arona/PyRIGS
1
0
Fork 0
mirror of https://github.com/nottinghamtec/PyRIGS.git synced 2026-01-17 05:22:16 +00:00
Code Issues Projects Releases Wiki Activity

Bypass hCaptcha in automated testing

Browse Source
This commit is contained in:
FreneticScribbler
2021-09-18 09:47:13 +01:00
parent 796f5b44b0
commit f1e43b707e
6 changed files with 36 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
Pipfile
View File

@@ -77,7 +77,7 @@ zipp = "~=3.4.0"
sentry-sdk = "*" sentry-sdk = "*"
diff-match-patch = "*" diff-match-patch = "*"
python-barcode = "*" python-barcode = "*"
django-hcaptcha = "*" django-hCaptcha = "*"
[dev-packages] [dev-packages]
selenium = "~=3.141.0" selenium = "~=3.141.0"
@@ -89,8 +89,14 @@ pytest-django = "*"
pluggy = "*" pluggy = "*"
pytest-splinter = "*" pytest-splinter = "*"
pytest = "*" pytest = "*"
pytest-xdist = {extras = [ "psutil",], version = "*"}
PyPOM = {extras = [ "splinter",], version = "*"}
[requires] [requires]
python_version = "3.9" python_version = "3.9"
[dev-packages.pytest-xdist]
extras = [ "psutil",]
version = "*"
[dev-packages.PyPOM]
extras = [ "splinter",]
version = "*"

24
Pipfile.lock generated
View File

@@ -1,7 +1,7 @@
{ {
"_meta": { "_meta": {
"hash": { "hash": {
"sha256": "28cf82a210d555ef6791bb56e5ecf8c7ce345a85f65095d724e890fbbaa44803" "sha256": "ad1849939ea22858eeac17e407bacd6b5abdac3279a845ca275ea64073d71dd9"
}, },
"pipfile-spec": 6, "pipfile-spec": 6,
"requires": { "requires": {
@@ -294,7 +294,6 @@
"sha256:0d78f8fde1c230e99fe37986a60526d7049ed4bf8a9fadbad5f00e22e58e041d", "sha256:0d78f8fde1c230e99fe37986a60526d7049ed4bf8a9fadbad5f00e22e58e041d",
"sha256:b2e5b40261e20f354d198eae92afc10d750afb487ed5e50f9c4eaf07c184146f" "sha256:b2e5b40261e20f354d198eae92afc10d750afb487ed5e50f9c4eaf07c184146f"
], ],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'",
"version": "==1.1" "version": "==1.1"
}, },
"icalendar": { "icalendar": {
@@ -453,7 +452,6 @@
"sha256:f147932f1090a029c208a37a979cd8b97bdd6107c4885faeabf8c9da6cd32c43", "sha256:f147932f1090a029c208a37a979cd8b97bdd6107c4885faeabf8c9da6cd32c43",
"sha256:f1a31fcb7f34609eca0b3330ad4fbc38ff3b30b9341a0ff69a0cd7e376ce6b91" "sha256:f1a31fcb7f34609eca0b3330ad4fbc38ff3b30b9341a0ff69a0cd7e376ce6b91"
], ],
"markers": "python_version >= '3.6'",
"version": "==3.0.0" "version": "==3.0.0"
}, },
"pillow": { "pillow": {
@@ -520,7 +518,6 @@
"sha256:4224373bacce55f955a878bf9cfa763c1e360858e330072059e10bad68531159", "sha256:4224373bacce55f955a878bf9cfa763c1e360858e330072059e10bad68531159",
"sha256:74134bbf457f031a36d68416e1509f34bd5ccc019f0bcc952c7b909d06b37bd3" "sha256:74134bbf457f031a36d68416e1509f34bd5ccc019f0bcc952c7b909d06b37bd3"
], ],
"markers": "python_version >= '3.6'",
"version": "==1.0.0" "version": "==1.0.0"
}, },
"premailer": { "premailer": {
@@ -787,6 +784,7 @@
"sha256:c2c1c2d44f158cdbddab7824a9af8c4f83c76b1e23e049479aa432feb6c4c23b" "sha256:c2c1c2d44f158cdbddab7824a9af8c4f83c76b1e23e049479aa432feb6c4c23b"
], ],
"index": "pypi", "index": "pypi",
"markers": "python_version >= '3.0'",
"version": "==2.2.1" "version": "==2.2.1"
}, },
"sqlparse": { "sqlparse": {
@@ -824,7 +822,6 @@
"sha256:806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b", "sha256:806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b",
"sha256:b3bda1d108d5dd99f4a20d24d9c348e91c4db7ab1b749200bded2f839ccbe68f" "sha256:b3bda1d108d5dd99f4a20d24d9c348e91c4db7ab1b749200bded2f839ccbe68f"
], ],
"markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'",
"version": "==0.10.2" "version": "==0.10.2"
}, },
"tornado": { "tornado": {
@@ -1116,7 +1113,6 @@
"sha256:149e90d6d8ac20db7a955ad60cf0e6881a3f20d37096140088356da6c716b0b1", "sha256:149e90d6d8ac20db7a955ad60cf0e6881a3f20d37096140088356da6c716b0b1",
"sha256:ef6aaac3ca6cd92904cdd0d83f629a15f18053ec84e6432106f7a4d04ae4f5fb" "sha256:ef6aaac3ca6cd92904cdd0d83f629a15f18053ec84e6432106f7a4d04ae4f5fb"
], ],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'",
"version": "==21.2.0" "version": "==21.2.0"
}, },
"certifi": { "certifi": {
@@ -1129,11 +1125,11 @@
}, },
"charset-normalizer": { "charset-normalizer": {
"hashes": [ "hashes": [
"sha256:0c8911edd15d19223366a194a513099a302055a962bca2cec0f54b8b63175d8b", "sha256:5d209c0a931f215cee683b6445e2d77677e7e75e159f78def0db09d68fafcaa6",
"sha256:f23667ebe1084be45f6ae0538e4a5a865206544097e4e8bbcacf42cd02a348f3" "sha256:5ec46d183433dcbd0ab716f2d7f29d8dee50505b3fdb40c6b985c7c4f5a3591f"
], ],
"markers": "python_version >= '3'", "markers": "python_version >= '3'",
"version": "==2.0.4" "version": "==2.0.6"
}, },
"coverage": { "coverage": {
"hashes": [ "hashes": [
@@ -1190,7 +1186,6 @@
"sha256:f0b278ce10936db1a37e6954e15a3730bea96a0997c26d7fee88e6c396c2086d", "sha256:f0b278ce10936db1a37e6954e15a3730bea96a0997c26d7fee88e6c396c2086d",
"sha256:f11642dddbb0253cc8853254301b51390ba0081750a8ac03f20ea8103f0c56b6" "sha256:f11642dddbb0253cc8853254301b51390ba0081750a8ac03f20ea8103f0c56b6"
], ],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' and python_version < '4'",
"version": "==5.5" "version": "==5.5"
}, },
"coveralls": { "coveralls": {
@@ -1219,7 +1214,6 @@
"sha256:8f694f3ba9cc92cab508b152dcfe322153975c29bda272e2fd7f3f00f36e47c5", "sha256:8f694f3ba9cc92cab508b152dcfe322153975c29bda272e2fd7f3f00f36e47c5",
"sha256:a295f7cc774947aac58dde7fdc85f4aa00c42adf5d8f5468fc630c1acf30a142" "sha256:a295f7cc774947aac58dde7fdc85f4aa00c42adf5d8f5468fc630c1acf30a142"
], ],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'",
"version": "==1.9.0" "version": "==1.9.0"
}, },
"idna": { "idna": {
@@ -1242,7 +1236,6 @@
"sha256:7dc96269f53a4ccec5c0670940a4281106dd0bb343f47b7471f779df49c2fbe7", "sha256:7dc96269f53a4ccec5c0670940a4281106dd0bb343f47b7471f779df49c2fbe7",
"sha256:c86254f9220d55e31cc94d69bade760f0847da8000def4dfe1c6b872fd14ff14" "sha256:c86254f9220d55e31cc94d69bade760f0847da8000def4dfe1c6b872fd14ff14"
], ],
"markers": "python_version >= '3.6'",
"version": "==21.0" "version": "==21.0"
}, },
"pluggy": { "pluggy": {
@@ -1250,7 +1243,6 @@
"sha256:4224373bacce55f955a878bf9cfa763c1e360858e330072059e10bad68531159", "sha256:4224373bacce55f955a878bf9cfa763c1e360858e330072059e10bad68531159",
"sha256:74134bbf457f031a36d68416e1509f34bd5ccc019f0bcc952c7b909d06b37bd3" "sha256:74134bbf457f031a36d68416e1509f34bd5ccc019f0bcc952c7b909d06b37bd3"
], ],
"markers": "python_version >= '3.6'",
"version": "==1.0.0" "version": "==1.0.0"
}, },
"psutil": { "psutil": {
@@ -1292,7 +1284,6 @@
"sha256:21b81bda15b66ef5e1a777a21c4dcd9c20ad3efd0b3f817e7a809035269e1bd3", "sha256:21b81bda15b66ef5e1a777a21c4dcd9c20ad3efd0b3f817e7a809035269e1bd3",
"sha256:3b80836aa6d1feeaa108e046da6423ab8f6ceda6468545ae8d02d9d58d18818a" "sha256:3b80836aa6d1feeaa108e046da6423ab8f6ceda6468545ae8d02d9d58d18818a"
], ],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
"version": "==1.10.0" "version": "==1.10.0"
}, },
"pycodestyle": { "pycodestyle": {
@@ -1348,7 +1339,6 @@
"sha256:6aa9ac7e00ad1a539c41bec6d21011332de671e938c7637378ec9710204e37ca", "sha256:6aa9ac7e00ad1a539c41bec6d21011332de671e938c7637378ec9710204e37ca",
"sha256:dc4147784048e70ef5d437951728825a131b81714b398d5d52f17c7c144d8815" "sha256:dc4147784048e70ef5d437951728825a131b81714b398d5d52f17c7c144d8815"
], ],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'",
"version": "==1.3.0" "version": "==1.3.0"
}, },
"pytest-splinter": { "pytest-splinter": {
@@ -1359,9 +1349,6 @@
"version": "==3.3.1" "version": "==3.3.1"
}, },
"pytest-xdist": { "pytest-xdist": {
"extras": [
"psutil"
],
"hashes": [ "hashes": [
"sha256:e8ecde2f85d88fbcadb7d28cb33da0fa29bca5cf7d5967fa89fc0e97e5299ea5", "sha256:e8ecde2f85d88fbcadb7d28cb33da0fa29bca5cf7d5967fa89fc0e97e5299ea5",
"sha256:ed3d7da961070fce2a01818b51f6888327fb88df4379edeb6b9d990e789d9c8d" "sha256:ed3d7da961070fce2a01818b51f6888327fb88df4379edeb6b9d990e789d9c8d"
@@ -1405,7 +1392,6 @@
"sha256:806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b", "sha256:806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b",
"sha256:b3bda1d108d5dd99f4a20d24d9c348e91c4db7ab1b749200bded2f839ccbe68f" "sha256:b3bda1d108d5dd99f4a20d24d9c348e91c4db7ab1b749200bded2f839ccbe68f"
], ],
"markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'",
"version": "==0.10.2" "version": "==0.10.2"
}, },
"urllib3": { "urllib3": {

5
PyRIGS/settings.py
View File

@@ -187,7 +187,10 @@ LOGOUT_URL = '/user/logout/'
ACCOUNT_ACTIVATION_DAYS = 7 ACCOUNT_ACTIVATION_DAYS = 7
# CAPTCHA settings # CAPTCHA settings
if not DEBUG: if DEBUG or CI:
HCAPTCHA_SITEKEY = '10000000-ffff-ffff-ffff-000000000001'
HCAPTCHA_SECRET = '0x0000000000000000000000000000000000000000'
else:
HCAPTCHA_SITEKEY = env('HCAPTCHA_SITEKEY') HCAPTCHA_SITEKEY = env('HCAPTCHA_SITEKEY')
HCAPTCHA_SECRET = env('HCAPTCHA_SECRET') HCAPTCHA_SECRET = env('HCAPTCHA_SECRET')

2
PyRIGS/tests/base.py
View File

@@ -23,7 +23,7 @@ def create_datetime(year, month, day, hour, minute):
def create_browser(): def create_browser():
options = webdriver.ChromeOptions() options = webdriver.ChromeOptions()
options.add_argument("--window-size=1920,1080") options.add_argument("--window-size=1920,1080")
options.add_argument("--headless") #options.add_argument("--headless")
if settings.CI: if settings.CI:
options.add_argument("--no-sandbox") options.add_argument("--no-sandbox")
driver = webdriver.Chrome(options=options) driver = webdriver.Chrome(options=options)

10
users/forms.py
View File

@@ -2,14 +2,20 @@ from hcaptcha.fields import hCaptchaField
from django import forms from django import forms
from django.contrib.auth.forms import (AuthenticationForm, PasswordResetForm, from django.contrib.auth.forms import (AuthenticationForm, PasswordResetForm,
UserChangeForm, UserCreationForm) UserChangeForm, UserCreationForm)
from django.conf import settings
from registration.forms import RegistrationFormUniqueEmail from registration.forms import RegistrationFormUniqueEmail
from RIGS import models from RIGS import models
class CaptchaField(hCaptchaField):
def validate(self, value):
# Skip validation if we're testing FIXME: Arona, y u so lazy
if settings.HCAPTCHA_SITEKEY != '10000000-ffff-ffff-ffff-000000000001':
super().validate(value)
# Registration # Registration
class ProfileRegistrationFormUniqueEmail(RegistrationFormUniqueEmail): class ProfileRegistrationFormUniqueEmail(RegistrationFormUniqueEmail):
hcaptcha = hCaptchaField() hcaptcha = CaptchaField()
class Meta: class Meta:
model = models.Profile model = models.Profile
@@ -41,7 +47,7 @@ class EmbeddedAuthenticationForm(CheckApprovedForm):
class PasswordReset(PasswordResetForm): class PasswordReset(PasswordResetForm):
hcaptcha = hCaptchaField() hcaptcha = CaptchaField()
class ProfileCreationForm(UserCreationForm): class ProfileCreationForm(UserCreationForm):

23
users/tests/test_users.py
View File

@@ -1,8 +1,10 @@
import os import os
import re import re
import time
from django.core import mail from django.core import mail
from django.test import LiveServerTestCase from django.test import LiveServerTestCase
from django.test.utils import override_settings
from selenium.webdriver.common.keys import Keys from selenium.webdriver.common.keys import Keys
from PyRIGS.tests.base import create_browser from PyRIGS.tests.base import create_browser
@@ -13,14 +15,12 @@ from RIGS import models
class UserRegistrationTest(LiveServerTestCase): class UserRegistrationTest(LiveServerTestCase):
def setUp(self): def setUp(self):
self.browser = create_browser() self.browser = create_browser()
self.browser.implicitly_wait(5) # Set implicit wait session wide
self.browser.implicitly_wait(3) # Set implicit wait session wide
os.environ['RECAPTCHA_TESTING'] = 'True'
def tearDown(self): def tearDown(self):
self.browser.quit() self.browser.quit()
os.environ['RECAPTCHA_TESTING'] = 'False'
@override_settings(DEBUG=True)
def test_registration(self): def test_registration(self):
# Navigate to the registration page # Navigate to the registration page
self.browser.get(self.live_server_url + '/user/register/') self.browser.get(self.live_server_url + '/user/register/')
@@ -61,9 +61,11 @@ class UserRegistrationTest(LiveServerTestCase):
last_name.send_keys('Smith') last_name.send_keys('Smith')
initials.send_keys('JS') initials.send_keys('JS')
# phone.send_keys('0123456789') # phone.send_keys('0123456789')
self.browser.execute_script( time.sleep(1)
"return function() {jQuery('#g-recaptcha-response').val('PASSED'); return 0}()") self.browser.switch_to.frame(self.browser.find_element_by_tag_name("iframe"))
self.browser.find_element_by_id('anchor').click()
self.browser.switch_to.default_content()
time.sleep(3)
# Submit incorrect form # Submit incorrect form
submit = self.browser.find_element_by_xpath("//input[@type='submit']") submit = self.browser.find_element_by_xpath("//input[@type='submit']")
submit.click() submit.click()
@@ -85,9 +87,6 @@ class UserRegistrationTest(LiveServerTestCase):
# Correct error # Correct error
password1.send_keys('correcthorsebatterystaple') password1.send_keys('correcthorsebatterystaple')
password2.send_keys('correcthorsebatterystaple') password2.send_keys('correcthorsebatterystaple')
self.browser.execute_script("console.log('Hello, world!')")
self.browser.execute_script(
"return function() {jQuery('#g-recaptcha-response').val('PASSED'); return 0}()")
# Submit again # Submit again
password2.send_keys(Keys.ENTER) password2.send_keys(Keys.ENTER)
@@ -126,8 +125,6 @@ class UserRegistrationTest(LiveServerTestCase):
# Expected to fail as not approved # Expected to fail as not approved
username.send_keys('TestUsername') username.send_keys('TestUsername')
password.send_keys('correcthorsebatterystaple') password.send_keys('correcthorsebatterystaple')
self.browser.execute_script(
"return function() {jQuery('#g-recaptcha-response').val('PASSED'); return 0}()")
password.send_keys(Keys.ENTER) password.send_keys(Keys.ENTER)
# Test approval # Test approval
@@ -149,8 +146,6 @@ class UserRegistrationTest(LiveServerTestCase):
username.send_keys('TestUsername') username.send_keys('TestUsername')
password = self.browser.find_element_by_id('id_password') password = self.browser.find_element_by_id('id_password')
password.send_keys('correcthorsebatterystaple') password.send_keys('correcthorsebatterystaple')
self.browser.execute_script(
"return function() {jQuery('#g-recaptcha-response').val('PASSED'); return 0}()")
password.send_keys(Keys.ENTER) password.send_keys(Keys.ENTER)
# Check we are logged in # Check we are logged in