about summary refs log tree commit diff
path: root/spec
diff options
context:
space:
mode:
authorThibG <thib@sitedethib.com>2020-12-10 06:27:26 +0100
committerGitHub <noreply@github.com>2020-12-10 06:27:26 +0100
commit49eb4d4ddf61e25c5aaab89aa630ddd3c7f3c23d (patch)
tree3ed700750271b0ac8892f2282325d9838b915446 /spec
parent9669167aaeaa834dcc99fa7df961c4f9b8118850 (diff)
Add honeypot fields and minimum fill-out time for sign-up form (#15276)
* Add honeypot fields to limit non-specialized spam

Add two honeypot fields: a fake website input and a fake password confirmation
one. The label/placeholder/aria-label tells not to fill them, and they are
hidden in CSS, so legitimate users should not fall into these.

This should cut down on some non-Mastodon-specific spambots.

* Require a 3 seconds delay before submitting the registration form

* Fix tests

* Move registration form time check to model validation

* Give people a chance to clear the honeypot fields

* Refactor honeypot translation strings

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
Diffstat (limited to 'spec')
-rw-r--r--spec/controllers/auth/registrations_controller_spec.rb4
1 files changed, 4 insertions, 0 deletions
diff --git a/spec/controllers/auth/registrations_controller_spec.rb b/spec/controllers/auth/registrations_controller_spec.rb
index bef822763..c701a3b8b 100644
--- a/spec/controllers/auth/registrations_controller_spec.rb
+++ b/spec/controllers/auth/registrations_controller_spec.rb
@@ -82,6 +82,10 @@ RSpec.describe Auth::RegistrationsController, type: :controller do
   describe 'POST #create' do
     let(:accept_language) { Rails.application.config.i18n.available_locales.sample.to_s }
 
+    before do
+      session[:registration_form_time] = 5.seconds.ago
+    end
+
     around do |example|
       current_locale = I18n.locale
       example.run