Add support for recaptcha during the create account flow

If the feature is enabled and recaptcha keys are given in config, then a recaptcha box is displayed in the UI when creating a user and a recaptcha response code *must* be sent with the create API call for it to succeed.

test/test_api_usage.py

@@ -9,6 +9,7 @@ import json as py_json
 
 from contextlib import contextmanager
 from calendar import timegm
+from httmock import urlmatch, HTTMock, all_requests
 from StringIO import StringIO
 from urllib import urlencode
 from urlparse import urlparse, urlunparse, parse_qs
@@ -665,6 +666,29 @@ class TestCreateNewUser(ApiTestCase):
     data = self.postJsonResponse(User, data=NEW_USER_DETAILS, expected_code=200)
     self.assertEquals(True, data['awaiting_verification'])
 
+  def test_createuser_captcha(self):
+    @urlmatch(netloc=r'(.*\.)?google.com', path='/recaptcha/api/siteverify')
+    def captcha_endpoint(url, request):
+      if url.query.find('response=somecode') > 0:
+        return {'status_code': 200, 'content': py_json.dumps({'success': True})}
+      else:
+        return {'status_code': 400, 'content': py_json.dumps({'success': False})}
+
+    with HTTMock(captcha_endpoint):
+      with self.toggleFeature('RECAPTCHA', True):
+        # Try with a missing captcha.
+        self.postResponse(User, data=NEW_USER_DETAILS, expected_code=400)
+
+        # Try with an invalid captcha.
+        details = dict(NEW_USER_DETAILS)
+        details['recaptcha_response'] = 'someinvalidcode'
+        self.postResponse(User, data=details, expected_code=400)
+
+        # Try with a valid captcha.
+        details = dict(NEW_USER_DETAILS)
+        details['recaptcha_response'] = 'somecode'
+        self.postResponse(User, data=details, expected_code=200)
+
   def test_createuser_withteaminvite(self):
     inviter = model.user.get_user(ADMIN_ACCESS_USER)
     team = model.team.get_organization_team(ORGANIZATION, 'owners')