continuwuation/continuwuity
8
20
Fork 18
Code Issues 82 Pull requests 8 Projects Releases 17 Packages 1 Activity Actions 1

Implement ReCaptcha registration flow #900

Merged
nex merged 9 commits from nex/feat/recaptcha into main 2025-07-08 19:06:53 +00:00
Conversation 1 Commits 9 Files changed 7 +123 -20
nex commented 2025-07-08 18:13:08 +00:00
Owner
Copy link

Implements the m.login.recaptcha flow, which allows servers to gate their registration behind a captcha, preventing automated signups.

Implements the `m.login.recaptcha` flow, which allows servers to gate their registration behind a captcha, preventing automated signups.
nex added the
Enhancement
Matrix/Client
Matrix/Auth
 labels 2025-07-08 18:13:08 +00:00
nex added 4 commits 2025-07-08 18:13:09 +00:00
feat: Add ReCaptcha registration flow
Some checks failed
Release Docker Image / merge (push) Blocked by required conditions
Details
Release Docker Image / define-variables (push) Successful in 1s
Details
Checks / Prefligit / prefligit (push) Successful in 54s
Details
Checks / Rust / Format (push) Successful in 54s
Details
Checks / Rust / Clippy (push) Failing after 3m41s
Details
Checks / Rust / Cargo Test (push) Successful in 4m51s
Details
Release Docker Image / build-image (linux/amd64, release, linux-amd64, base) (push) Has been cancelled
Details
Release Docker Image / build-image (linux/arm64, release, linux-arm64, base) (push) Has been cancelled
Details
651d07a609
feat(recaptcha): Add documentation for new fields
Some checks failed
Release Docker Image / merge (push) Blocked by required conditions
Details
Release Docker Image / define-variables (push) Successful in 14s
Details
Checks / Prefligit / prefligit (push) Successful in 29s
Details
Checks / Rust / Format (push) Successful in 1m3s
Details
Checks / Rust / Clippy (push) Failing after 3m26s
Details
Release Docker Image / build-image (linux/arm64, release, linux-arm64, base) (push) Has been cancelled
Details
Release Docker Image / build-image (linux/amd64, release, linux-amd64, base) (push) Has been cancelled
Details
Checks / Rust / Cargo Test (push) Failing after 18m48s
Details
df1cb10a8e
feat(recaptcha): Disable treating captcha-enabled servers as abuse-prone
Some checks failed
Release Docker Image / build-image (linux/amd64, release, linux-amd64, base) (push) Blocked by required conditions
Details
Release Docker Image / build-image (linux/arm64, release, linux-arm64, base) (push) Blocked by required conditions
Details
Release Docker Image / merge (push) Blocked by required conditions
Details
Checks / Rust / Clippy (push) Waiting to run
Details
Checks / Rust / Cargo Test (push) Waiting to run
Details
Checks / Prefligit / prefligit (push) Successful in 26s
Details
Release Docker Image / define-variables (push) Successful in 2s
Details
Checks / Rust / Format (push) Has been cancelled
Details
e4a6abe15e
feat(recaptcha): Update example config after previous changes
Some checks failed
Checks / Prefligit / prefligit (push) Waiting to run
Details
Release Docker Image / merge (push) Blocked by required conditions
Details
Release Docker Image / define-variables (push) Successful in 6s
Details
Checks / Rust / Format (push) Successful in 46s
Details
Checks / Rust / Clippy (push) Failing after 3m55s
Details
Checks / Prefligit / prefligit (pull_request) Successful in 35s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 46s
Details
Checks / Rust / Cargo Test (push) Successful in 5m17s
Details
Release Docker Image / build-image (linux/amd64, release, linux-amd64, base) (push) Has been cancelled
Details
Release Docker Image / build-image (linux/arm64, release, linux-arm64, base) (push) Has been cancelled
Details
980774a275
nex added 1 commit 2025-07-08 18:16:00 +00:00
feat(recaptcha): Fix linting issues
Some checks failed
Release Docker Image / build-image (linux/amd64, release, linux-amd64, base) (push) Blocked by required conditions
Details
Release Docker Image / build-image (linux/arm64, release, linux-arm64, base) (push) Blocked by required conditions
Details
Release Docker Image / merge (push) Blocked by required conditions
Details
Release Docker Image / define-variables (push) Successful in 4s
Details
Checks / Prefligit / prefligit (push) Successful in 26s
Details
Checks / Rust / Format (push) Successful in 51s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 37s
Details
Checks / Prefligit / prefligit (pull_request) Successful in 34s
Details
Checks / Rust / Cargo Test (push) Failing after 2m53s
Details
Checks / Rust / Clippy (push) Failing after 3m8s
Details
f0994355d4
requested review from Jade 2025-07-08 18:18:40 +00:00
Jade approved these changes 2025-07-08 18:23:09 +00:00
src/core/config/check.rs Outdated
@ -185,3 +185,4 @@
&& config.registration_token.is_none()
&& config.registration_token_file.is_none()
&& !(config.recaptcha_site_key.is_some() && config.recaptcha_private_site_key.is_some())
{
Jade commented 2025-07-08 18:23:04 +00:00
Owner
Copy link

Might or might not still be worth having a note when recaptcha is set? Up to you

Might or might not still be worth having a note when recaptcha is set? Up to you
nex commented 2025-07-08 18:29:10 +00:00
Author
Owner
Copy link

yeah, might add a warning in since I still consider no-verification (token/email) "insecure", but it's not as insecure as "no confirmation at all".

Regardless, there's a warning just below anyway:

	if config.allow_registration
		&& config.yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse
		&& config.registration_token.is_none()
		&& config.registration_token_file.is_none()
	{
		warn!(
			"Open registration is enabled via setting \
			 `yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse` and \
			 `allow_registration` to true without a registration token configured. You are \
			 expected to be aware of the risks now. If this is not the desired behaviour, \
			 please set a registration token."
		);
	}

I think this is sufficient

yeah, might add a warning in since I still consider no-verification (token/email) "insecure", but it's not as insecure as "no confirmation at all". Regardless, there's a warning just below anyway: ```rs if config.allow_registration && config.yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse && config.registration_token.is_none() && config.registration_token_file.is_none() { warn!( "Open registration is enabled via setting \ `yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse` and \ `allow_registration` to true without a registration token configured. You are \ expected to be aware of the risks now. If this is not the desired behaviour, \ please set a registration token." ); } ``` I think this is sufficient
nex marked this conversation as resolved
src/core/config/mod.rs Outdated
@ -557,2 +557,4 @@
pub registration_token_file: Option<PathBuf>,
/// The public site key for reCaptcha. If this is provided, reCaptcha
/// becomes required during registration, **even if token registration is
Jade commented 2025-07-08 18:20:31 +00:00
Owner
Copy link

So users need either to solve the captcha or give the token, but not both?

So users need either to solve the captcha or give the token, but not both?
nex commented 2025-07-08 18:28:41 +00:00
Author
Owner
Copy link

They need to do both if both are configured. If enabled, token is required first, and then captcha.

They need to do both if both are configured. If enabled, token is required first, and then captcha.
Jade commented 2025-07-08 18:31:25 +00:00
Owner
Copy link

Perhaps clarify that, I misunderstood a bit

Perhaps clarify that, I misunderstood a bit
👍 1
nex marked this conversation as resolved
src/core/config/mod.rs Outdated
@ -558,1 +558,4 @@
/// The public site key for reCaptcha. If this is provided, reCaptcha
/// becomes required during registration, **even if token registration is
/// enabled**.
Jade commented 2025-07-08 18:21:09 +00:00
Owner
Copy link

FWIW this might be used for new auth's signup flow too, once that's implemented

FWIW this might be used for new auth's signup flow too, once that's implemented
👍 1
nex marked this conversation as resolved
nex added 1 commit 2025-07-08 18:27:59 +00:00
feat(recaptcha): Fix linting issues after the linter fix lied to me
Some checks failed
Release Docker Image / merge (push) Blocked by required conditions
Details
Checks / Prefligit / prefligit (push) Successful in 13s
Details
Release Docker Image / define-variables (push) Successful in 13s
Details
Checks / Prefligit / prefligit (pull_request) Successful in 30s
Details
Checks / Rust / Format (push) Successful in 48s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 49s
Details
Checks / Rust / Clippy (push) Successful in 3m17s
Details
Release Docker Image / build-image (linux/amd64, release, linux-amd64, base) (push) Has been cancelled
Details
Release Docker Image / build-image (linux/arm64, release, linux-arm64, base) (push) Has been cancelled
Details
Checks / Rust / Cargo Test (push) Has been cancelled
Details
ff805d8ae1
nex added 2 commits 2025-07-08 18:36:09 +00:00
docs(recaptcha): Clarify registration when token & captcha are configured
Some checks failed
Release Docker Image / build-image (linux/amd64, release, linux-amd64, base) (push) Blocked by required conditions
Details
Release Docker Image / merge (push) Blocked by required conditions
Details
Checks / Rust / Cargo Test (push) Waiting to run
Details
Release Docker Image / define-variables (push) Successful in 4s
Details
Checks / Prefligit / prefligit (push) Successful in 23s
Details
Checks / Rust / Format (push) Successful in 48s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 44s
Details
Checks / Prefligit / prefligit (pull_request) Successful in 22s
Details
Checks / Rust / Clippy (push) Successful in 5m47s
Details
Release Docker Image / build-image (linux/arm64, release, linux-arm64, base) (push) Has been cancelled
Details
c362499cef
nex scheduled this pull request to auto merge when all checks succeed 2025-07-08 18:41:57 +00:00
nex added 1 commit 2025-07-08 18:47:48 +00:00
chore(recaptcha): Update example config file
All checks were successful
Documentation / Build and Deploy Documentation (pull_request) Successful in 49s
Details
Checks / Prefligit / prefligit (pull_request) Successful in 32s
Details
Release Docker Image / define-variables (push) Successful in 4s
Details
Checks / Prefligit / prefligit (push) Successful in 24s
Details
Documentation / Build and Deploy Documentation (push) Successful in 31s
Details
Checks / Rust / Format (push) Successful in 1m1s
Details
Checks / Rust / Clippy (push) Successful in 4m50s
Details
Checks / Rust / Cargo Test (push) Successful in 5m15s
Details
Release Docker Image / build-image (linux/amd64, release, linux-amd64, base) (push) Successful in 13m36s
Details
Release Docker Image / build-image (linux/arm64, release, linux-arm64, base) (push) Successful in 13m36s
Details
Release Docker Image / merge (push) Successful in 31s
Details
b71186d958 
Unsure how this managed to get past the `git commit -S -a`
but sure
nex merged commit b71186d958 into main 2025-07-08 19:06:53 +00:00
nex deleted branch nex/feat/recaptcha 2025-07-08 19:06:53 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Jade
Labels
Clear labels   
Bug

Something isn't working as intended

  
Cherry-picking

Commits picked from other conduit projects

  
Database

This requires or includes changes to the database

  
Dependencies

Something dependency related

  
Difficulty
Easy
Low difficulty to implement - touches few parts of the codebase, low complexity

  
Difficulty
Hard
High difficulty to implement - touches many parts of the codebase, high complexity

  
Difficulty
Medium
Medium difficulty to implement - touches more parts of the codebase, higher complexity

  
Documentation

Improvements or additions to documentation

  
Enhancement

New feature or request

  
Good first issue

Good for newcomers

  
Help wanted

Additional eyes and keyboards are required for this one

  
Inherited

Issues that have been inhereted from the project pre-fork

  
Matrix/Administration

Features pertaining to homeserver administration

  
Matrix/Appservices

Features pertaining to the appservice API

  
Matrix/Auth

Features pertaining to authentication

  
Matrix/Client

Features pertaining to client-to-server interactions

  
Matrix/Core

   
Matrix/Federation

Features pertaining to server-to-server interactions

  
Matrix/MSC

Features pertaining to unstable matrix features

  
Matrix/Media

Features pertaining to media interactions

  
Meta

Related to housekeeping, maintenance, or other repo-meta.

  
Meta/Packaging

Packaging

  
Priority
Blocking
This issue is blocking the next release

  
Priority
High
This issue is very important

  
Priority
Low
This issue is of a rather low priority

  
Security

This item is related to general security

  
Status
Confirmed

  
Status
Duplicate
This issue or pull request already exists

  
Status
Invalid
This issue doesn't seem right

  
Status
Needs Investigation
This issue needs further investigation

  
Wont fix

This will not be worked on

  
old/ci/cd

Ci/CD

Archived

  
old/rust

Pull requests that update Rust code

Archived

No labels
Bug
Cherry-picking
Database
Dependencies
Difficulty
Easy
Difficulty
Hard
Difficulty
Medium
Documentation
Enhancement
Good first issue
Help wanted
Inherited
Matrix/Administration
Matrix/Appservices
Matrix/Auth
Matrix/Client
Matrix/Core
Matrix/Federation
Matrix/MSC
Matrix/Media
Meta
Meta/Packaging
Priority
Blocking
Priority
High
Priority
Low
Security
Status
Confirmed
Status
Duplicate
Status
Invalid
Status
Needs Investigation
Wont fix
old/ci/cd
old/rust
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: continuwuation/continuwuity#900
No description provided.
Delete branch "nex/feat/recaptcha"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?