Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Only require captcha if threshold rate is exceeded #2638

Merged
merged 2 commits into from
Oct 2, 2024
Merged

Only require captcha if threshold rate is exceeded #2638

merged 2 commits into from
Oct 2, 2024

Conversation

frederikrothenberger
Copy link
Member

@frederikrothenberger frederikrothenberger commented Oct 2, 2024
edited by github-actions bot
Loading

This PR enables the dynamic captcha feature: I.e. if the captcha is configured to be dynamic and the configured threshold has been exceeded, then require a captcha to be solved. Otherwise skip the captcha entirely.

@frederikrothenberger
Only require captcha if threshold rate is exceeded
094381b 
This PR enables the dynamic captcha feature: I.e. if the captcha is
configured to be dynamic _and_ the configured threshold has been exceeded,
then require a captcha to be solved. Otherwise skip the captcha entirely.
@frederikrothenberger frederikrothenberger requested a review from a team as a code owner October 2, 2024 10:10
lmuntaner
lmuntaner approved these changes Oct 2, 2024
View reviewed changes
Copy link
Collaborator

@lmuntaner lmuntaner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few comments, already approving.

src/internet_identity/src/anchor_management/registration/registration_flow_v2.rs Outdated
@@ -38,17 +52,40 @@ pub async fn identity_registration_start() -> Result<IdRegNextStepResult, IdRegS
return Err(IdRegStartError::InvalidCaller);
}

let (captcha_png_base64, flow_state) = captcha_flow_state(time()).await;
let flow_state = match captcha_required() {
true => captcha_flow_state(time()).await.1,
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does it make sense to create a let now = time(); variable? Or there is no need?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, yes. Thanks.

src/internet_identity/tests/integration/v2_api/identity_register/dynamic_captcha.rs
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why did you created the new identity_register directory? Are there any best practices on how to split this? WHy not v2_api/dynamic_captcha_register?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I did it because the dynamic captcha is a subset of the whole identity registration tests. But I can also flatten the structure if you prefer.

src/internet_identity/tests/integration/v2_api/identity_register/dynamic_captcha.rs Outdated
// Double the rate of registrations to one per second
// The 20% threshold rate should allow 5 registrations before the captcha kicks in
let flow_principal = test_principal(0);
for _ in 0..5 {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why don't you use create_identity_with_authn_method here?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Because the create_identity_with_authn_method helper works with or without captcha. And I need to assert here that the captcha is not required.

src/internet_identity/tests/integration/v2_api/identity_register/dynamic_captcha.rs Outdated

// Double the rate of registrations to one per second
// The 20% threshold rate should allow 5 registrations before the captcha kicks in
let flow_principal = test_principal(0);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It doesn't matter that the principal for the registration is the same?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If all previous flows are completed, then it does not matter (because flows are cleaned up on finish). But you're right, it's cleaner to use different ones.

@frederikrothenberger frederikrothenberger added this pull request to the merge queue Oct 2, 2024
Merged via the queue into main with commit ee07a98 Oct 2, 2024
66 checks passed
@frederikrothenberger frederikrothenberger deleted the frederik/dynamic-captcha branch October 2, 2024 12:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lmuntaner lmuntaner lmuntaner approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@frederikrothenberger @lmuntaner