From 2aaf20b42bd729b33fdbd69e8cff800db156502f Mon Sep 17 00:00:00 2001
From: Nick Sergeant <nick@nicksergeant.com>
Date: Wed, 23 Sep 2015 11:47:23 -0400
Subject: [PATCH] Recaptcha for teams signup.

---
 settings_local.py-template        |  1 +
 templates/base.html               |  2 ++
 templates/for-teams-complete.html |  2 +-
 templates/for-teams.html          |  3 ++-
 views.py                          | 12 ++++++++++++
 5 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/settings_local.py-template b/settings_local.py-template
index aed01ed..336d080 100644
--- a/settings_local.py-template
+++ b/settings_local.py-template
@@ -3,6 +3,7 @@ DEBUG = True
 INTERCOM_SECRET_KEY = ''
 POSTMARK_API_KEY = ''
 RAVEN_CONFIG = {'dsn': ''}
+RECAPTCHA_SECRET = ''
 SECRET_KEY = 'changeme'
 SESSION_COOKIE_SECURE = False
 SSLIFY_DISABLE = False
diff --git a/templates/base.html b/templates/base.html
index 757f78d..1e62f01 100644
--- a/templates/base.html
+++ b/templates/base.html
@@ -65,6 +65,8 @@
   <script src="https://html5shiv.googlecode.com/svn/trunk/html5.js"></script>
   <![endif]-->
 
+  <script src="https://www.google.com/recaptcha/api.js"></script>
+
 </head>
 <body class="{% block body-class %}{% endblock %} {% if request.user.profile.is_pro %}is-pro{% endif %}" ng-controller="AppController">
 
diff --git a/templates/for-teams-complete.html b/templates/for-teams-complete.html
index d8b38da..69693e1 100644
--- a/templates/for-teams-complete.html
+++ b/templates/for-teams-complete.html
@@ -15,7 +15,7 @@
       <div class="info">
         You rock.
         <p class="sub" style="padding: 0 120px;">
-          We'll email you to arrange the beta program payment of $49, and help you get your first team created!<br /><br />
+          We'll email you to get more information about your team and to help you get your first team created.
           If you ever need anything at all, <a href="mailto:support@snipt.net">email support</a>, or use the chat in the bottom right.
         </p>
       </div>
diff --git a/templates/for-teams.html b/templates/for-teams.html
index 41d5fa6..449bb7c 100644
--- a/templates/for-teams.html
+++ b/templates/for-teams.html
@@ -14,7 +14,7 @@
       You've successfully applied for the beta program - we'll email you as soon as we're ready!
     </div>
   {% else %}
-    <form class="form-horizontal static-box" id="pro-signup" method="post" action="/for-teams/complete/">
+    <form class="form-horizontal static-box" id="teams-signup" method="post" action="/for-teams/complete/">
       <fieldset>
         <div class="info">
           Snipt for Teams
@@ -59,6 +59,7 @@
             <textarea required name="info" name="info" id="info" class="input-xlarge" style="height: 100px;"></textarea>
           </div>
         </div>
+        <div style="margin-left: 180px;" class="g-recaptcha" data-sitekey="6LerYA0TAAAAAFJaMf7JMnlQR2wzqd_3dMRvLd-4"></div>
         <div class="form-actions">
           {% csrf_token %}
           <button type="submit" class="btn btn-success">Request more info &raquo;</button>
diff --git a/views.py b/views.py
index 6bb206a..48e5bc9 100644
--- a/views.py
+++ b/views.py
@@ -2,6 +2,7 @@ import datetime
 import hashlib
 import os
 import stripe
+import requests
 
 from accounts.models import UserProfile
 from annoying.decorators import ajax_request, render_to
@@ -33,6 +34,17 @@ def for_teams_complete(request):
 
     if request.method == 'POST':
 
+        payload = {
+            'secret': settings.RECAPTCHA_SECRET,
+            'response': request.POST['g-recaptcha-response'],
+            'remoteip': request.META.get('REMOTE_ADDR')
+        }
+        r = requests.post('https://www.google.com/recaptcha/api/siteverify',
+                          data=payload)
+
+        if not r.json()['success']:
+            return HttpResponseBadRequest()
+
         if request.user.is_authenticated():
             name = request.POST['name']
             members = request.POST['members']