86 lines
3.0 KiB
Python
86 lines
3.0 KiB
Python
"""
|
|
Project: PARTS Website
|
|
Author: Edward Middleton-Smith
|
|
Precision And Research Technology Systems Limited
|
|
|
|
Technology: Backend
|
|
Feature: Contact Us Form
|
|
|
|
Description:
|
|
Defines Flask-WTF form for handling user input on Contact Us page.
|
|
"""
|
|
|
|
# IMPORTS
|
|
# internal
|
|
# from business_objects.store.product_category import Filters_Product_Category # circular
|
|
# from models.model_view_store import Model_View_Store # circular
|
|
from forms.base import Form_Base
|
|
# external
|
|
from flask import Flask, render_template, request, flash, redirect, url_for, current_app
|
|
from flask_wtf import FlaskForm
|
|
from wtforms import StringField, TextAreaField, SubmitField, HiddenField, BooleanField
|
|
from wtforms.validators import DataRequired, Email, ValidationError
|
|
from flask_wtf.recaptcha import RecaptchaField
|
|
from abc import ABCMeta, abstractmethod
|
|
import requests
|
|
import json
|
|
import hmac
|
|
import hashlib
|
|
import base64
|
|
import urllib.parse
|
|
|
|
"""
|
|
def validate_altcha(form, field):
|
|
if not field.data:
|
|
raise ValidationError('Please complete the ALTCHA challenge')
|
|
|
|
try:
|
|
# Decode the base64-encoded payload
|
|
payload_json = base64.b64decode(field.data).decode('utf-8')
|
|
payload = json.loads(payload_json)
|
|
|
|
# Verify ALTCHA response
|
|
if not payload.get('verified', False):
|
|
raise ValidationError('ALTCHA verification failed')
|
|
|
|
# Verify signature
|
|
verification_data = payload.get('verificationData', '')
|
|
received_signature = payload.get('signature', '')
|
|
algorithm = payload.get('algorithm', 'SHA-256')
|
|
|
|
# Calculate the hash of verification data
|
|
verification_hash = hashlib.sha256(verification_data.encode()).digest()
|
|
|
|
# Calculate HMAC signature
|
|
hmac_key = current_app.config['ALTCHA_SECRET_KEY'].encode()
|
|
calculated_signature = hmac.new(
|
|
hmac_key,
|
|
verification_hash,
|
|
getattr(hashlib, algorithm.lower().replace('-', ''))
|
|
).hexdigest()
|
|
|
|
if calculated_signature != received_signature:
|
|
raise ValidationError('Invalid ALTCHA signature')
|
|
|
|
# Optional: If using the spam filter, you could parse verification_data
|
|
# and reject submissions classified as spam
|
|
# Example:
|
|
parsed_data = dict(urllib.parse.parse_qsl(verification_data))
|
|
if parsed_data.get('classification') == 'BAD':
|
|
raise ValidationError('This submission was classified as spam')
|
|
|
|
except Exception as e:
|
|
current_app.logger.error(f"ALTCHA validation error: {str(e)}")
|
|
raise ValidationError('ALTCHA validation failed')
|
|
"""
|
|
|
|
class Form_Contact(FlaskForm):
|
|
email = StringField('Email')
|
|
contact_name = StringField('Name')
|
|
company_name = StringField('Company')
|
|
message = TextAreaField('Message')
|
|
receive_marketing = BooleanField('I would like to receive marketing emails.')
|
|
# recaptcha = RecaptchaField()
|
|
altcha = HiddenField('ALTCHA') # , validators=[validate_altcha]
|
|
submit = SubmitField('Send Message')
|