Vauxoo · ghost · Mar 11, 2016 · Mar 14, 2016 · Mar 14, 2016 · Mar 15, 2016
diff --git a/login_recaptcha/README.rst b/login_recaptcha/README.rst
@@ -0,0 +1,28 @@
+.. image:: https://img.shields.io/badge/licence-AGPL--3-blue.svg
+   :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
+   :alt: License: AGPL-3
+
+===============
+Login ReCaptcha
+===============
+
+This module was written to allow a captcha confirmation when users log in into the system.
+If the user fails 3 times to log in a Google reCAPTCHA is shown.
+If the user fails 8 times the system send reset password email.
+
+Credits
+=======
+
+Contributors
+------------
+
+* Lesmed Gutiérrez<[email protected]>
+
+Maintainer
+----------
+
+.. image:: https://avatars0.githubusercontent.com/u/7594691?v=3&s=200
+   :alt: ClearCorp
+   :target: http://clearcorp.cr
+
+This module is maintained by ClearCorp.
diff --git a/login_recaptcha/__init__.py b/login_recaptcha/__init__.py
@@ -0,0 +1,5 @@
+# -*- coding: utf-8 -*-
+# © 2016 ClearCorp
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
+
+from . import models, controllers
diff --git a/login_recaptcha/__openerp__.py b/login_recaptcha/__openerp__.py
@@ -0,0 +1,30 @@
+# -*- coding: utf-8 -*-
+# © 2016 ClearCorp
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
+
+{
+    'name': 'Login reCAPTCHA',
+    'summary': 'Login captcha using Google reCAPTCHA',
+    'version': '8.0.1.0',
+    'category': 'Hidden',
+    'website': 'http://clearcorp.cr',
+    'author': 'ClearCorp',
+    'license': 'AGPL-3',
+    'sequence': 10,
+    'application': False,
+    'installable': True,
+    'auto_install': False,
+    'external_dependencies': {
+        'python': [],
+        'bin': [],
+    },
+    'depends': [
+        'website'
+    ],
+    'data': [
+        'static/src/xml/login.xml',
+        'views/website_config.xml'
+    ],
+    'qweb': [
+    ],
+}
diff --git a/login_recaptcha/controllers/__init__.py b/login_recaptcha/controllers/__init__.py
@@ -0,0 +1,5 @@
+# -*- coding: utf-8 -*-
+# © 2016 ClearCorp
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
+
+from . import web
diff --git a/login_recaptcha/controllers/web.py b/login_recaptcha/controllers/web.py
@@ -0,0 +1,76 @@
+# -*- coding: utf-8 -*-
+# © 2016 ClearCorp
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
+from openerp import http, _
+from openerp.addons.web.controllers import main
+from openerp.http import request
+from werkzeug.contrib.securecookie import SecureCookie
+import json
+
+SECRET_KEY = '\x9a\x832I\x80\\\x83\x88\x1c\xc0\xd4u)\x8f\xed\xbb\xdbK\x8e\xb6'
+
+
+class JSONSecureCookie(SecureCookie):
+    serialization_method = json
+
+
+class Home(main.Home):
+
+    def _load_cookie(self, name):
+        _data = request.httprequest.cookies.get('session_data')
+        return JSONSecureCookie.load_cookie(request.httprequest, key=name,
+                                            secret_key=SECRET_KEY)
+
+    def _action_reset_password(self, login):
+        user = request.website.env['res.users'].sudo().search(
+            [('login', '=', login)])
+        if user:
+            user.action_reset_password()
+            return True
+        return False
+
+    @http.route('/web/login', type='http', auth="none")
+    def web_login(self, redirect=None, **kw):
+        cookie = self._load_cookie('session_data')
+        login_attemps = 0
+        if 'login_attemps' in cookie:
+            login_attemps = int(cookie['login_attemps'])
+        if 'g-recaptcha-response' in kw and\
+                not request.website.is_captcha_valid(
+                    kw['g-recaptcha-response']):
+            response = super(Home, self).web_login(redirect, **kw)
+            if login_attemps >= 8:
+                response.qcontext.update({
+                    'error': _(
+                        """The amount of login attemps have exceeded the
+                        restriction.
+                        A password reset link has been sent to the user's
+                        email.
+                        """)
+                    }
+                )
+            else:
+                response.qcontext.update({
+                    'error': _("Wrong Captcha")
+                    }
+                )
+            return request.render('web.login', response.qcontext)
+        else:
+            response = super(Home, self).web_login(redirect, **kw)
+            secure_cookie = self._load_cookie('session_data')
+            if 'error' in response.qcontext:
+                if 'login_attemps' in secure_cookie:
+                    login_attemps = int(secure_cookie['login_attemps'])
+                    secure_cookie['login_attemps'] = str(login_attemps + 1)
+                else:
+                    secure_cookie['login_attemps'] = str(1)
+            elif 'login_attemps' in secure_cookie:
+                pass
+            else:
+                secure_cookie['login_attemps'] = str(0)
+            response.qcontext.update(
+                {'login_attemps': int(secure_cookie['login_attemps'])})
+            if hasattr(response, 'set_cookie'):
+                secure_cookie.save_cookie(response, 'session_data',
+                                          httponly=True, max_age=60*3)
+            return response
diff --git a/login_recaptcha/i18n/es.po b/login_recaptcha/i18n/es.po
@@ -0,0 +1,70 @@
+# Translation of Odoo Server.
+# This file contains the translation of the following modules:
+#	* login_recaptcha
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Odoo Server 8.0\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2016-04-04 21:24+0000\n"
+"PO-Revision-Date: 2016-04-04 21:24+0000\n"
+"Last-Translator: <>\n"
+"Language-Team: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: \n"
+"Plural-Forms: \n"
+
+#. module: login_recaptcha
+#: field:website,login_recaptcha_private_key:0
+msgid "Login Google reCAPTCHA Private Key"
+msgstr "Google reCAPTCHA clave privada"
+
+#. module: login_recaptcha
+#: field:website,login_recaptcha_site_key:0
+msgid "Login Google reCAPTCHA site Key"
+msgstr "Google reCAPTCHA clave pública"
+
+#. module: login_recaptcha
+#: view:website.config.settings:login_recaptcha.view_website_config_settings
+msgid "Login reCAPTCHA"
+msgstr "Login reCAPTCHA"
+
+#. module: login_recaptcha
+#: view:website.config.settings:login_recaptcha.view_website_config_settings
+msgid "Social Media"
+msgstr "Medios sociales"
+
+#. module: login_recaptcha
+#: code:addons/login_recaptcha/controllers/web.py:48
+#, python-format
+msgid "The amount of login attemps have exceeded the\n"
+"                        restriction.\n"
+"                        A password reset link has been sent to the user's\n"
+"                        email.\n"
+"                        "
+msgstr "Los intentos de inicio de sesión han superado el límite restringido."
+"		Un enlace para reestablecer la contraseña ha sido enviado al email del usuario"
+
+
+#. module: login_recaptcha
+#: model:ir.model,name:login_recaptcha.model_website
+msgid "Website"
+msgstr "Sitio web"
+
+#. module: login_recaptcha
+#: code:addons/login_recaptcha/controllers/web.py:58
+#, python-format
+msgid "Wrong Captcha"
+msgstr "Captcha inválido"
+
+#. module: login_recaptcha
+#: view:website.config.settings:login_recaptcha.view_website_config_settings
+msgid "Your reCAPTCHA private key"
+msgstr "Su Google reCAPTCHA clave privada"
+
+#. module: login_recaptcha
+#: view:website.config.settings:login_recaptcha.view_website_config_settings
+msgid "Your reCAPTCHA site key"
+msgstr "Su Google reCAPTCHA clave pública"
+
diff --git a/login_recaptcha/i18n/login_recaptcha.pot b/login_recaptcha/i18n/login_recaptcha.pot
@@ -0,0 +1,69 @@
+# Translation of Odoo Server.
+# This file contains the translation of the following modules:
+#	* login_recaptcha
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Odoo Server 8.0\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2016-04-04 21:24+0000\n"
+"PO-Revision-Date: 2016-04-04 21:24+0000\n"
+"Last-Translator: <>\n"
+"Language-Team: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: \n"
+"Plural-Forms: \n"
+
+#. module: login_recaptcha
+#: field:website,login_recaptcha_private_key:0
+msgid "Login Google reCAPTCHA Private Key"
+msgstr ""
+
+#. module: login_recaptcha
+#: field:website,login_recaptcha_site_key:0
+msgid "Login Google reCAPTCHA site Key"
+msgstr ""
+
+#. module: login_recaptcha
+#: view:website.config.settings:login_recaptcha.view_website_config_settings
+msgid "Login reCAPTCHA"
+msgstr ""
+
+#. module: login_recaptcha
+#: view:website.config.settings:login_recaptcha.view_website_config_settings
+msgid "Social Media"
+msgstr ""
+
+#. module: login_recaptcha
+#: code:addons/login_recaptcha/controllers/web.py:48
+#, python-format
+msgid "The amount of login attemps have exceeded the\n"
+"                        restriction.\n"
+"                        A password reset link has been sent to the user's\n"
+"                        email.\n"
+"                        "
+msgstr ""
+
+
+#. module: login_recaptcha
+#: model:ir.model,name:login_recaptcha.model_website
+msgid "Website"
+msgstr ""
+
+#. module: login_recaptcha
+#: code:addons/login_recaptcha/controllers/web.py:58
+#, python-format
+msgid "Wrong Captcha"
+msgstr ""
+
+#. module: login_recaptcha
+#: view:website.config.settings:login_recaptcha.view_website_config_settings
+msgid "Your reCAPTCHA private key"
+msgstr ""
+
+#. module: login_recaptcha
+#: view:website.config.settings:login_recaptcha.view_website_config_settings
+msgid "Your reCAPTCHA site key"
+msgstr ""
+
diff --git a/login_recaptcha/models/__init__.py b/login_recaptcha/models/__init__.py
@@ -0,0 +1,5 @@
+# -*- coding: utf-8 -*-
+# © 2016 ClearCorp
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
+
+from . import res_config, website
diff --git a/login_recaptcha/models/res_config.py b/login_recaptcha/models/res_config.py
@@ -0,0 +1,16 @@
+# -*- coding: utf-8 -*-
+# © 2016 ClearCorp
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
+from openerp import fields, models
+
+
+class website_config_settings(models.TransientModel):
+
+    _inherit = 'website.config.settings'
+
+    login_recaptcha_site_key = fields.Char(
+        related='website_id.login_recaptcha_site_key',
+        string='Login Google reCAPTCHA site Key')
+    login_recaptcha_private_key = fields.Char(
+        related='website_id.login_recaptcha_private_key',
+        string='Login Google reCAPTCHA Private Key')
diff --git a/login_recaptcha/models/website.py b/login_recaptcha/models/website.py
@@ -0,0 +1,33 @@
+# -*- coding: utf-8 -*-
+# © 2016 ClearCorp
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
+from openerp import fields, models
+import json
+import requests
+
+
+class Website(models.Model):
+
+    _inherit = 'website'
+
+    login_recaptcha_site_key = fields.Char(
+        string='Login Google reCAPTCHA site Key',
+        default='6Lf8ghoTAAAAANdd_v5uNvdKa0qWYlOJTdr0TOIy')
+    login_recaptcha_private_key = fields.Char(
+        string='Login Google reCAPTCHA Private Key',
+        default='6Lf8ghoTAAAAAEyfOnnXXg0VAIpeCbvESlS3mH3b')
+
+    def is_captcha_valid(self, response):
+        for website in self.browse(self._ids):
+            get_res = {'secret': website.login_recaptcha_private_key,
+                       'response': response}
+            try:
+                response = requests.get(
+                    'https://www.google.com/recaptcha/api/siteverify',
+                    params=get_res)
+            except Exception, e:
+                raise models.except_orm(('Invalid Data!'), ("%s.") % (e))
+            res_con = json.loads(response.content)
+            if 'success' in res_con and res_con['success']:
+                return True
+        return False
diff --git a/login_recaptcha/static/description/icon.png b/login_recaptcha/static/description/icon.png
diff --git a/login_recaptcha/static/src/xml/login.xml b/login_recaptcha/static/src/xml/login.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="utf-8"?>
+<openerp>
+    <data>
+        <template id="login_recaptcha" name="LoginReC" inherit_id="website.layout">
+            <xpath expr="//body" position="inside">
+              <script src="https://www.google.com/recaptcha/api.js"></script>
+            </xpath>
+        </template>
+        <template id="web_login_extended" inherit_id="web.login">
+                <xpath expr="//button/.." position="before">
+                    <div t-if="login_attemps &gt;= 3" class="g-recaptcha" t-att-data-sitekey="website.login_recaptcha_site_key" >
+                    </div>
+                    <br/>
+            </xpath>
+        </template>
+    </data>
+</openerp>
diff --git a/login_recaptcha/views/website_config.xml b/login_recaptcha/views/website_config.xml
@@ -0,0 +1,28 @@
+<openerp>
+    <data>
+
+        <record id="view_website_config_settings" model="ir.ui.view">
+            <field name="name">Website settings</field>
+            <field name="model">website.config.settings</field>
+            <field name="inherit_id" ref="website.view_website_config_settings" />
+            <field name="arch" type="xml">
+                <group string="Social Media" position="after">
+                    <group string="Login reCAPTCHA">
+                        <label for="login_recaptcha_site_key"/>
+                        <div name="login_recaptcha_site_key">
+                            <div class="oe_inline">
+                                <field name="login_recaptcha_site_key" placeholder="Your reCAPTCHA site key"/>
+                            </div>
+                        </div>
+                        <label for="login_recaptcha_private_key"/>
+                        <div name="loginrecaptcha_private_key">
+                            <div class="oe_inline">
+                                <field name="login_recaptcha_private_key" placeholder="Your reCAPTCHA private key"/>
+                            </div>
+                        </div>
+                    </group>
+                </group>
+            </field>
+        </record>
+    </data>
+</openerp>