A Cloudflare Turnstile extension for Flask based on flask-recaptcha

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for Tech1k from gravatar.com Tech1k

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: Kristian
  • Tags flask , turnstile , captcha , cloudflare , validate
  • Requires: Python >=3.9
  • Provides-Extra: test
Classifiers
Report project as malware

Project description

Flask-Turnstile

Latest version released on PyPi PyPi monthly downloads License: MIT

A Cloudflare Turnstile extension for Flask based on flask-recaptcha.

Install

pip install flask-turnstile

Usage

Implementation view.py

from flask import Flask
from flask_turnstile import Turnstile

app = Flask(__name__)
turnstile = Turnstile(app=app)

#or 

turnstile = Turnstile()
turnstile.init_app(app)

In your template: {{ turnstile }}

Inside of the form you want to protect, include the tag: {{ turnstile }}

It will insert the code automatically

<form method="post" action="/submit">
    ... your field
    ... your field

    {{ turnstile }}

    [submit button]
</form>

Verify the captcha

In the view that's going to validate the captcha

from flask import Flask
from flask_turnstile import Turnstile

app = Flask(__name__)
turnstile = Turnstile(app=app)

@app.route("/submit", methods=["POST"])
def submit():

    if turnstile.verify():
        # SUCCESS
        pass
    else:
        # FAILED
        pass

Api

turnstile.init(app, site_key, secret_key, is_enabled=True)

turnstile.get_code()

Returns the HTML code to implement. But you can use {{ turnstile }} directly in your template

turnstile.verify()

Returns bool

turnstile.get_response()

Returns Cloudflare's raw siteverify response as a dict, including success and, on failure, error-codes (plus challenge_ts and hostname when provided). Returns an empty dict when validation is disabled or the request fails. Useful for logging the reason a challenge was rejected:

result = turnstile.get_response()
if not result.get("success"):
    app.logger.warning("Turnstile failed: %s", result.get("error-codes"))

In Template

Just include {{ turnstile }} wherever you want to show the captcha

Config

Flask-Turnstile is configured through the standard Flask config API. These are the available options:

TURNSTILE_ENABLED: Bool - True by default, when False it will bypass validation

TURNSTILE_SITE_KEY : Public key

TURNSTILE_SECRET_KEY: Private key

The following are Optional arguments.

TURNSTILE_ENABLED = True
TURNSTILE_SITE_KEY = ""
TURNSTILE_SECRET_KEY = ""

Widget options

Any of the Cloudflare Turnstile widget options can be set, either through Flask config as TURNSTILE_<OPTION> or as a keyword argument to Turnstile(...). Each is rendered as the matching data-* attribute on the widget. When an option is left unset it is omitted entirely (so Cloudflare's default applies, e.g. theme follows the visitor's system preference).

Flask config Constructor kwarg Rendered attribute Common values
TURNSTILE_THEME theme data-theme auto, light, dark
TURNSTILE_SIZE size data-size normal, flexible, compact
TURNSTILE_LANGUAGE language data-language auto, ISO code (e.g. en, es)
TURNSTILE_APPEARANCE appearance data-appearance always, execute, interaction-only
TURNSTILE_ACTION action data-action string (max 32 chars)
TURNSTILE_CDATA cdata data-cdata string (max 255 chars)
TURNSTILE_TABINDEX tabindex data-tabindex integer
TURNSTILE_RETRY retry data-retry auto, never
TURNSTILE_RETRY_INTERVAL retry_interval data-retry-interval ms (default 8000)
TURNSTILE_REFRESH_EXPIRED refresh_expired data-refresh-expired auto, manual, never
TURNSTILE_REFRESH_TIMEOUT refresh_timeout data-refresh-timeout auto, manual, never
TURNSTILE_EXECUTION execution data-execution render, execute
TURNSTILE_RESPONSE_FIELD response_field data-response-field bool
TURNSTILE_RESPONSE_FIELD_NAME response_field_name data-response-field-name string
TURNSTILE_FEEDBACK_ENABLED feedback_enabled data-feedback-enabled bool
TURNSTILE_CALLBACK callback data-callback JS function name
TURNSTILE_ERROR_CALLBACK error_callback data-error-callback JS function name
TURNSTILE_EXPIRED_CALLBACK expired_callback data-expired-callback JS function name
TURNSTILE_TIMEOUT_CALLBACK timeout_callback data-timeout-callback JS function name
TURNSTILE_BEFORE_INTERACTIVE_CALLBACK before_interactive_callback data-before-interactive-callback JS function name
TURNSTILE_AFTER_INTERACTIVE_CALLBACK after_interactive_callback data-after-interactive-callback JS function name
TURNSTILE_UNSUPPORTED_CALLBACK unsupported_callback data-unsupported-callback JS function name

Example:

TURNSTILE_THEME = "dark"
TURNSTILE_SIZE = "flexible"

(c) 2015 Mardix (c) 2023-2026 Kristian

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for Tech1k from gravatar.com Tech1k

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: Kristian
  • Tags flask , turnstile , captcha , cloudflare , validate
  • Requires: Python >=3.9
  • Provides-Extra: test
Classifiers

Release history Release notifications | RSS feed

This version

0.2.0

0.1.1

0.1.0 yanked

Reason this release was yanked:

Broken - please use the latest version which is fixed

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

flask_turnstile-0.2.0.tar.gz (6.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

flask_turnstile-0.2.0-py3-none-any.whl (6.5 kB view details)

Uploaded Python 3

File details

Details for the file flask_turnstile-0.2.0.tar.gz.

File metadata

  • Download URL: flask_turnstile-0.2.0.tar.gz
  • Upload date:
  • Size: 6.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for flask_turnstile-0.2.0.tar.gz
Algorithm Hash digest
SHA256 e8e4cf22187e55049675a0e9607c1b9823b5b222b6d4f0825e97dfcf634d0a88
MD5 9f9e15e5bdbcfea8c5083147dcf31977
BLAKE2b-256 1304ed96e780c7d4a1b5ea3ceefaaa10f850149a08b4ba6227e0a58448872201

See more details on using hashes here.

Provenance

The following attestation bundles were made for flask_turnstile-0.2.0.tar.gz:

Publisher: python-publish.yml on Tech1k/flask-turnstile

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file flask_turnstile-0.2.0-py3-none-any.whl.

File metadata

File hashes

Hashes for flask_turnstile-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 4ea676c2d317fc10689b7d9d0c062945510d253fda64993354fe78206e2ab1be
MD5 70532b372a8216376a435b4d8955c418
BLAKE2b-256 b023cee94036efe279e15c63fe36f2eeca0d4162a215a84c231fbf7ebed4068b

See more details on using hashes here.

Provenance

The following attestation bundles were made for flask_turnstile-0.2.0-py3-none-any.whl:

Publisher: python-publish.yml on Tech1k/flask-turnstile

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page