Skip to content

LG-12713: Remove reCAPTCHA checkbox fallback#10454

Merged
aduth merged 6 commits intomainfrom
aduth-recaptcha-checkbox-score-threshold
Apr 22, 2024
Merged

LG-12713: Remove reCAPTCHA checkbox fallback#10454
aduth merged 6 commits intomainfrom
aduth-recaptcha-checkbox-score-threshold

Conversation

@aduth
Copy link
Contributor

@aduth aduth commented Apr 17, 2024
edited
Loading

🎫 Ticket

LG-12713

🛠 Summary of changes

Removes the reCAPTCHA checkbox screen as a fallback when failing the invisible analysis, and replaces it with an error message informing the user that we cannot process their request.

📜 Testing Plan

Verify that you see an error message after submitting phone setup with a failing reCAPTCHA score:

Prerequisite: Configure score threshold in config/application.yml:

phone_recaptcha_score_threshold: 0.6
  1. Go to http://localhost:3000
  2. Sign in or create an account
  3. Add a phone as an MFA method (select phone during MFA selection in account creation, or choose "Add phone number" from account dashboard after signing in)
  4. Enter an international phone number (e.g. +610491570006)
  5. In "reCAPTCHA score: (0.0 - 1.0) Internal Only" debugger, enter a score below the configured threshold (0.4)
  6. Click "Send code"
  7. Observe error message (refer to screenshots below)

👀 Screenshots

Before After
image image

aduth added 3 commits April 17, 2024 13:58
@aduth
Subject reCAPTCHA checkbox assessment scores to score threshold
17a7f06
@aduth
LG-12713: Remove reCAPTCHA checkbox fallback
4be5692 
changelog: Internal, Spam Mitigation, Remove reCAPTCHA checkbox fallback for failed invisible assessment
@aduth
Remove unused subclass methods
9feb887
@aduth aduth requested a review from a team April 17, 2024 18:27
aduth
aduth commented Apr 17, 2024
View reviewed changes
config/application.yml.default
Comment on lines +271 to +272
recaptcha_site_key: ''
recaptcha_secret_key: ''
Copy link
Contributor Author

@aduth aduth Apr 17, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will need to make sure this renamed configuration is in place in all deployed environments before merging.

Copy link
Contributor

@zachmargolis zachmargolis Apr 18, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMO it would be easier to not rename the credentials

@aduth aduth marked this pull request as ready for review April 17, 2024 18:29
zachmargolis
zachmargolis approved these changes Apr 18, 2024
View reviewed changes
config/application.yml.default
Comment on lines +271 to +272
recaptcha_site_key: ''
recaptcha_secret_key: ''
Copy link
Contributor

@zachmargolis zachmargolis Apr 18, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMO it would be easier to not rename the credentials

zachmargolis
zachmargolis reviewed Apr 18, 2024
View reviewed changes
@aduth aduth merged commit 3fafe62 into main Apr 22, 2024
@aduth aduth deleted the aduth-recaptcha-checkbox-score-threshold branch April 22, 2024 15:45
@jmhooper jmhooper mentioned this pull request Apr 23, 2024
Merged
@aduth aduth mentioned this pull request Apr 29, 2024
Closed
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@zachmargolis zachmargolis zachmargolis approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@aduth @zachmargolis