Present a reCaptcha on the signup form to foreign visitors (judging from their IP address). Fixes #157 (at least as a starter).

4 files changed, 29 insertions, 4 deletions

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index cb64cb922..cae3cb213 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -447,6 +447,17 @@ class ApplicationController < ActionController::Base
         return query
     end
 
+    def country_from_ip
+        gaze = MySociety::Config.get('GAZE_URL', '')
+        default = MySociety::Config.get('ISO_COUNTRY_CODE', '')
+        country = ""
+        if !gaze.empty?
+            country = open("#{gaze}/gaze-rest?f=get_country_from_ip;ip=#{request.remote_ip}").read.strip
+        end
+        country = default if country.empty?
+        return country
+    end
+
     # URL generating functions are needed by all controllers (for redirects),
     # views (for links) and mailers (for use in emails), so include them into
     # all of all.
diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb
index d3c42c7f1..cd46b6ea4 100644
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@@ -118,10 +118,15 @@ class UserController < ApplicationController
     # Create new account form
     def signup
         work_out_post_redirect
-
+        @request_from_foreign_country = country_from_ip != MySociety::Config.get('ISO_COUNTRY_CODE', 'GB')
         # Make the user and try to save it
         @user_signup = User.new(params[:user_signup])
-        if !@user_signup.valid?
+        error = false
+        if @request_from_foreign_country && !verify_recaptcha
+            flash.now[:error] = _("There was an error with the words you entered, please try again.")
+            error = true
+        end
+        if error || !@user_signup.valid?
             # Show the form
             render :action => 'sign'
         else
diff --git a/app/views/user/_signup.rhtml b/app/views/user/_signup.rhtml
index 6b0a1f8c7..1f586b5e9 100644
--- a/app/views/user/_signup.rhtml
+++ b/app/views/user/_signup.rhtml
@@ -2,6 +2,9 @@
 
 <% form_tag({:action => "signup"}, {:id => "signup_form"}) do %>
     <%= foi_error_messages_for :user_signup %>
+    <% if @request_from_foreign_country %>
+    <%= recaptcha_tags %>
+    <% end %>
 
     <h2><%= _('If you\'re new to {{site_name}}', :site_name=>site_name)%></h2>
 
@@ -10,8 +13,8 @@
         <%= text_field 'user_signup', 'email', { :size => 20 } %>
     </p>
     <div class="form_item_note">
-        <%= ('We will not reveal your email address to anybody unless you or
-        the law tell us to (<a href="%s">_details</a>). ') %[help_privacy_path] %>
+        <%= _('We will not reveal your email address to anybody unless you or
+        the law tell us to (<a href="%s">details</a>). ') %[help_privacy_path] %>
     </div>
 
     <p>
diff --git a/config/general.yml-example b/config/general.yml-example
index 5eee675ff..ec66767df 100644
--- a/config/general.yml-example
+++ b/config/general.yml-example
@@ -12,6 +12,10 @@ SITE_NAME: 'Alaveteli'
 # Domain used in URLs generated by scripts (e.g. for going in some emails)
 DOMAIN: '127.0.0.1:3000'
 
+# ISO country code of country currrently deployed in
+# (http://en.wikipedia.org/wiki/ISO_3166-1_alpha-2)
+ISO_COUNTRY_CODE: GB
+
 # These feeds are displayed accordingly on the Alaveteli "blog" page:
 BLOG_FEED: 'http://www.mysociety.org/category/projects/whatdotheyknow/feed/'
 TWITTER_USERNAME: 'whatdotheyknow'
@@ -109,3 +113,5 @@ DEBUG_RECORD_MEMORY: false
 # be another reason to try this setting.
 USE_GHOSTSCRIPT_COMPRESSION: true
 
+# mySociety's gazeteer service.  Shouldn't change.
+GAZE_URL: http://gaze.mysociety.org