From b45649018643d754ff2030f82c58f076694e3ecb Mon Sep 17 00:00:00 2001
From: Nicolas Bally <info@nicolasbally.com>
Date: Mon, 26 Aug 2019 16:07:27 +0200
Subject: [PATCH] suite

---
 app/controllers/contact_controller.rb         | 82 +++++++++++++------
 app/views/public/menu_items/contact.html.haml |  6 +-
 config/environments/development.rb            |  4 +
 config/environments/production.rb             |  3 +
 4 files changed, 69 insertions(+), 26 deletions(-)

diff --git a/app/controllers/contact_controller.rb b/app/controllers/contact_controller.rb
index 138af54..b985291 100644
--- a/app/controllers/contact_controller.rb
+++ b/app/controllers/contact_controller.rb
@@ -8,37 +8,69 @@ class ContactController < ApplicationController
 
   def create
     @lang = LangSite.first
-    @params = params
-    DemandeMail.prise(@params).deliver
-    DemandeMail.remerciement(@params).deliver
+    
+    if valid_captcha?(params['g-recaptcha-response'])
+    
+      if true
+        @params = params
+        DemandeMail.prise(@params).deliver
+        DemandeMail.remerciement(@params).deliver
     
     
-    api_url = "http://#{UAL_API_HOST}/admin/contacts/api"
+        api_url = "http://#{UAL_API_HOST}/admin/contacts/api"
 
 
-    @c = Curl::Easy.new(api_url) do |curl|      
-      curl.verbose = true
+        @c = Curl::Easy.new(api_url) do |curl|      
+          curl.verbose = true
+        end
+
+
+        @c.http_post(
+        Curl::PostField.content(:name, @params[:name]),
+        Curl::PostField.content(:address, @params[:address]),
+        Curl::PostField.content(:address2, @params[:address2]),
+        Curl::PostField.content(:cp, @params[:cp]),
+        Curl::PostField.content(:city, @params[:city]),
+        Curl::PostField.content(:tel, @params[:tel]),
+        Curl::PostField.content(:mail, @params[:mail]),
+        Curl::PostField.content(:place, @params[:place]),
+        Curl::PostField.content(:type, @params[:type].to_s),
+        Curl::PostField.content(:owner, @params[:owner].to_s),
+        Curl::PostField.content(:message, @params[:message])
+    
+        )
+
+        @debug = @c.body_str
+      else
+        render :inline => "ok"
+      end
+    else
+      redirect_to :back
     end
-
-
-    @c.http_post(
-    Curl::PostField.content(:name, @params[:name]),
-    Curl::PostField.content(:address, @params[:address]),
-    Curl::PostField.content(:address2, @params[:address2]),
-    Curl::PostField.content(:cp, @params[:cp]),
-    Curl::PostField.content(:city, @params[:city]),
-    Curl::PostField.content(:tel, @params[:tel]),
-    Curl::PostField.content(:mail, @params[:mail]),
-    Curl::PostField.content(:place, @params[:place]),
-    Curl::PostField.content(:type, @params[:type].to_s),
-    Curl::PostField.content(:owner, @params[:owner].to_s),
-    Curl::PostField.content(:message, @params[:message])
-    
-    )
-
-    @debug = @c.body_str
-    
     
     
   end
+  
+  def valid_captcha?(recaptcha_response)
+      return true if Rails.env.test?
+
+      
+      @c = Curl::Easy.new("https://www.google.com/recaptcha/api/siteverify") do |curl|      
+        curl.verbose = true
+      end
+
+
+      @c.http_post(
+      Curl::PostField.content(:secret, RECAPTCHA_SECRET_KEY),
+      Curl::PostField.content(:response, recaptcha_response)
+  
+      )
+
+      @debug = JSON.parse(@c.body_str) #["successe"]
+      
+      return @debug["success"]
+      
+      
+  end
+  
 end
diff --git a/app/views/public/menu_items/contact.html.haml b/app/views/public/menu_items/contact.html.haml
index 0a62701..8171bde 100644
--- a/app/views/public/menu_items/contact.html.haml
+++ b/app/views/public/menu_items/contact.html.haml
@@ -96,7 +96,11 @@
           %label Message
         =text_area_tag :message, "", :placeholder => "Message", :style => "height:10em;"
         %p Les champs marqués d'un * sont requis.
-      
+        
+        <script src="https://www.google.com/recaptcha/api.js" async defer></script>
+        
+        =raw '<div class="g-recaptcha" data-sitekey="'+RECAPTCHA_SITE_KEY+'"></div>'
+        
         =submit_tag "Envoyer", :style => "display:block;text-align:center;margin:auto;color:white;background:#9ab354;border-radius:1em; padding:0.5em 1em; font-size:1em; border:0px;"
       
       :javascript
diff --git a/config/environments/development.rb b/config/environments/development.rb
index 943f4b3..771e726 100644
--- a/config/environments/development.rb
+++ b/config/environments/development.rb
@@ -46,4 +46,8 @@ Rails.application.configure do
   
   config.action_mailer.default_url_options = { :host => HOSTNAME }
   UAL_API_HOST = "localhost:3000"
+  
+  RECAPTCHA_SITE_KEY   = '6Ldj6LQUAAAAACY6SmePKeUcpbcY9WVD47-u8l_s'
+  RECAPTCHA_SECRET_KEY = '6Ldj6LQUAAAAAO-11feITBPmDATAF--NqcXh5_WP'
+  
 end
diff --git a/config/environments/production.rb b/config/environments/production.rb
index c3a272a..20d2bbe 100644
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@@ -82,6 +82,9 @@ Rails.application.configure do
   #config.action_mailer.delivery_method = :file
   config.action_mailer.default_url_options = { :host => HOSTNAME }
 	
+  RECAPTCHA_SITE_KEY   = '6Ldj6LQUAAAAACY6SmePKeUcpbcY9WVD47-u8l_s'
+  RECAPTCHA_SECRET_KEY = '6Ldj6LQUAAAAAO-11feITBPmDATAF--NqcXh5_WP'
+  
   config.action_mailer.delivery_method = :smtp
   config.action_mailer.smtp_settings = {
     :address              => "localhost",