1b493c9fee
Fixes #1649 This requires setting `HCAPTCHA_SECRET_KEY` and `HCAPTCHA_SITE_KEY`, then enabling the admin setting at `/admin/settings/edit#form_admin_settings_captcha_enabled` Subsequently, a hCaptcha widget will be displayed on `/about` and `/auth/sign_up` unless: - the user is already signed-up already - the user has used an invite link - the user has already solved the captcha (and registration failed for another reason) The Content-Security-Policy headers are altered automatically to allow the third-party hCaptcha scripts on `/about` and `/auth/sign_up` following the same rules as above.
16 lines
454 B
Ruby
16 lines
454 B
Ruby
# frozen_string_literal: true
|
|
|
|
module Admin::SettingsHelper
|
|
def site_upload_delete_hint(hint, var)
|
|
upload = SiteUpload.find_by(var: var.to_s)
|
|
return hint unless upload
|
|
|
|
link = link_to t('admin.site_uploads.delete'), admin_site_upload_path(upload), data: { method: :delete }
|
|
safe_join([hint, link], '<br/>'.html_safe)
|
|
end
|
|
|
|
def captcha_available?
|
|
ENV['HCAPTCHA_SECRET_KEY'].present? && ENV['HCAPTCHA_SITE_KEY'].present?
|
|
end
|
|
end
|