Module: Spamtrap::Controller::ActsAsMethods

Defined in:
lib/spamtrap/controller.rb

Instance Method Summary collapse

Instance Method Details

#spamtrap(honeypot = 'spamtrap', options = {}, &block) ⇒ Object



9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
# File 'lib/spamtrap/controller.rb', line 9

def spamtrap(honeypot = 'spamtrap', options = {}, &block)
  # Capture explicit per-call values; use sentinel so globals are read
  # at request time rather than at class definition time.
  nonce_opt   = options.key?(:nonce)         ? options.delete(:nonce)         : :global
  timeout_opt = options.key?(:nonce_timeout) ? options.delete(:nonce_timeout) : :global
  mutate_opt  = options.key?(:mutate)        ? options.delete(:mutate)        : :global

  before_action(options) do |controller|
    controller.instance_eval(&block) if block_given?
    controller.instance_eval do
      nonce_enabled  = nonce_opt   == :global ? Spamtrap.nonce         : nonce_opt
      nonce_timeout  = timeout_opt == :global ? Spamtrap.nonce_timeout : timeout_opt
      mutate_enabled = mutate_opt  == :global ? Spamtrap.mutate        : mutate_opt

      spamtrap_remap_params if mutate_enabled

      if params[honeypot].present?
        Rails.logger.warn "Spamtrap triggered by #{request.remote_ip}."
        head 200
      elsif nonce_enabled && !spamtrap_valid_nonce?(nonce_timeout)
        Rails.logger.warn "Spamtrap nonce invalid from #{request.remote_ip}."
        head 200
      end
    end
  end
end