New feature: Spam-Filtering on Post requests only

[zaphod030]

Hi Marc,

thank you for this precious gem. I want to suggest a feature to run the spam detection only on POST-requests.

Imagine the following code within the Login-Controller:

def login
  if request.post? 
    # do all the login-stuff
  else
    # show the login screen (with invisible captcha)
  end
end

With this setup you'll get an infinite loop when accessing the Login-Screen.

I could imagine two possible solutions:

• Add a new option "skip_on_get" to the invisible_captcha-command in the controller
• Make the detect_spam method publically available, so that it can be used in the request.post?-branch above

What do you think?

KR, Stefan

[markets]

Hi @zaphod030, adding more flags (like skip_on_get) makes the gem less maintainable... so I'd probably go making the detect_spam public... But to be honest, I think The Best ™️ option is to use RESTful controllers, so you can clearly separate actions, something like:

class SessionsController < ApplicationController
  invisible_captcha only: :create

  # GET
  def new
    ...
  end

  # POST
  def create
    ...
  end
end