Wraps the recaptcha-client library to provide a drop-in replacement for collective.captcha.
This package provides an integration of the reCAPTCHA service into Zope. ReCAPTCHA is a third-party CAPTCHA service provided by Google.
The API is based on collective.captcha and is provided via a “@@captcha” browser view, so these two packages can be swapped for each other relatively simply. Use collective.captcha if you need to not be dependent on an external service; use collective.recaptcha for a slightly better user experience.
Plone users interested in adding ReCAPTCHA in z3c.form forms will probably find interesting the package plone.formwidget.recaptcha.
To upgrade to collective.recaptcha 2.* (reCaptcha API V2), you need double check your keys because global keys are not supported in the V2 API, so you need to create a new key if you wish to use the V2 API.
Installation and Configuration
Simply make sure that the ZCML for this package is loaded. (You cannot configure this package at the same time as collective.captcha, because the ‘@@captcha’ browser view registration will conflict.)
You can use plone.app.registry in your profile to provide your configuration:
<registry> <records interface="collective.recaptcha.settings.IRecaptchaSettings"> <value key="public_key"></value> <value key="private_key"></value> </records> </registry>
You can insert a Recaptcha using the following TAL:
<tal:block tal:replace="structure context/@@captcha/image_tag"/>
You can verify Recaptcha input by testing the return value of:
Differences between this package’s API and collective.captcha
Because the simplest form of Recaptcha is rendered entirely via a remote call to the service, we couldn’t implement the ICaptchaView interface from collective.captcha exactly as it was defined there. Differences include:
* The image_tag method returns the HTML for the entire CAPTCHA widget, including text entry and audio link, not just the tag for the CAPTCHA image. * The audio_url method returns None * The verify method does not require the input parameter, as a standard form input name is used and the value can be found in the request. * There is an additional method, external, which simply returns True. This is a bit of a hack so that a template requiring captcha can adjust to the different semantics of the @@captcha view in this package as compared to collective.captcha.
- Updated bootstrap
- Updated the documentation
- Support Plone 5 without the need to pull in zope.formlib [ale-rt]
- Add install and uninstall profile and a controlpanel configlet [frapell]
- Google reCAPTCHA API v.2 [mamico]
- Fix the retrieval of config from the registry [mpeeters]
- Minor correction in interface name, in the README [frapell]
- Add Plone 4.3 compat [aclark4life]
- Add z3c.autoinclude entry point for automatic ZCML loading in Plone 3.3+. [WouterVH]
- Require the latest version of recaptcha-client, which has the correct HTTPS URL for the recaptcha service. [davisagli]
- Add support for Zope2.13: try to use five.formlib first. [toutpt]
- Register the @@captcha view using browser:page instead of browser:view, because I still fail to understand the latter and was breaking access from restricted python in Zope 2.12. [davisagli]
- Use the recaptcha settings from plone.formwidget.recaptcha if it is installed, since it overrides our recaptcha-settings view. [davisagli]
- Disallowed dependency on broken release of recaptcha-client (1.0.4). [davisagli]
- Fixed method signature for verify method so that the vestigial input parameter from collective.captcha’s ICaptchaView is no longer required. [davisagli]
- Added documentation. [davisagli]
- Correctly handle comma-delimited values in the HTTP_X_FORWARDED_FOR header. [davisagli]
- Added support for verifying the captcha multiple times within the same request. [davisagli]
- Added security declarations on the view methods so they can be called from restricted Python. [davisagli]
- Initial release