Here I've created a new component called GoogleRecaptcha. By adding this component you'll get a recaptcha token from Google's API.
Why should we take this seriously and address it? Although it's a non-functional requirement, it's invaluable because it prevents users from suffering from brute-force attacks.
ATM it is not completely functional since the backend part is missing but in general it won't be something that's gonna interrupt user's normal interactions with the system.
Ensure that the changeset adheres to the DCO guidelines.
It does.
What I did not manage to get a hold of, the backend part of this app (specifically talking, I guess it should be hardcoreeng/account). I need to just add the functionality over there and reCAPTCHA will be finished. These steps needed to be taken:
Send a req to Google's API to assess the performed action and receive a score.
Interpret the score and based on the interpretation decide to whether you should allow the actions to proceed or should it be rejected.
Pull Request Requirements:
Provide a brief description of the changeset:
Here I've created a new component called
GoogleRecaptcha. By adding this component you'll get a recaptcha token from Google's API.Why should we take this seriously and address it? Although it's a non-functional requirement, it's invaluable because it prevents users from suffering from brute-force attacks.
Closes: https://github.com/hcengineering/platform/issues/6570.
Include a screenshots if applicable:
ATM it is not completely functional since the backend part is missing but in general it won't be something that's gonna interrupt user's normal interactions with the system.
Ensure that the changeset adheres to the DCO guidelines.
It does.
What I did not manage to get a hold of, the backend part of this app (specifically talking, I guess it should be
hardcoreeng/account). I need to just add the functionality over there and reCAPTCHA will be finished. These steps needed to be taken:Love to hear about your thoughts.