app/validators/registration_form_time_validator.rb

# frozen_string_literal: true

class RegistrationFormTimeValidator < ActiveModel::Validator
  REGISTRATION_FORM_MIN_TIME = 3.seconds.freeze

  def validate(user)
    user.errors.add(:base, I18n.t('auth.too_fast')) if user.registration_form_time.present? && user.registration_form_time > REGISTRATION_FORM_MIN_TIME.ago
  end
end
Add honeypot fields and minimum fill-out time for sign-up form (#15276) * Add honeypot fields to limit non-specialized spam Add two honeypot fields: a fake website input and a fake password confirmation one. The label/placeholder/aria-label tells not to fill them, and they are hidden in CSS, so legitimate users should not fall into these. This should cut down on some non-Mastodon-specific spambots. * Require a 3 seconds delay before submitting the registration form * Fix tests * Move registration form time check to model validation * Give people a chance to clear the honeypot fields * Refactor honeypot translation strings Co-authored-by: Claire <claire.github-309c@sitedethib.com> 2020-12-10 06:27:26 +01:00			`# frozen_string_literal: true`

			`class RegistrationFormTimeValidator < ActiveModel::Validator`
			`REGISTRATION_FORM_MIN_TIME = 3.seconds.freeze`

			`def validate(user)`
			`user.errors.add(:base, I18n.t('auth.too_fast')) if user.registration_form_time.present? && user.registration_form_time > REGISTRATION_FORM_MIN_TIME.ago`
			`end`
			`end`