-
-
Notifications
You must be signed in to change notification settings - Fork 158
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add an ALTCHA form field to the form generator #7054
base: 5.x
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey Marko, first of all, thank you so much for taking the time to work on this ❤️ We have discussed this in today's call and here is a first feedback.
Also some general info:
- @leofeyer will prepare a component for your altcha.js
- We don't need the
Pow
prefix/namespace you have added everywhere, you can just omit that :) - Translations: You don't have to worry about them, we only manage the English translations and then synchronize translations using transifex. So the current state of the PR is perfect 👍
- Regarding the unit tests: Do you want to give it a try and learn something new? For the
AltchaController
and thePurgeExpiredAltchaChallengesCron
things should be fairly straightforwad because we already have other controllers and cronjobs where you could check how the unit tests are written. This would probably be a good start? For theAltcha
service itself, we can also help 😊 (we can also for the rest, just wanted to check if you want to learn something new first 😎 )
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks already very good now! I have reviewed some more - after that, on to the tests I guess ;)
// The challenge expires in 1 hour (default) and it must be saved in the database | ||
// to prevent replay attacks. | ||
$expiryDate = date('Y-m-d\\TH:i:sP', time() + $this->altchaChallengeExpiry); | ||
$objAltcha = new AltchaEntity($challenge, new \DateTimeImmutable($expiryDate)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this cannot work because that class does not exist (that's why we need tests ;)).
The script is now available as Contao component: https://packagist.org/packages/contao-components/altcha |
As agreed with @Toflar on Slack, this PR delivers the integration of Altcha https://altcha.org/ for Contao 5.x
What are the thinks still needs to be done?
One point that is still open is the lack of unit tests, because I have too little experience in writing unit tests.
The translations are also missing.
The Altcha script is currently in the public directory and probably needs to be moved.
Please also take a close look at the widget class \Contao\AltchaForm. I am not sure if everything is 100% correct.
@ContaoCoreTeam Have a look at it and I look forward to constructive feedback 🌞