prosody-modules
94399ad6b5ab
mod_captcha_registration/README.md

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

mod_captcha_registration/README.md @ 6191:94399ad6b5ab

mod_invites_register_api: Use set_password() for password resets Previously the code relied on the (weird) behaviour of create_user(), which would update the password for a user account if it already existed. This has several issues, and we plan to deprecate this behaviour of create_user(). The larger issue is that this route does not trigger the user-password-changed event, which can be a security problem. For example, it did not disconnect existing user sessions (this occurs in mod_c2s in response to the event). Switching to set_password() is the right thing to do.
author Matthew Wild <mwild1@gmail.com>
date Thu, 06 Feb 2025 10:13:39 +0000
parent 6003:fe081789f7b5
line wrap: on
line source

---
labels:
- 'Stage-Beta'
summary: provides captcha protection for registration form
...

Introduction
============

Prosody-captcha is a little modification of prosody's
"mod\_register.lua" module that provides captcha protection for
registration form.

Installation
============

First of all you should build and install lua bindings for libgd —
[lua-gd](https://github.com/ittner/lua-gd/).

Then clone repsository lua-captcha:

    $ git clone https://github.com/mrDoctorWho/lua-captcha

install it:

    $ make install

Configuration
=============

After that you would configure prosody. This module requires from you 4
fields, you should add this into your VirtualHost entry.

    captcha_config = {
            dir = "/tmp"; -- Directory used to storage captcha images. Please make sure prosody user allowed to write there.
            timeout = 60; -- Timeout when captcha will expire
            web_path = "challenge"; -- Web path used to separate main prosody site from itself modules.
            font = "/usr/lib/prosody/FiraSans-Regular.ttf" -- Font used for captcha text
    }

You can run script "install.lua" to install this or instead of that
while prosody developers didn't accepted "dataforms" changes you should
replace standard prosody "dataforms.lua" located in ubuntu in
/usr/lib/prosody/util by another one from this repository. You should do
the same thing with "mod\_register.lua" located in ubuntu in
/usr/lib/prosody/modules.

After this all you can try to register on your server and see the
captcha.

TODO
====

-   Maybe use recaptcha instead of libgd.