[ADD] website_recaptcha_v2_form: Adding recaptcha version 2 for the f…

…orm snippets and also in the login, password reset and register forms.

setup/website_recaptcha_v2_form/odoo/addons/website_recaptcha_v2_form

@@ -0,0 +1 @@
+../../../../website_recaptcha_v2_form

setup/website_recaptcha_v2_form/setup.py

@@ -0,0 +1,6 @@
+import setuptools
+
+setuptools.setup(
+    setup_requires=['setuptools-odoo'],
+    odoo_addon=True,
+)

website_recaptcha_v2_form/README.rst

@@ -0,0 +1,83 @@
+====================
+Website reCAPTCHA v2
+====================
+
+..
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! This file is generated by oca-gen-addon-readme !!
+   !! changes will be overwritten.                   !!
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! source digest: sha256:55856dbbdf9c9efc1b9b1ebbb33638a0018eda0d91bd6c8c9e30805aa8f2e5b0
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
+    :target: https://odoo-community.org/page/development-status
+    :alt: Beta
+.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png
+    :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
+    :alt: License: AGPL-3
+.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fwebsite-lightgray.png?logo=github
+    :target: https://github.com/OCA/website/tree/16.0/website_recaptcha_v2
+    :alt: OCA/website
+.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
+    :target: https://translation.odoo-community.org/projects/website-16-0/website-16-0-website_recaptcha_v2
+    :alt: Translate me on Weblate
+.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
+    :target: https://runboat.odoo-community.org/builds?repo=OCA/website&target_branch=16.0
+    :alt: Try me on Runboat
+
+|badge1| |badge2| |badge3| |badge4| |badge5|
+
+This module allows you to use reCAPTCHA v2 in the login form.
+
+**Table of contents**
+
+.. contents::
+   :local:
+
+Configuration
+=============
+
+reCAPTCHA is configured in Settings > Website. It can be enabled or disabled
+using the checkbox, and the site and secret keys can be defined there when it
+is enabled.
+
+Bug Tracker
+===========
+
+Bugs are tracked on `GitHub Issues <https://github.com/OCA/website/issues>`_.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us to smash it by providing a detailed and welcomed
+`feedback <https://github.com/OCA/website/issues/new?body=module:%20website_recaptcha_v2%0Aversion:%2016.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+
+Do not contact contributors directly about support or help with technical issues.
+
+Credits
+=======
+
+Authors
+~~~~~~~
+
+* Binhex
+
+Contributors
+~~~~~~~~~~~~
+
+  * `Binhex <https://www.binhex.cloud/>`_:
+
+Maintainers
+~~~~~~~~~~~
+
+This module is maintained by the OCA.
+
+.. image:: https://odoo-community.org/logo.png
+   :alt: Odoo Community Association
+   :target: https://odoo-community.org
+
+OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.
+
+This module is part of the `OCA/website <https://github.com/OCA/website/tree/16.0/website_recaptcha_v2_login>`_ project on GitHub.
+
+You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.

website_recaptcha_v2_form/__init__.py

@@ -0,0 +1,2 @@
+from . import models
+from . import controllers

website_recaptcha_v2_form/__manifest__.py

@@ -0,0 +1,29 @@
+{
+    "name": "Website reCAPTCHA v2 form",
+    "version": "16.0.1.0.0",
+    "category": "Website",
+    "depends": ["web", "auth_signup", "website", "website_recaptcha_v2"],
+    "author": """
+        Binhex,
+        Odoo Community Association (OCA)
+    """,
+    "license": "AGPL-3",
+    "website": "https://github.com/OCA/website",
+    "summary": "Module to add reCAPTCHA v2 to the login form on the website",
+    "data": [
+        "views/webclient_templates.xml",
+        "views/auth_signup_login_templates.xml",
+        "views/s_website_form.xml",
+    ],
+    "assets": {
+        "website.assets_wysiwyg": [
+            "website_recaptcha_v2_form/static/src/xml/website_form_editor.xml",
+            "website_recaptcha_v2_form/static/src/snippets/s_website_form/options.js",
+            "website_recaptcha_v2_form/static/src/snippets/s_website_form/000.js",
+        ],
+        "web.assets_frontend": [
+            "website_recaptcha_v2_form/static/src/css/recaptcha.css",
+        ],
+    },
+    "installable": True,
+}

website_recaptcha_v2_form/controllers/__init__.py

@@ -0,0 +1,2 @@
+from . import main
+from . import form

website_recaptcha_v2_form/controllers/form.py

@@ -0,0 +1,20 @@
+# -*- coding: utf-8 -*-
+# Part of Odoo. See LICENSE file for full copyright and licensing details.
+
+import json
+from odoo import http
+from odoo.addons.website.controllers.form import WebsiteForm
+from odoo.addons.website_recaptcha_v2_form.controllers.main import BinhexHome
+
+
+class WebsiteRecaptchaForm(WebsiteForm):
+    @http.route('/website/form/<string:model_name>', type='http', auth="public", methods=['POST'], website=True,
+                csrf=False)
+    def website_form(self, model_name, **kwargs):
+        if kwargs.get('recaptcha_enabled', False):
+            valid = BinhexHome.verify_recaptcha_v2(self, values=kwargs)
+            if not isinstance(valid, bool):
+                return json.dumps({
+                    'error': valid,
+                })
+        return super().website_form(model_name, **kwargs)

website_recaptcha_v2_form/controllers/main.py

@@ -0,0 +1,85 @@
+import logging
+
+from odoo import _, http
+from odoo.exceptions import AccessDenied
+from odoo.http import request
+
+from odoo.addons.auth_signup.controllers.main import AuthSignupHome
+from odoo.addons.web.controllers.home import SIGN_UP_REQUEST_PARAMS, Home
+
+logger = logging.getLogger(__name__)
+
+SIGN_UP_REQUEST_PARAMS.add("g-recaptcha-response")
+
+
+class BinhexHome(Home):
+    def verify_recaptcha_v2(self, args=None, kw=None, template="", values=None):
+        Website = request.env["website"].sudo()
+        try:
+            request.env["ir.http"]._auth_method_public()
+            valid = Website.get_current_website().valid_recaptcha(values)
+            if valid:
+                if template == "web.login":
+                    return super().web_login(values.get("redirect", ""), **kw)
+                else:
+                    return True
+        except AccessDenied as e:
+            message_error = str(
+                e.args[0] if len(e.args) > 0 else _("Recaptcha is not valid.")
+            )
+            if template in ('web.login', 'auth_signup.reset_password', 'auth_signup.signup'):
+                values.update(
+                    {
+                        "error": message_error
+                    }
+                )
+                response = request.render(template, values)
+                response.headers["X-Frame-Options"] = "SAMEORIGIN"
+                response.headers["Content-Security-Policy"] = "frame-ancestors 'self'"
+                return response
+            else:
+                return message_error
+
+    @http.route("/web/login", type="http", auth="none")
+    def web_login(self, redirect=None, **kw):
+        if request.httprequest.method == "POST":
+            values = {
+                k: v for k, v in request.params.items() if k in SIGN_UP_REQUEST_PARAMS
+            }
+            # Checking that if the request comes from the creation of the account,
+            # that the recaptcha is not checked again to avoid errors.
+
+            if (
+                    values.get("confirm_password", "") == ""
+                    and request.httprequest.url.find("web/signup") == -1
+            ):
+                return self.verify_recaptcha_v2(
+                    kw=kw, template="web.login", values=values
+                )
+        return super().web_login(redirect, **kw)
+
+
+class BinhexAuthSignupHome(AuthSignupHome):
+    @http.route(
+        "/web/reset_password", type="http", auth="public", website=True, sitemap=False
+    )
+    def web_auth_reset_password(self, *args, **kw):
+        qcontext = self.get_auth_signup_qcontext()
+        if request.httprequest.method == "POST":
+            valid = self.verify_recaptcha_v2(
+                kw=kw, template="auth_signup.reset_password", values=qcontext, args=args
+            )
+            if not isinstance(valid, bool):
+                return valid
+        return super().web_auth_reset_password(*args, **kw)
+
+    @http.route("/web/signup", type="http", auth="public", website=True, sitemap=False)
+    def web_auth_signup(self, *args, **kw):
+        qcontext = self.get_auth_signup_qcontext()
+        if request.httprequest.method == "POST":
+            valid = self.verify_recaptcha_v2(
+                kw=kw, template="auth_signup.signup", values=qcontext, args=args
+            )
+            if not isinstance(valid, bool):
+                return valid
+        return super().web_auth_signup(*args, **kw)

website_recaptcha_v2_form/i18n/es.po

@@ -0,0 +1,28 @@
+# Translation of Odoo Server.
+# This file contains the translation of the following modules:
+# 	* binhex_website_recaptcha_v2
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Odoo Server 16.0\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2024-12-02 16:23+0000\n"
+"PO-Revision-Date: 2024-12-02 16:23+0000\n"
+"Last-Translator: \n"
+"Language-Team: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: \n"
+"Plural-Forms: \n"
+
+#. module: binhex_website_recaptcha_v2
+#. odoo-python
+#: code:addons/binhex_website_recaptcha_v2/controllers/main.py:0
+#, python-format
+msgid "Recaptcha is not valid."
+msgstr "Recaptcha no es válido."
+
+#. module: binhex_website_recaptcha_v2
+#: model:ir.model,name:binhex_website_recaptcha_v2.model_website
+msgid "Website"
+msgstr "Sitio web"

website_recaptcha_v2_form/models/__init__.py

@@ -0,0 +1 @@
+from . import website

website_recaptcha_v2_form/models/website.py

@@ -0,0 +1,25 @@
+from odoo import api, models
+from odoo.exceptions import AccessDenied
+
+
+class Website(models.Model):
+    _inherit = "website"
+
+    # --------------------------------------------------
+    # METHODS
+    # --------------------------------------------------
+    """
+        Validating that the recaptcha sent is correct
+        @params:
+            kw: Data sent from the form
+    """
+
+    def valid_recaptcha(self, values):
+        valid, message = self.is_recaptcha_v2_valid(values)
+        if not valid:
+            raise AccessDenied(message)
+        return True
+
+    @api.model
+    def get_recaptcha_v2_site_key(self):
+        return self.sudo().get_current_website().recaptcha_v2_site_key

website_recaptcha_v2_form/static/src/scss/recaptcha.scss

@@ -0,0 +1,5 @@
+div.s_website_form_recaptcha_v2 {
+    > div.g-recaptcha {
+        margin-left: 18% !important;
+    }
+}