(Feature) fix issue #10 : prevent robots contibution

Signed-off-by: CapsLock <faimaison@legeox.net>

wifiwithme/apps/contribmap/decorators.py

@@ -0,0 +1,21 @@
+from django.http import HttpResponseForbidden
+from .forms import PublicContribForm
+
+
+def prevent_robots(field_name='human_field'):
+    """
+    this decorator returns a HTTP 403 Forbidden error on POST requests
+    if a given field has been set
+
+    Keyword arguments :
+    field_name -- the name of the field to search for (default 'human_field')
+    """
+    def _dec(func):
+        def _wrapped_func(request, *args, **kwargs):
+            if request.method == 'POST':
+                form = PublicContribForm(request.POST)
+                if form.data[field_name]:
+                    return HttpResponseForbidden()
+            return func(request, *args, **kwargs)
+        return _wrapped_func
+    return _dec

wifiwithme/apps/contribmap/forms.py

@@ -16,6 +16,8 @@ ORIENTATIONS = (
 
 
 class PublicContribForm(forms.ModelForm):
+    human_field = forms.CharField(required=False, widget=forms.HiddenInput)
+
     class Meta:
         model = Contrib
 

wifiwithme/apps/contribmap/templates/contribmap/wifi-form.html

@@ -184,6 +184,7 @@ pourraient être intéressantes.
 
 
     <h2>Mes données</h2>
+    {{ form.human_field|formcontrol }}
 
     <p class="help-block">
 Les données collectées dans ce formulaire sont accessibles

wifiwithme/apps/contribmap/views.py

@@ -6,16 +6,18 @@ from django.http import JsonResponse, HttpResponseForbidden
 from django.shortcuts import render, redirect
 from django.template.loader import get_template
 from django.views.generic import View
-
 from .forms import PublicContribForm
 from .models import Contrib
+from .decorators import prevent_robots
 
 
+@prevent_robots()
 def add_contrib(request):
     if request.method == 'GET':
         form = PublicContribForm()
     elif request.method == 'POST':
         form = PublicContribForm(request.POST)
+
         if form.is_valid():
             contrib = form.save()