Modified the captcha to read secret key from file.

Also changed the keys for the recaptcha due to their accidental
committal earlier.

rsstory/archive_fails.pt

@@ -38,7 +38,7 @@
               </td>
             </tr>
           </table>
-            <div class="g-recaptcha" data-sitekey="6LcHZQsTAAAAAG1MSHuQpKKvtx4D_o8FYt2VfSFq"></div>
+            <div class="g-recaptcha" data-sitekey="6LcnlgsTAAAAAGmVA_COh_S6FDDtnEUJY9aL8Ulf"></div>
           <button type="button" id="submit">
             Report
           </button>

rsstory/index.pt

@@ -55,7 +55,7 @@
               </td>
             </tr>
           </table>
-            <div class="g-recaptcha" data-sitekey="6LcHZQsTAAAAAG1MSHuQpKKvtx4D_o8FYt2VfSFq"></div>
+            <div class="g-recaptcha" data-sitekey="6LcnlgsTAAAAAGmVA_COh_S6FDDtnEUJY9aL8Ulf"></div>
           <button type="button" id="submit">
             Submit
           </button>

rsstory/rss.py

@@ -63,9 +63,16 @@ def write_preview_feed(rss_items, url, title, feed_id):
     return fname
 
 def archive_to_rss(url, time_between_posts, title, recaptcha_answer, ip):
-    #TODO: do NOT push until the secret key is hidden in a config file!
     log.info("Beginning archive_to_rss()")
-    captcha_response = submit(remote_ip=ip, secret_key="6LcHZQsTAAAAALNHKDDOht1UXok-vnY4KJE13RGJ", response=recaptcha_answer)
+    key = ""
+    try:
+        with open(os.path.join(os.path.abspath(os.path.dirname(__file__)), 'secret', 'recaptcha_key_secret.key'), 'r') as f:
+            key = f.readline()
+    except:
+        log.error("The file containing the secret key was not located")
+        return (False, False)
+
+    captcha_response = submit(remote_ip=ip, secret_key=key, response=recaptcha_answer)
     log.debug("recaptcha_answer is: {}".format(recaptcha_answer))
     if captcha_response.is_valid:
         log.info("Captcha response verified as valid")
@@ -95,12 +102,19 @@ def archive_to_rss(url, time_between_posts, title, recaptcha_answer, ip):
         return (rss_feed_filename, preview_feed_filename)
     else:
         log.error("Invalid captcha entered")
-        raise Exception('Invalid captcha')
-        return
+        return (False, False)
 
 def report_archive_fail(url, comments, ip, recaptcha_answer):
     log.info("Beginning report_archive_fail")
-    captcha_response = submit(remote_ip=ip, secret_key="6LcHZQsTAAAAALNHKDDOht1UXok-vnY4KJE13RGJ", response=recaptcha_answer)
+    key = ""
+    try:
+        with open(os.path.join(os.path.abspath(os.path.dirname(__file__)), 'secret', 'recaptcha_key_secret.key'), 'r') as f:
+            key = f.readline()
+    except:
+        log.error("The file containing the secret key was not located")
+        return False
+
+    captcha_response = submit(remote_ip=ip, secret_key=key, response=recaptcha_answer)
     log.debug("recaptcha_answer is: {}".format(recaptcha_answer))
     if captcha_response.is_valid:
         log.info("Captcha response verified as valid")

rsstory/views.py

@@ -14,6 +14,8 @@ def feed(request):
     if request.json_body['url'] == '':
         return {"rss": "Error"}
     xml_feed, preview_page = rss.archive_to_rss(request.json_body['url'], request.json_body['time'], request.json_body['title'], request.json_body['captcha'], request.remote_addr)
+    if xml_feed == False and preview_page == False:
+        return {"rss": "Error"}
     return {"rss": "/static/feeds/" + xml_feed + ".xml", "preview": "/static/previews/" + preview_page}
 
 @view_config(route_name='archive_fails', renderer='archive_fails.pt')