Skip to main content

Django hCaptcha provides a simple way to protect your django forms using hCaptcha

Project description

Django hCaptcha provides a simple way to protect your django forms using hCaptcha.

Configuration

Add “hcaptcha” to your INSTALLED_APPS setting like this:

INSTALLED_APPS = [
    ...
    'hcaptcha',
]

For development purposes no further configuration is required. By default, django-hCaptcha will use dummy keys.

For production, you’ll need to obtain your hCaptcha site key and secret key and add them to you settings:

HCAPTCHA_SITEKEY = '<your sitekey>'
HCAPTCHA_SECRET = '<your secret key>'

You can also configure your hCaptcha widget globally (see all options):

HCAPTCHA_DEFAULT_CONFIG = {
    'onload': 'name_of_js_function',
    'render': 'explicit',
    'theme': 'dark',  # do not use data- prefix
    'size': 'compact',  # do not use data- prefix
    ...
}

If you need to, you can also override default hcaptcha endpoints:

HCAPTCHA_JS_API_URL = 'https://hcaptcha.com/1/api.js'
HCAPTCHA_VERIFY_URL = 'https://hcaptcha.com/siteverify'

Use proxies:

HCAPTCHA_PROXIES = {
   'http': 'http://127.0.0.1:8000',
}

Change default verification timeout:

HCAPTCHA_TIMEOUT = 5

Usage

Simply add hCaptchaField to your forms:

from hcaptcha.fields import hCaptchaField

class Forms(forms.Form):
    ....
    hcaptcha = hCaptchaField()
    ....

In your template, if you need to, you can then use {{ form.hcaptcha }} to access the field.

You can override default config by passing additional arguments:

class Forms(forms.Form):
    ....
    hcaptcha = hCaptchaField(theme='dark', size='compact')
    ....

How it Works

When a form is submitted by a user, hCaptcha’s JavaScript will send two POST parameters to your backend, g-captcha-resposne and h-captcha-response. These will be received by your app and will be used to complete the hcaptcha form field in your backend code.

When your app receives these two values, the following will happen:

  • Your backend will send these values to the hCaptcha servers

  • Their servers will indicate whether the values in the fields are correct

  • If so, your hcaptcha form field will validate correctly

Unit Tests

You will need to disable the hCaptcha field in your unit tests, since your tests obviously cannot complete the hCaptcha successfully. One way to do so might be something like:

from unittest.mock import MagicMock, patch

from django.test import TestCase

@patch("hcaptcha.fields.hCaptchaField.validate", return_value=True)
class ContactTest(TestCase):
    test_msg = {
        "name": "pandora",
        "message": "xyz",
        "hcaptcha": "xxx",  # Any truthy value is fine
    }

    def test_something(self, mock: MagicMock) -> None:
        response = self.client.post("/contact/", self.test_msg)
        self.assertEqual(response.status_code, HTTP_302_FOUND)

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django-hCaptcha-0.2.0.tar.gz (5.5 kB view details)

Uploaded Source

Built Distribution

django_hCaptcha-0.2.0-py3-none-any.whl (6.5 kB view details)

Uploaded Python 3

File details

Details for the file django-hCaptcha-0.2.0.tar.gz.

File metadata

  • Download URL: django-hCaptcha-0.2.0.tar.gz
  • Upload date:
  • Size: 5.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.7.1 importlib_metadata/4.10.0 pkginfo/1.8.2 requests/2.27.1 requests-toolbelt/0.9.1 tqdm/4.62.3 CPython/3.9.5

File hashes

Hashes for django-hCaptcha-0.2.0.tar.gz
Algorithm Hash digest
SHA256 b2519eaf0cc97865ac72f825301122c5cf61e1e4852d6895994160222acb6c1a
MD5 310f8a166dd5ca8d429f9fab48956095
BLAKE2b-256 84b160a4d048297ab0b1a692f27f35a45dec2b45ce79264b49c59f898c9c310b

See more details on using hashes here.

File details

Details for the file django_hCaptcha-0.2.0-py3-none-any.whl.

File metadata

  • Download URL: django_hCaptcha-0.2.0-py3-none-any.whl
  • Upload date:
  • Size: 6.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.7.1 importlib_metadata/4.10.0 pkginfo/1.8.2 requests/2.27.1 requests-toolbelt/0.9.1 tqdm/4.62.3 CPython/3.9.5

File hashes

Hashes for django_hCaptcha-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 18804fb38a01827b6c65d111bac31265c1b96fcf52d7a54c3e2d2cb1c62ddcde
MD5 9727d3cceecbc8dfc5599bff3fca0d4b
BLAKE2b-256 d72f70ac35000d3bb6e69f12a9cd76c70d1ce3ed6ec86d70a76f5e0b5d49d0d0

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page