig_dockerized.json" />
   </ItemGroup>
   <ItemGroup>
     <Folder Include="Templates\" />

WebApp/WebAppConfig.cs

@@ -23,6 +23,7 @@ static WebAppConfig() {
         public bool Debug { get; private set; }
         public PiecesInfo Pieces { get; private set; }
         public string DocUrl { get; private set; }
+        public CaptchaSettings Captcha { get; private set; }
     }
 
     // Helper for dependency injections
@@ -53,4 +54,10 @@ public class PiecesWidthRatiosInfo {
         public double Queen { get; private set; }
         public double King { get; private set; }
     }
+
+    public class CaptchaSettings {
+        public bool Enabled { get; private set; }
+        public string Public { get; private set; }
+        public string Secret { get; private set; }
+    }
 }

WebApp/WebAppConfig.json

@@ -1,6 +1,6 @@
 {
     "ListenUrl" : "http://localhost:9000",
-    "Prefix": "/truly-quantum-chess",
+    "Prefix": "",
     "Mongo": {
         "ConnectionString": "mongodb://localhost:32768",
         "Database": "truly_quantum_chess"
@@ -18,5 +18,10 @@
             "King": 0.83
         }
     },
-    "DocUrl": "https://github.com/caphindsight/TrulyQuantumChess/wiki"
+    "DocUrl": "https://github.com/caphindsight/TrulyQuantumChess/wiki",
+    "Captcha": {
+        "Enabled": true,
+        "Public": "6Lf-LhcUAAAAAG11TNlD8rqnjhOW9WuUpfVy1qfL",
+        "Secret": "6Lf-LhcUAAAAAEU_QLMfIJ94eqLpnFXc-qfyz-Jl"
+    }
 }

WebApp/WebAppConfig_dockerized.json

@@ -18,5 +18,10 @@
             "King": 0.83
         }
     },
-    "DocUrl": "https://github.com/caphindsight/TrulyQuantumChess/wiki"
+    "DocUrl": "https://github.com/caphindsight/TrulyQuantumChess/wiki",
+    "Captcha": {
+        "Enabled": true,
+        "Public": "6LdUlikTAAAAANmAPmncAzWMV20RlVlZOlbhi7R7",
+        "Secret": "6LdUlikTAAAAAFnV06iD6MPauLtede0IbWTgyRQN"
+    }
 }