removed recaptcha (intelowlproject#2437)

* removed recaptcha

* removed useless import

* prettier

* removed env.js setup

authentication/views.py

@@ -22,7 +22,6 @@
 from rest_framework.reverse import reverse
 from rest_framework.views import APIView
 
-from certego_saas.ext.mixins import RecaptchaV2Mixin
 from certego_saas.ext.throttling import POSTUserRateThrottle
 from intel_owl.settings import AUTH_USER_MODEL
 
@@ -41,31 +40,27 @@
 User: AUTH_USER_MODEL = get_user_model()
 
 
-class PasswordResetRequestView(
-    rest_email_auth.views.PasswordResetRequestView, RecaptchaV2Mixin
-):
+class PasswordResetRequestView(rest_email_auth.views.PasswordResetRequestView):
     """
     Handles requests for password reset.
 
     Args:
         rest_email_auth.views.PasswordResetRequestView:
         The parent view class for password reset requests.
-        RecaptchaV2Mixin: A mixin for reCAPTCHA verification.
     """
 
     authentication_classes: List = []
     permission_classes: List = []
     throttle_classes: List = [POSTUserRateThrottle]
 
 
-class PasswordResetView(rest_email_auth.views.PasswordResetView, RecaptchaV2Mixin):
+class PasswordResetView(rest_email_auth.views.PasswordResetView):
     """
     Handles password reset.
 
     Args:
         rest_email_auth.views.PasswordResetView:
         The parent view class for password reset.
-        RecaptchaV2Mixin: A mixin for reCAPTCHA verification.
     """
 
     authentication_classes: List = []
@@ -88,14 +83,13 @@ class EmailVerificationView(rest_email_auth.views.EmailVerificationView):
     serializer_class = EmailVerificationSerializer
 
 
-class RegistrationView(rest_email_auth.views.RegistrationView, RecaptchaV2Mixin):
+class RegistrationView(rest_email_auth.views.RegistrationView):
     """
     Handles user registration.
 
     Args:
         rest_email_auth.views.RegistrationView:
         The parent view class for user registration.
-        RecaptchaV2Mixin: A mixin for reCAPTCHA verification.
     """
 
     authentication_classes: List = []
@@ -113,30 +107,23 @@ def get_serializer_class(self):  # skipcq: PYL-R0201
         return RegistrationSerializer
 
 
-class ResendVerificationView(
-    rest_email_auth.views.ResendVerificationView, RecaptchaV2Mixin
-):
+class ResendVerificationView(rest_email_auth.views.ResendVerificationView):
     """
     Handles re-sending email verification.
 
     Args:
         rest_email_auth.views.ResendVerificationView:
         The parent view class for resending email verification.
-        RecaptchaV2Mixin: A mixin for reCAPTCHA verification.
     """
 
     authentication_classes: List = []
     permission_classes: List = []
     throttle_classes: List = [POSTUserRateThrottle]
 
 
-class LoginView(RecaptchaV2Mixin):
-    """
-    Handles user login.
-
-    Args:
-        RecaptchaV2Mixin: A mixin for reCAPTCHA verification.
+class LoginView(APIView):
     """
+    Handles user login."""
 
     authentication_classes: List = []
     permission_classes: List = []
@@ -167,11 +154,6 @@ def post(self, request, *args, **kwargs):
         Returns:
             Response: The response object.
         """
-        try:
-            self.get_serializer()  # for RecaptchaV2Mixin
-        except AssertionError:
-            # it will raise this bcz `serializer_class` is not defined
-            pass
         user = self.validate_and_return_user(request=request)
         logger.info(f"perform_login received request from '{user.username}''.")
         login(request, user)
@@ -355,12 +337,6 @@ def checkConfiguration(request):
             ):
                 errors["SMTP backend"] = "configuration required"
 
-    # if you are in production environment
-    if settings.USE_RECAPTCHA:
-        # recaptcha key
-        if settings.DRF_RECAPTCHA_SECRET_KEY == "fake":
-            errors["RECAPTCHA_SECRET_KEY"] = "required"
-
     logger.info(f"Configuration errors: {errors}")
     return Response(
         status=status.HTTP_200_OK, data={"errors": errors} if errors else {}

docker/default.yml

@@ -12,7 +12,6 @@ services:
       - ../configuration/intel_owl.ini:/etc/uwsgi/sites/intel_owl.ini # uwsgi configuration file
       - ../configuration:/opt/deploy/intel_owl/configuration
       - generic_logs:/var/log/intel_owl
-      - ../frontend/public/env.js:/var/www/reactapp/env.js # this is needed because we have to mount the file from the server to the image BEFORE staticfiles
       - static_content:/opt/deploy/intel_owl/static
       - shared_files:/opt/deploy/files_required
     entrypoint:

docker/env_file_app_ci

@@ -59,8 +59,5 @@ COVERAGE_PROCESS_START=.coveragerc
 BROKER_URL=redis://redis:6379/1
 WEBSOCKETS_URL=redis://redis:6379/0
 
-# drf-recaptcha
-USE_RECAPTCHA=False
-RECAPTCHA_SECRET_KEY="testkey"
 # crons
 REPO_DOWNLOADER_ENABLED=False

docker/env_file_app_template

@@ -85,8 +85,3 @@ WEBSOCKETS_URL=redis://redis:6379/0
 
 FLOWER_USER=flower
 FLOWER_PWD=flower
-
-USE_RECAPTCHA=False
-# drf-recaptcha
-## localhost, internal deployments
-RECAPTCHA_SECRET_KEY=""

docs/source/Advanced-Usage.md

@@ -64,16 +64,6 @@ To have the "Registration" page to work correctly, you must configure some varia
 
 In a development environment the emails that would be sent are written to the standard output.
 
-#### Recaptcha configuration
-The Registration Page contains a Recaptcha form from Google. By default, that Recaptcha is not configured and is not shown.
-
-If your intention is to publish IntelOwl as a Service you should first remember to comply to the [AGPL License](https://github.com/intelowlproject/IntelOwl/blob/master/LICENSE).
-
-Then you need to add the generated Recaptcha Secret in the `RECAPTCHA_SECRET_KEY` value in the `env_file_app` file.
-
-Afterwards you should configure the Recaptcha Key for your site and add that value in the `RECAPTCHA_SITEKEY` in the `frontend/public/env.js` file.
-In that case, you would need to [re-build](/Installation.md#update-and-rebuild) the application to have the changes properly reflected.
-
 
 ## Optional Analyzers
 

docs/source/Installation.md

@@ -112,13 +112,6 @@ Configuration required to enable integration with Slack:
 * `SLACK_TOKEN`: Slack token of your Slack application that will be used to send/receive notifications
 * `DEFAULT_SLACK_CHANNEL`: ID of the Slack channel you want to post the message to
 
-Configuration required to enable Re-Captcha in the Login and the Registration Page:
-In the `docker/env_file_app`:
-* `USE_RECAPTCHA`: if you want to use recaptcha on your login
-* `RECAPTCHA_SECRET_KEY`: your recaptcha secret key
-In the `frontend/public/env.js`:
-* `RECAPTCHA_SITEKEY`: Recaptcha Key for your site
-
 Configuration required to have InteOwl sending Emails (registration requests, mail verification, password reset/change, etc)
 * `DEFAULT_FROM_EMAIL`: email address used for automated correspondence from the site manager (example: `noreply@mydomain.com`)
 * `DEFAULT_EMAIL`: email address used for correspondence with users (example: `info@mydomain.com`)

frontend/package.json

@@ -18,7 +18,6 @@
     "react": "^17.0.2",
     "react-dom": "^17.0.2",
     "react-error-boundary": "^4.0.13",
-    "react-google-recaptcha": "^3.1.0",
     "react-icons": "^4.12.0",
     "react-joyride": "^2.8.1",
     "react-json-tree": "^0.18.0",

frontend/src/components/auth/Login.jsx

@@ -17,12 +17,8 @@ import useTitle from "react-use/lib/useTitle";
 import { addToast, ContentSection } from "@certego/certego-ui";
 import { AUTH_BASE_URI } from "../../constants/apiURLs";
 
-import { PUBLIC_URL, RECAPTCHA_SITEKEY } from "../../constants/environment";
-import ReCAPTCHAInput from "./utils/ReCAPTCHAInput";
-import { RecaptchaValidator } from "./utils/validator";
-import { ConfigurationModalAlert } from "./utils/registration-alert";
+import { PUBLIC_URL } from "../../constants/environment";
 import { useAuthStore } from "../../stores/useAuthStore";
-import { checkConfiguration } from "./authApi";
 
 import {
   ResendVerificationEmailButton,
@@ -33,7 +29,6 @@ import {
 const initialValues = {
   username: "",
   password: "",
-  recaptcha: "noKey",
 };
 // methods
 const onValidate = (values) => {
@@ -44,11 +39,6 @@ const onValidate = (values) => {
   if (!values.password) {
     errors.password = "Required";
   }
-  // recaptcha
-  const recaptchaErrors = RecaptchaValidator(values.recaptcha);
-  if (recaptchaErrors.recaptcha) {
-    errors.recaptcha = recaptchaErrors.recaptcha;
-  }
   return errors;
 };
 
@@ -63,20 +53,6 @@ export default function Login() {
 
   // local state
   const [passwordShown, setPasswordShown] = React.useState(false);
-  const [showConfigurationModal, setShowConfigurationModal] =
-    React.useState(false);
-
-  React.useEffect(() => {
-    checkConfiguration({
-      params: {
-        page: "login",
-      },
-    }).catch(() => {
-      setShowConfigurationModal(true);
-    });
-  }, []);
-
-  console.debug("showConfigurationModal:", showConfigurationModal);
 
   // auth store
   const loginUser = useAuthStore(
@@ -97,13 +73,6 @@ export default function Login() {
 
   return (
     <ContentSection className="bg-body">
-      {showConfigurationModal && (
-        <ConfigurationModalAlert
-          isOpen={showConfigurationModal}
-          setIsOpen={setShowConfigurationModal}
-          title="The Recaptcha has not been configured!"
-        />
-      )}
       <Container className="col-12 col-lg-8 col-xl-4">
         <div className="g-0 my-2 d-none d-md-flex">
           <img
@@ -209,15 +178,6 @@ export default function Login() {
                   />
                   <Label check>Show password</Label>
                 </FormGroup>
-                {/* reCAPTCHA */}
-                <FormGroup className="mt-3 d-flex">
-                  {RECAPTCHA_SITEKEY && (
-                    <ReCAPTCHAInput
-                      id="LoginForm__recaptcha"
-                      className="m-3 mx-auto"
-                    />
-                  )}
-                </FormGroup>
                 {/* Submit */}
                 <FormGroup className="d-flex-center">
                   <Button