erthium
commented
7 months ago Google ReCAPTCHA requires a public and a secure domain, since we cannot test it locally, I am postponing the development of it to continue with Control Panel for now.
Open erthium opened 8 months ago
erthium
commented
7 months ago Google ReCAPTCHA requires a public and a secure domain, since we cannot test it locally, I am postponing the development of it to continue with Control Panel for now.
We need take precautions not to let anyone submit more than once to any raffle.
The things we discussed and might implement on the client side:
Cookies: We can store cookies for every submitted raffle id, so if the user can try to enter the page again, they will be redirected to a page that says
Your submission has been sent.Cookies can be easily deleted so this is only to prevent a regular user, any automation process can bypass this one.Google reCAPTCHA: We can use captcha to prevent automatic submissions.
Personal Information Entry: We can have unique fields for the submission form so the users cannot enter the same email address or phone number twice. Then we can inform the users/organisers to get personal info like this and check data integrity of the winner. We can only provide unique questions fields for this one.
IP detection is also possible but it can be discussed on the backend
api-winnerduckrepository.