[17.0][MIG] website_recaptcha_v2_form

test-requirements.txt

@@ -0,0 +1 @@
+odoo-addon-website_recaptcha_v2 @ git+https://github.com/OCA/website.git@refs/pull/1102/head#subdirectory=website_recaptcha_v2

website_recaptcha_v2_form/README.rst

@@ -0,0 +1,108 @@
+=========================
+Website reCAPTCHA v2 form
+=========================
+
+.. 
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! This file is generated by oca-gen-addon-readme !!
+   !! changes will be overwritten.                   !!
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! source digest: sha256:82c3625280a3850676447d821ae41a770088a52928f19dc3d67a5aa695b2e677
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
+    :target: https://odoo-community.org/page/development-status
+    :alt: Beta
+.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png
+    :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
+    :alt: License: AGPL-3
+.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fwebsite-lightgray.png?logo=github
+    :target: https://github.com/OCA/website/tree/17.0/website_recaptcha_v2_form
+    :alt: OCA/website
+.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
+    :target: https://translation.odoo-community.org/projects/website-17-0/website-17-0-website_recaptcha_v2_form
+    :alt: Translate me on Weblate
+.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
+    :target: https://runboat.odoo-community.org/builds?repo=OCA/website&target_branch=17.0
+    :alt: Try me on Runboat
+
+|badge1| |badge2| |badge3| |badge4| |badge5|
+
+This module allows you to use the recaptcha in its version 2 for the
+login, password reset and signup views; it is also configured as needed
+in the Form type snippets that appear on the Website.
+
+**Table of contents**
+
+.. contents::
+   :local:
+
+Configuration
+=============
+
+To configure this module, you need to:
+
+#. Go to **Website > Configuration > Settings**.
+
+#. Search 'reCAPTCHA v2' option.
+
+|reCaptcha v2|
+
+#. Click the link `Get reCAPTCHA v2
+keys <https://www.google.com/recaptcha/admin>`__ to generate the keys
+needed to use the recaptcha.
+
+|Get reCAPTCHA v2 keys|
+
+#. Fill in the generated **Site Key** and **Secret key**.
+
+|reCAPTCHA v2 keys|
+
+#. Enable recaptcha in form website. |reCAPTCHA v2 enable website|
+
+.. |reCaptcha v2| image:: https://raw.githubusercontent.com/OCA/website/17.0/website_recaptcha_v2_form/static/src/img/readme/img.png
+.. |Get reCAPTCHA v2 keys| image:: https://raw.githubusercontent.com/OCA/website/17.0/website_recaptcha_v2_form/static/src/img/readme/img_1.png
+.. |reCAPTCHA v2 keys| image:: https://raw.githubusercontent.com/OCA/website/17.0/website_recaptcha_v2_form/static/src/img/readme/img_2.png
+.. |reCAPTCHA v2 enable website| image:: https://raw.githubusercontent.com/OCA/website/17.0/website_recaptcha_v2_form/static/src/img/readme/img_3.png
+
+Bug Tracker
+===========
+
+Bugs are tracked on `GitHub Issues <https://github.com/OCA/website/issues>`_.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us to smash it by providing a detailed and welcomed
+`feedback <https://github.com/OCA/website/issues/new?body=module:%20website_recaptcha_v2_form%0Aversion:%2017.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+
+Do not contact contributors directly about support or help with technical issues.
+
+Credits
+=======
+
+Authors
+-------
+
+* Binhex
+
+Contributors
+------------
+
+-``BINHEX <https://binhex.cloud>``\ \_:
+
+- Edilio Escalona Almira
+
+Maintainers
+-----------
+
+This module is maintained by the OCA.
+
+.. image:: https://odoo-community.org/logo.png
+   :alt: Odoo Community Association
+   :target: https://odoo-community.org
+
+OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.
+
+This module is part of the `OCA/website <https://github.com/OCA/website/tree/17.0/website_recaptcha_v2_form>`_ project on GitHub.
+
+You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.

website_recaptcha_v2_form/__init__.py

@@ -0,0 +1,2 @@
+from . import models
+from . import controllers

website_recaptcha_v2_form/__manifest__.py

@@ -0,0 +1,30 @@
+{
+    "name": "Website reCAPTCHA v2 form",
+    "version": "17.0.1.0.0",
+    "category": "Website",
+    "depends": ["web", "auth_signup", "website", "website_recaptcha_v2"],
+    "author": """
+        Binhex,
+        Odoo Community Association (OCA)
+    """,
+    "license": "AGPL-3",
+    "website": "https://github.com/OCA/website",
+    "summary": """ Module that allows you to use recaptcha v2 for login, password reset,
+                   signup and snippet form on the website.
+    """,
+    "data": [
+        "views/webclient_templates.xml",
+        "views/auth_signup_login_templates.xml",
+        "views/s_website_form.xml",
+    ],
+    "assets": {
+        "website.assets_wysiwyg": [
+            "website_recaptcha_v2_form/static/src/xml/website_form_editor.xml",
+            "website_recaptcha_v2_form/static/src/snippets/s_website_form/options.esm.js",
+        ],
+        "web.assets_frontend": [
+            "website_recaptcha_v2_form/static/src/css/recaptcha.css",
+        ],
+    },
+    "installable": True,
+}

website_recaptcha_v2_form/controllers/__init__.py

@@ -0,0 +1,2 @@
+from . import main
+from . import form

website_recaptcha_v2_form/controllers/form.py

@@ -0,0 +1,30 @@
+# Part of Odoo. See LICENSE file for full copyright and licensing details.
+
+import json
+
+from odoo import http
+
+from odoo.addons.website.controllers.form import WebsiteForm
+
+from .main import RecaptchaHome
+
+
+class WebsiteRecaptchaForm(WebsiteForm):
+    @http.route(
+        "/website/form/<string:model_name>",
+        type="http",
+        auth="public",
+        methods=["POST"],
+        website=True,
+        csrf=False,
+    )
+    def website_form(self, model_name, **kwargs):
+        if kwargs.get("recaptcha_enabled", False):
+            valid = RecaptchaHome.verify_recaptcha_v2(self, values=kwargs)
+            if not isinstance(valid, bool):
+                return json.dumps(
+                    {
+                        "error": valid,
+                    }
+                )
+        return super().website_form(model_name, **kwargs)

website_recaptcha_v2_form/controllers/main.py

@@ -0,0 +1,86 @@
+import logging
+
+from odoo import _, http
+from odoo.exceptions import AccessDenied
+from odoo.http import request
+
+from odoo.addons.auth_signup.controllers.main import AuthSignupHome
+from odoo.addons.web.controllers.home import SIGN_UP_REQUEST_PARAMS, Home, ensure_db
+
+logger = logging.getLogger(__name__)
+
+SIGN_UP_REQUEST_PARAMS.add("g-recaptcha-response")
+
+
+class RecaptchaHome(Home):
+    def verify_recaptcha_v2(self, kw=None, template="", values=None):
+        Website = request.env["website"].sudo()
+        try:
+            request.env["ir.http"]._auth_method_public()
+            valid = Website.get_current_website().valid_recaptcha(values)
+            if valid:
+                if template == "web.login":
+                    return super().web_login(values.get("redirect", ""), **kw)
+                else:
+                    return True
+        except AccessDenied as e:
+            message_error = str(
+                e.args[0] if len(e.args) > 0 else _("Recaptcha is not valid.")
+            )
+            if template in (
+                "web.login",
+                "auth_signup.reset_password",
+                "auth_signup.signup",
+            ):
+                values.update({"error": message_error})
+                response = request.render(template, values)
+                response.headers["X-Frame-Options"] = "SAMEORIGIN"
+                response.headers["Content-Security-Policy"] = "frame-ancestors 'self'"
+                return response
+            else:
+                return message_error
+
+    @http.route()
+    def web_login(self, redirect=None, **kw):
+        ensure_db()
+        if request.httprequest.method == "POST":
+            values = {
+                k: v for k, v in request.params.items() if k in SIGN_UP_REQUEST_PARAMS
+            }
+            # Checking that if the request comes from the creation of the account,
+            # that the recaptcha is not checked again to avoid errors.
+
+            if (
+                values.get("confirm_password", "") == ""
+                and request.httprequest.url.find("web/signup") == -1
+            ):
+                return self.verify_recaptcha_v2(
+                    kw=kw, template="web.login", values=values
+                )
+        return super().web_login(redirect, **kw)
+
+
+class RecaptchaAuthSignupHome(AuthSignupHome):
+    @http.route(
+        "/web/reset_password", type="http", auth="public", website=True, sitemap=False
+    )
+    def web_auth_reset_password(self, *args, **kw):
+        qcontext = self.get_auth_signup_qcontext()
+        if request.httprequest.method == "POST":
+            valid = self.verify_recaptcha_v2(
+                kw=kw, template="auth_signup.reset_password", values=qcontext
+            )
+            if not isinstance(valid, bool):
+                return valid
+        return super().web_auth_reset_password(*args, **kw)
+
+    @http.route("/web/signup", type="http", auth="public", website=True, sitemap=False)
+    def web_auth_signup(self, *args, **kw):
+        qcontext = self.get_auth_signup_qcontext()
+        if request.httprequest.method == "POST":
+            valid = self.verify_recaptcha_v2(
+                template="auth_signup.signup", values=qcontext
+            )
+            if not isinstance(valid, bool):
+                return valid
+        return super().web_auth_signup(*args, **kw)

website_recaptcha_v2_form/i18n/es.po

@@ -0,0 +1,28 @@
+# Translation of Odoo Server.
+# This file contains the translation of the following modules:
+# 	* binhex_website_recaptcha_v2
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Odoo Server 16.0\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2024-12-02 16:23+0000\n"
+"PO-Revision-Date: 2024-12-02 16:23+0000\n"
+"Last-Translator: \n"
+"Language-Team: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: \n"
+"Plural-Forms: \n"
+
+#. module: binhex_website_recaptcha_v2
+#. odoo-python
+#: code:addons/binhex_website_recaptcha_v2/controllers/main.py:0
+#, python-format
+msgid "Recaptcha is not valid."
+msgstr "Recaptcha no es válido."
+
+#. module: binhex_website_recaptcha_v2
+#: model:ir.model,name:binhex_website_recaptcha_v2.model_website
+msgid "Website"
+msgstr "Sitio web"

website_recaptcha_v2_form/models/__init__.py

@@ -0,0 +1 @@
+from . import website

website_recaptcha_v2_form/models/website.py

@@ -0,0 +1,45 @@
+from odoo import api, models
+from odoo.exceptions import AccessDenied
+
+
+class Website(models.Model):
+    _inherit = "website"
+
+    def valid_recaptcha(self, values):
+        valid, message = self.is_recaptcha_v2_valid(values)
+        if not valid:
+            raise AccessDenied(message)
+        return True
+
+    @api.model
+    def get_recaptcha_v2_site_key(self):
+        return self.sudo().get_current_website().recaptcha_v2_site_key
+
+    def update_recaptcha_v2_site_key(self):
+        views_recaptcha = (
+            self.env["ir.ui.view"]
+            .sudo()
+            .search(
+                [
+                    ("arch_db", "ilike", 'class="g-recaptcha"'),
+                    ("website_id", "!=", False),
+                ]
+            )
+        )
+        if views_recaptcha:
+            for view in views_recaptcha:
+                site_key_old = view.arch_db.split('data-sitekey="')
+                if len(site_key_old) > 1:
+                    site_key_old = site_key_old[1].split('"')[0]
+                    if site_key_old:
+                        updated_arch = view.arch_db.replace(
+                            f'data-sitekey="{site_key_old}"',
+                            f'data-sitekey="{self.recaptcha_v2_site_key}"',
+                        )
+                        view.sudo().write({"arch": updated_arch})
+
+    def write(self, vals):
+        res = super().write(vals)
+        if "recaptcha_v2_site_key" in vals:
+            self.update_recaptcha_v2_site_key()
+        return res

website_recaptcha_v2_form/pyproject.toml

@@ -0,0 +1,3 @@
+[build-system]
+requires = ["whool"]
+build-backend = "whool.buildapi"

website_recaptcha_v2_form/readme/CONFIGURE.md

@@ -0,0 +1,19 @@
+ To configure this module, you need to:
+
+#. Go to **Website > Configuration > Settings**.
+
+#. Search 'reCAPTCHA v2' option.
+
+![reCaptcha v2](../static/src/img/readme/img.png)
+
+#. Click the link [Get reCAPTCHA v2 keys](https://www.google.com/recaptcha/admin)
+   to generate the keys needed to use the recaptcha.
+
+![Get reCAPTCHA v2 keys](../static/src/img/readme/img_1.png)
+
+#. Fill in the generated **Site Key** and **Secret key**.
+
+![reCAPTCHA v2 keys](../static/src/img/readme/img_2.png)
+
+#. Enable recaptcha in form website.
+![reCAPTCHA v2 enable website](../static/src/img/readme/img_3.png)

website_recaptcha_v2_form/readme/CONTRIBUTORS.md

@@ -0,0 +1,4 @@
+-`BINHEX <https://binhex.cloud>`_:
+
+  - Edilio Escalona Almira
+  - Antonio Ruban <antoniodavid8@gmail.com>

website_recaptcha_v2_form/readme/DESCRIPTION.md

@@ -0,0 +1,3 @@
+This module allows you to use the recaptcha in its version 2 for the login,
+password reset and signup views; it is also configured as needed in the
+Form type snippets that appear on the Website.