Mercurial > prosody-modules

view mod_captcha_registration/README.markdown @ 5682:527c747711f3

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Limit revocation to clients own tokens in strict mode RFC 7009 section 2.1 states: > The authorization server first validates the client credentials (in > case of a confidential client) and then verifies whether the token was > issued to the client making the revocation request. If this > validation fails, the request is refused and the client is informed of > the error by the authorization server as described below. The first part was already covered (in strict mode). This adds the later part using the hash of client_id recorded in 0860497152af It still seems weird to me that revoking a leaked token should not be allowed whoever might have discovered it, as that seems the responsible thing to do.
author Kim Alvefur <zash@zash.se>
date Sun, 29 Oct 2023 11:30:49 +0100
parents 8de50be756e5
children
line wrap: on
line source

---
labels:
- 'Stage-Beta'
summary: provides captcha protection for registration form
...

Introduction
============

Prosody-captcha is a little modification of prosody's
"mod\_register.lua" module that provides captcha protection for
registration form.

Installation
============

First of all you should build and install lua bindings for libgd —
[lua-gd](https://github.com/ittner/lua-gd/).

Then clone repsository lua-captcha:

    $ git clone https://github.com/mrDoctorWho/lua-captcha

install it:

    $ make install

Configuration
=============

After that you would configure prosody. This module requires from you 4
fields, you should add this into your VirtualHost entry.

    captcha_config = {
            dir = "/tmp"; -- Directory used to storage captcha images. Please make sure prosody user allowed to write there.
            timeout = 60; -- Timeout when captcha will expire
            web_path = "challenge"; -- Web path used to separate main prosody site from itself modules.
            font = "/usr/lib/prosody/FiraSans-Regular.ttf" -- Font used for captcha text
    }

You can run script "install.lua" to install this or instead of that
while prosody developers didn't accepted "dataforms" changes you should
replace standard prosody "dataforms.lua" located in ubuntu in
/usr/lib/prosody/util by another one from this repository. You should do
the same thing with "mod\_register.lua" located in ubuntu in
/usr/lib/prosody/modules.

After this all you can try to register on your server and see the
captcha.

TODO
====

-   Maybe use recaptcha instead of libgd.