cmd: integrate invisible recaptcha into puppeth

2 files changed, 50 insertions, 16 deletions

diff --git a/cmd/puppeth/module_faucet.go b/cmd/puppeth/module_faucet.go
index 44016c53e..fc957721d 100644
--- a/cmd/puppeth/module_faucet.go
+++ b/cmd/puppeth/module_faucet.go
@@ -54,6 +54,7 @@ CMD [ \
 	"/faucet", "--genesis", "/genesis.json", "--network", "{{.NetworkID}}", "--bootnodes", "{{.Bootnodes}}", "--ethstats", "{{.Ethstats}}",            \
 	"--ethport", "{{.EthPort}}", "--faucet.name", "{{.FaucetName}}", "--faucet.amount", "{{.FaucetAmount}}", "--faucet.minutes", "{{.FaucetMinutes}}", \
 	"--github.user", "{{.GitHubUser}}", "--github.token", "{{.GitHubToken}}", "--account.json", "/account.json", "--account.pass", "/account.pass"     \
+	{{if .CaptchaToken}}, "--captcha.token", "{{.CaptchaToken}}", "--captcha.secret", "{{.CaptchaSecret}}"{{end}}                                      \
 ]`
 
 // faucetComposefile is the docker-compose.yml file required to deploy and maintain
@@ -75,7 +76,9 @@ services:
       - FAUCET_AMOUNT={{.FaucetAmount}}
       - FAUCET_MINUTES={{.FaucetMinutes}}
       - GITHUB_USER={{.GitHubUser}}
-      - GITHUB_TOKEN={{.GitHubToken}}{{if .VHost}}
+      - GITHUB_TOKEN={{.GitHubToken}}
+      - CAPTCHA_TOKEN={{.CaptchaToken}}
+      - CAPTCHA_SECRET={{.CaptchaSecret}}{{if .VHost}}
       - VIRTUAL_HOST={{.VHost}}
       - VIRTUAL_PORT=8080{{end}}
     restart: always
@@ -97,6 +100,8 @@ func deployFaucet(client *sshClient, network string, bootnodes []string, config
 		"EthPort":       config.node.portFull,
 		"GitHubUser":    config.githubUser,
 		"GitHubToken":   config.githubToken,
+		"CaptchaToken":  config.captchaToken,
+		"CaptchaSecret": config.captchaSecret,
 		"FaucetName":    strings.Title(network),
 		"FaucetAmount":  config.amount,
 		"FaucetMinutes": config.minutes,
@@ -113,6 +118,8 @@ func deployFaucet(client *sshClient, network string, bootnodes []string, config
 		"EthName":       config.node.ethstats[:strings.Index(config.node.ethstats, ":")],
 		"GitHubUser":    config.githubUser,
 		"GitHubToken":   config.githubToken,
+		"CaptchaToken":  config.captchaToken,
+		"CaptchaSecret": config.captchaSecret,
 		"FaucetAmount":  config.amount,
 		"FaucetMinutes": config.minutes,
 	})
@@ -135,18 +142,20 @@ func deployFaucet(client *sshClient, network string, bootnodes []string, config
 // faucetInfos is returned from an faucet status check to allow reporting various
 // configuration parameters.
 type faucetInfos struct {
-	node        *nodeInfos
-	host        string
-	port        int
-	amount      int
-	minutes     int
-	githubUser  string
-	githubToken string
+	node          *nodeInfos
+	host          string
+	port          int
+	amount        int
+	minutes       int
+	githubUser    string
+	githubToken   string
+	captchaToken  string
+	captchaSecret string
 }
 
 // String implements the stringer interface.
 func (info *faucetInfos) String() string {
-	return fmt.Sprintf("host=%s, api=%d, eth=%d, amount=%d, minutes=%d, github=%s, ethstats=%s", info.host, info.port, info.node.portFull, info.amount, info.minutes, info.githubUser, info.node.ethstats)
+	return fmt.Sprintf("host=%s, api=%d, eth=%d, amount=%d, minutes=%d, github=%s, captcha=%v, ethstats=%s", info.host, info.port, info.node.portFull, info.amount, info.minutes, info.githubUser, info.captchaToken != "", info.node.ethstats)
 }
 
 // checkFaucet does a health-check against an faucet server to verify whether
@@ -200,11 +209,13 @@ func checkFaucet(client *sshClient, network string) (*faucetInfos, error) {
 			keyJSON:  keyJSON,
 			keyPass:  keyPass,
 		},
-		host:        host,
-		port:        port,
-		amount:      amount,
-		minutes:     minutes,
-		githubUser:  infos.envvars["GITHUB_USER"],
-		githubToken: infos.envvars["GITHUB_TOKEN"],
+		host:          host,
+		port:          port,
+		amount:        amount,
+		minutes:       minutes,
+		githubUser:    infos.envvars["GITHUB_USER"],
+		githubToken:   infos.envvars["GITHUB_TOKEN"],
+		captchaToken:  infos.envvars["CAPTCHA_TOKEN"],
+		captchaSecret: infos.envvars["CAPTCHA_SECRET"],
 	}, nil
 }
diff --git a/cmd/puppeth/wizard_faucet.go b/cmd/puppeth/wizard_faucet.go
index 71d1c910b..f3fd7c2a1 100644
--- a/cmd/puppeth/wizard_faucet.go
+++ b/cmd/puppeth/wizard_faucet.go
@@ -71,7 +71,7 @@ func (w *wizard) deployFaucet() {
 	// Accessing GitHub gists requires API authorization, retrieve it
 	if infos.githubUser != "" {
 		fmt.Println()
-		fmt.Printf("Reused previous (%s) GitHub API authorization (y/n)? (default = yes)\n", infos.githubUser)
+		fmt.Printf("Reuse previous (%s) GitHub API authorization (y/n)? (default = yes)\n", infos.githubUser)
 		if w.readDefaultString("y") != "y" {
 			infos.githubUser, infos.githubToken = "", ""
 		}
@@ -109,6 +109,29 @@ func (w *wizard) deployFaucet() {
 			return
 		}
 	}
+	// Accessing the reCaptcha service requires API authorizations, request it
+	if infos.captchaToken != "" {
+		fmt.Println()
+		fmt.Println("Reuse previous reCaptcha API authorization (y/n)? (default = yes)")
+		if w.readDefaultString("y") != "y" {
+			infos.captchaToken, infos.captchaSecret = "", ""
+		}
+	}
+	if infos.captchaToken == "" {
+		// No previous authorization (or old one discarded)
+		fmt.Println()
+		fmt.Println("Enable reCaptcha protection against robots (y/n)? (default = no)")
+		if w.readDefaultString("n") == "y" {
+			// Captcha protection explicitly requested, read the site and secret keys
+			fmt.Println()
+			fmt.Printf("What is the reCaptcha site key to authenticate human users?\n")
+			infos.captchaToken = w.readString()
+
+			fmt.Println()
+			fmt.Printf("What is the reCaptcha secret key to verify authentications? (won't be echoed)\n")
+			infos.captchaSecret = w.readPassword()
+		}
+	}
 	// Figure out where the user wants to store the persistent data
 	fmt.Println()
 	if infos.node.datadir == "" {