Disable reports from anonymous users

This commit is contained in:
rubenwardy 2022-06-13 17:10:07 +01:00
parent f5643173a8
commit 5bd6ab7611
2 changed files with 20 additions and 3 deletions

@ -43,8 +43,8 @@ def report():
if url: if url:
url = abs_url_samesite(url) url = abs_url_samesite(url)
form = ReportForm(formdata=request.form) form = ReportForm(formdata=request.form) if current_user.is_authenticated else None
if form.validate_on_submit(): if form and form.validate_on_submit():
if current_user.is_authenticated: if current_user.is_authenticated:
user_info = f"{current_user.username}" user_info = f"{current_user.username}"
else: else:

@ -6,9 +6,23 @@
{% block content %} {% block content %}
{% from "macros/forms.html" import render_field, render_submit_field, render_checkbox_field %}
<h1>{{ _("Report") }}</h1> <h1>{{ _("Report") }}</h1>
{% if not form %}
<p>
{{ _("Due to spam, we no longer accept reports from anonymous users on this form.") }}
{{ _("Please sign in or contact the admin in another way") }}
</p>
<p>
<a href="{{ _('users.login') }}" class="btn btn-primary mr-2">Login</a>
<a href="https://rubenwardy.com/contact/" class="btn btn-secondary">Contact the admin</a>
</p>
{% else %}
{% from "macros/forms.html" import render_field, render_submit_field, render_checkbox_field %}
<form method="POST" action="" enctype="multipart/form-data"> <form method="POST" action="" enctype="multipart/form-data">
{{ form.hidden_tag() }} {{ form.hidden_tag() }}
{% if url %} {% if url %}
@ -17,6 +31,7 @@
</p> </p>
{% endif %} {% endif %}
{{ render_field(form.message, hint=_("What are you reporting? Why are you reporting it?")) }} {{ render_field(form.message, hint=_("What are you reporting? Why are you reporting it?")) }}
{{ render_field(form.not_a_request) }}
{{ render_submit_field(form.submit) }} {{ render_submit_field(form.submit) }}
<p class="mt-5 text-muted"> <p class="mt-5 text-muted">
@ -30,4 +45,6 @@
</p> </p>
</form> </form>
{% endif %}
{% endblock %} {% endblock %}