Added Captcha stuff

doc/source/captcha_service/configuration_of_a_new_site.rst

@@ -0,0 +1,9 @@
+===========================
+Configuration of a new Site
+===========================
+
+Getting Started
+---------------
+
+Configuration Options
+---------------------

doc/source/captcha_service/getting_access.rst

@@ -0,0 +1,19 @@
+=====================================
+Getting Access to the Captcha Service
+=====================================
+
+.. note::
+    Due to a current issue with mCaptcha we can't provide unqiue accounts yet and will instead provide only the required keys for setting up your captcha solution.
+
+If you need a captcha solution for one of your webpages please contact the Ecosystem Squad by writing an E-Mail to: `DL OTC Ecosystem Squad <mailto:otc_ecosystem_squad@t-systems.com>`
+Please state the following:
+
+1. Your application name
+
+.. tip::
+    For example a contact formular can take ~5s for a client to solve to prevent a lot of spam, while just checking before redirecting to a webpage should be done in less than 1s.
+
+2. Desired Average Solving time.
+
+We will provide you with a public sitekey which you will need to integrate the captcha access as well as a secret key which your backend needs for verifying whether the captcha was solved or not.
+

doc/source/captcha_service/index.rst

@@ -0,0 +1,30 @@
+===============================================
+Ecosystem Captcha Service - Powered by mCaptcha
+===============================================
+
+.. toctree::
+    :maxdepth: 1
+
+    getting_access
+    configuration_of_a_new_site
+
+General informations
+--------------------
+
+The Captcha Service is powered by mCaptcha, the used source can be found here: https://github.com/opentelekomcloud-infra/mCaptcha.
+
+If you have any issues with the service feel free to open an issue there. If it's not related to our infrastructure we will either do an upstream fix or open an upstream issue.
+
+The privacy policy can be found here: https://mcaptcha.org/privacy-policy.
+In addition to that the whole Captcha server is hosted on OTC, so no user traffic or telemetry will leave our infrastructure.
+
+How it works
+------------
+
+Compared to classic Captcha Solutions like Google's Recaptcha this service does not have any image challenges, audio challenges or any Cookie tracking.
+Instead it is using a proof-of-work solution. Each user will get a small puzzle which the browser needs to solve. This works by using WebAssembly to compute the solution using the CPU of the device from the client.
+Typically this will not take longer than around one second, although this time can be modified in the settings of mCaptcha for each unique site. In case there will be lots of traffic the puzzle will get more complex and the time for solving it will increase.
+This effectively makes attacks from outside very hard to impossible as they would need a lot of compute power to break the Captcha. 
+ReCaptcha works in the same way, if you solve a lot of Captchas they will get harder and harder, just that you need to click on more and more pictures there instead of solving mathematical puzzles with compute power.
+
+For more information on how to configure mCaptcha head over to `Configuration of a new Site <configuration_of_a_new_site>`

doc/source/index.rst

@@ -6,6 +6,7 @@ Internal Documentation
    :maxdepth: 1
 
    APImon <apimon/index>
+   Captcha Service <captcha_service/index>
    Status Dashboard <status_dashboard/index>
    Helpcenter <helpcenter/index>
    Circle Partner Navigator <cpn/index>