search

artshumrc / giza

JSON API (for TMS Database) and Django 2 application for Digital Giza
http://giza.fas.harvard.edu/
7 stars 5 forks source link

Prevent spam users from registering #155

Open ColeDCrawford opened 3 years ago

ColeDCrawford commented 3 years ago

We have several hundred spam users on dev since open signups were allowed.

ColeDCrawford commented 3 years ago

Screen Shot 2021-03-25 at 10 57 45 AM

rsinghal commented 3 years ago

@lukehollis This is high priority - it should be addressed ASAP or we will need to disable signups.

ColeDCrawford commented 3 years ago

We are up to ~700 spam users.

rsinghal commented 3 years ago

@npicardo @lukehollis We are going to have to disable signups until this gets resolved. I also see that it allows for the same email address to be registered for different usernames, which should also be fixed.

lukehollis commented 3 years ago

To address this, I'll try integrating the https://pypi.org/project/django-recaptcha/ package unless anyone has another preference.

lukehollis commented 3 years ago

Addressed in https://github.com/artshumrc/giza/pull/160 -- to configure, now the secure.py.example has support for recaptcha fields:

Screen Shot 2021-04-15 at 8 29 45 AM
lukehollis commented 3 years ago

Additionally, you may need to add your dev domains on your local environment to your keys.

rsinghal commented 3 years ago

Not working in the PR