Rails 4 Strong Params about invisible_captcha HOT 5 CLOSED

Do you use Model (attribute validation in the model) style or Controller (with before_filter) style implementation?

• Model: you need to keep attribute (:subtitle for example) to the attributes hash, so you need to permit the attribute (example: params.require(:topic).permit(:subtitle)).
• Controller: you need to call before_filter :check_invisible_captcha before any other before_filter in order to perform the invisible_captcha validation with expected parameters and values, so you just need to not change the params hash.

If you can provide a little more information of your implementation case or a sample code, I can probably be more specific.

Anyway, documentation needs an update about strong_parameters 👍

from invisible_captcha.

Sorry, I used the controller style. In your model style above, I take it 'subtitle' is the honeypot attribute? it seems like that would be better for me anyway, if I can set my own attr name via model style .

from invisible_captcha.

Yes, :subtitle is the honeypot. For example (class Topic):

Model style:

In your form:

<%= form_for(@topic) do |f| %>
  <%= f.invisible_captcha :subtitle %>
<% end %>

In your model:

class Topic < ActiveRecord::Base
  attr_accessor :subtitle # virtual attribute, honeypot
  validates :subtitle, :invisible_captcha => true
end

In your contoller permit the param: params.require(:topic).permit(:subtitle).

Controller style:

In your form:

<%= form_for(@topic) do |f| %>
  <%= invisible_captcha %>
<% end %>

In your controller add:
before_filter :check_invisible_captcha

Controller style (resource oriented):

In your form:

<%= form_for(@topic) do |f| %>
  <%= f.invisible_captcha :subtitle %>
<% end %>

In your controller:

def create
  if invisible_captcha?(:topic, :subtitle)
    head 200 # or redirect_to new_topic_path
  else
    # regular workflow
  end
end

I think these examples enhance the current documentation. I'll do an update soon.

from invisible_captcha.

They really do! Thanks for picking this project up!

Jarrett Green
CHIEF PRODUCT DEVELOPMENT OFFICER

tel. 316-927-2668
www. balancedcomp.com
tw. @balancedcomp

BalancedComp

Accurate. Tailored. Balanced.

On Wed, Nov 20, 2013 at 5:44 PM, Marc Anguera Insa <[email protected]

wrote:

Yes, :subtitle is the honeypot. For example (class Topic):

Model style:

In your form:

<%= form_for(@topic) do |f| %>
<%= f.invisible_captcha :subtitle %>
<% end %>

In your model:

class Activity < ActiveRecord::Base
attr_accessor :subtitle # virtual attribute, honeypot
validates :subtitle, :invisible_captcha => true
end

In your contoller permit the param:
params.require(:topic).permit(:subtitle).

Controller style:

In your form:

<%= form_for(@topic) do |f| %>
<%= invisible_captcha %>
<% end %>

In your controller add:
before_filter :check_invisible_captcha

Controller style (resource oriented):

In your form:

<%= form_for(@topic) do |f| %>
<%= f.invisible_captcha :subtitle %>
<% end %>

In your controller:

def create
if invisible_captcha?(:topic, :subtitle)
head 200 # or redirect_to new_topic_path
else
# regular workflow
end
end

I think these examples enhance the current documentation. I'll do an
update soon.

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/1#issuecomment-28944551
.

from invisible_captcha.

You're welcome @balancedcomp. Stars are appreciated 😃

I'll keep issue open until I can update documentation.

from invisible_captcha.