accounts: Drop username check from StopForumSpam

This caused many false positives and I am not aware that
this has actually stopped any spammers from registering.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/src/backend/accounts.py b/src/backend/accounts.py
index cc849bc256802a3af0e86e92ea12ef9bad0b679e..ee7fca0870e4d3652c173e26f4a08ec19d1b9ae9 100644 (file)
--- a/src/backend/accounts.py
+++ b/src/backend/accounts.py
@@ -373,8 +373,8 @@ class Accounts(Object):
 
                return res.c or 0
 
-       async def check_spam(self, uid, email, address):
-               sfs = StopForumSpam(self.backend, uid, email, address)
+       async def check_spam(self, email, address):
+               sfs = StopForumSpam(self.backend, email, address)
 
                # Get spam score
                score = await sfs.check()
@@ -1168,8 +1168,8 @@ class Account(LDAPObject):
 
 
 class StopForumSpam(Object):
-       def init(self, uid, email, address):
-               self.uid, self.email, self.address = uid, email, address
+       def init(self, email, address):
+               self.email, self.address = email, address
 
        async def send_request(self, **kwargs):
                arguments = {
@@ -1201,18 +1201,6 @@ class StopForumSpam(Object):
 
                return confidence
 
-       async def check_username(self):
-               response = await self.send_request(username=self.uid)
-
-               try:
-                       confidence = response["username"]["confidence"]
-               except KeyError:
-                       confidence = 100
-
-               logging.debug("Confidence for %s: %s" % (self.uid, confidence))
-
-               return confidence
-
        async def check_email(self):
                response = await self.send_request(email=self.email)
 
@@ -1233,10 +1221,7 @@ class StopForumSpam(Object):
                        address and username and if those are on the database, we
                        will send the email address as well.
                """
-               confidences = [await self.check_address(), await self.check_username()]
-
-               if any((c < threshold for c in confidences)):
-                       confidences.append(await self.check_email())
+               confidences = [await self.check_address(), await self.check_email()]
 
                # Build a score based on the lowest confidence
                return 100 - min(confidences)

diff --git a/src/web/auth.py b/src/web/auth.py
index 2bb232c9cc68284f7e47ce05a79ac7128c365823..5594a6dd0f39ea253f2ca866fcf17ddf50cd0438 100644 (file)
--- a/src/web/auth.py
+++ b/src/web/auth.py
@@ -99,7 +99,7 @@ class RegisterHandler(CacheMixin, base.BaseHandler):
                last_name  = self.get_argument("last_name")
 
                # Check if this is a spam account
-               is_spam = await self.backend.accounts.check_spam(uid, email,
+               is_spam = await self.backend.accounts.check_spam(email,
                        address=self.get_remote_ip())
 
                if is_spam: