django-recaptcha 1.0.6

Django recaptcha form field/widget app.

Django reCAPTCHA

Django reCAPTCHA form field/widget integration app.

Contents

• Django reCAPTCHA

  • Requirements

  • Installation

  • Usage

    • Field

    • Unit Testing

    • AJAX

  • Credits

• Authors

  • Praekelt Foundation

  • bTaylor Design

  • Other

• Changelog

  • Pending

  • 1.0.6 (2016-10-05)

  • 1.0.5 (2016-01-04)

  • 1.0.4 (2015-04-16)

  • 1.0.3 (2015-01-13)

  • 1.0.2 (2014-09-16)

  • 1.0.1 (2014-09-11)

  • 1.0 (2014-04-23)

  • 0.0.9 (2014-02-14)

  • 0.0.8 (2014-02-13)

  • 0.0.7 (2014-02-12)

  • 0.0.6 (2013-01-31)

  • 0.0.5 (2013-01-17)

  • 0.0.4

  • 0.0.3 (2011-09-20)

  • 0.0.2 (2011-08-10)

  • 0.0.1 (2010-06-17)

django-recaptcha uses a modified version of the Python reCAPTCHA client which is included in the package as client.py.

Requirements

Tested with:

• Python: 2.7, 3.4, 3.5

• Django: 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10

Installation

1. Install or add django-recaptcha to your Python path.

2. Add captcha to your INSTALLED_APPS setting.

3. Add a RECAPTCHA_PUBLIC_KEY setting to the project’s settings.py file. This is your public API key as provided by reCAPTCHA, i.e.:

   RECAPTCHA_PUBLIC_KEY = '76wtgdfsjhsydt7r5FFGFhgsdfytd656sad75fgh'

   This can be seperately specified at runtime by passing a public_key parameter when constructing the ReCaptchaField, see field usage below.

4. Add a RECAPTCHA_PRIVATE_KEY setting to the project’s settings.py file. This is your private API key as provided by reCAPTCHA, i.e.:

   RECAPTCHA_PRIVATE_KEY = '98dfg6df7g56df6gdfgdfg65JHJH656565GFGFGs'

   This can be seperately specified at runtime by passing a private_key parameter when constructing the ReCaptchaField, see field usage below.

5. If you would like to use the new No Captcha reCaptcha add a NOCAPTCHA = True setting to the project’s settings.py file. ie.:

   NOCAPTCHA = True

6. Optionally add a RECAPTCHA_USE_SSL setting to the project’s settings.py file. This causes reCAPTCHA validation submits to be made over SSL, i.e.:

   RECAPTCHA_USE_SSL = True

   If you don’t add this setting the default behaviour is to NOT use SSL. Note that if you have NOCAPTCHA = True set, SSL will always be used. This can be seperately specified at runtime by passing a use_ssl parameter when constructing the ReCaptchaField, see field usage below.

7. If you require a proxy, add a RECAPTCHA_PROXY setting to the project’s settings.py file, i.e.:

   RECAPTCHA_PROXY = 'http://127.0.0.1:8000'

Usage

Field

The quickest way to add reCAPTCHA to a form is to use the included ReCaptchaField field class. A ReCaptcha widget will be rendered with the field validating itself without any further action required from you. For example:

from django import forms
from captcha.fields import ReCaptchaField

class FormWithCaptcha(forms.Form):
    captcha = ReCaptchaField()

To allow for runtime specification of keys and SSL usage you can optionally pass the private_key, public_key, or use_ssl parameters to the constructor. For example:

captcha = ReCaptchaField(
    public_key='76wtgdfsjhsydt7r5FFGFhgsdfytd656sad75fgh',
    private_key='98dfg6df7g56df6gdfgdfg65JHJH656565GFGFGs',
    use_ssl=True,
)

If specified these parameters will be used instead of your reCAPTCHA project settings.

The reCAPTCHA widget supports several Javascript options variables customizing the behaviour of the widget, such as theme and lang. You can forward these options to the widget by passing an attr parameter containing a dictionary of options to ReCaptchaField. For example:

captcha = ReCaptchaField(attrs={'theme' : 'clean'})

The captcha client takes the key/value pairs and writes out the RecaptchaOptions value in JavaScript.

Unit Testing

django-recaptcha introduces an environmental variable RECAPTCHA_TESTING which helps facilitate tests. The environmental variable should be set to "True", and cleared, using the setUp() and tearDown() methods in your test classes.

Setting RECAPTCHA_TESTING to True causes django-recaptcha to accept "PASSED" as the recaptcha_response_field value. Note that if you are using the new No Captcha reCaptcha (ie. with NOCAPTCHA = True in your settings) the response field is called g-recaptcha-response.

Example:

import os
os.environ['RECAPTCHA_TESTING'] = 'True'

form_params = {'recaptcha_response_field': 'PASSED'} # use 'g-recaptcha-response' param name if using NOCAPTCHA
form = RegistrationForm(form_params) # assuming only one ReCaptchaField
form.is_valid() # True

os.environ['RECAPTCHA_TESTING'] = 'False'
form.is_valid() # False

Passing any other values will cause django-recaptcha to continue normal processing and return a form error.

Check tests.py for a full example.

AJAX

To make Recapcha work in ajax-loaded forms:

1. Import recaptcha_ajax.js on your page (not in the loaded template):

   <script type="text/javascript" src="http://www.google.com/recaptcha/api/js/recaptcha_ajax.js"></script>

2. Add to your Django settings:

   CAPTCHA_AJAX = True

Credits

Inspired Marco Fucci’s blogpost titled Integrating reCAPTCHA with Django

client.py taken from recaptcha-client licenced MIT/X11 by Mike Crawford.

reCAPTCHA copyright 2012 Google.

Authors

Praekelt Foundation

• Shaun Sephton

• Peter Pistorius

• Hedley Roos

bTaylor Design

• Brandon Taylor

Other

• Brooks Travis

• Denis Mishchishin

• Joshua Peper

• Rodrigo Primo

• snnwolf

• Adriano Orioli

• cdvv7788

• Daniel Gatis Carrazzoni

• pbf

• Alexey Subbotin

• Sean Stewart

Changelog

Pending

1. New release notes go here

1.0.6 (2016-10-05)

1. Confirmed tests pass on Django 1.10. Older versions should still work.

2. Fixed a bug where the widget was always rendered in the first used language due to attrs being a mutable default argument.

1.0.5 (2016-01-04)

1. Chinese translation (kz26).

2. Syntax fix (zvin).

3. Get tests to pass on Django 1.9.

1.0.4 (2015-04-16)

1. Fixed Python 3 support

2. Added Polish translations

3. Update docs

1.0.3 (2015-01-13)

1. Added nocaptcha recaptcha support

1.0.2 (2014-09-16)

1. Fixed Russian translations

2. Added Spanish translations

1.0.1 (2014-09-11)

1. Added Django 1.7 suport

2. Added Russian translations

3. Added multi dependancy support

4. Cleanup

1.0 (2014-04-23)

1. Added Python 3 support

2. Added French, Dutch and Brazilian Portuguese translations

0.0.9 (2014-02-14)

1. Bugfix: release master and not develop. This should fix the confusion due to master having been the default branch on Github.

0.0.8 (2014-02-13)

1. Bugfix: remove reference to options.html.

0.0.7 (2014-02-12)

1. Make it possible to load the widget via ajax.

0.0.6 (2013-01-31)

1. Added an extra parameter lang to bypass Google’s language bug. See http://code.google.com/p/recaptcha/issues/detail?id=133#c3

2. widget.html no longer includes options.html. Options are added directly to widget.html

0.0.5 (2013-01-17)

1. Removed django-registration dependency

2. Changed testing mechanism to environmental variable RECAPTCHA_TESTING

0.0.4

1. Handle missing REMOTE_ADDR request meta key. Thanks Joe Jasinski.

2. Added checks for settings.DEBUG to facilitate tests. Thanks Victor Neo.

3. Fix for correct iframe URL in case of no javascript. Thanks gerdemb.

0.0.3 (2011-09-20)

1. Don’t force registration version thanks kshileev.

2. Render widget using template, thanks denz.

0.0.2 (2011-08-10)

1. Use remote IP when validating.

2. Added SSL support, thanks Brooks Travis.

3. Added support for Javascript reCAPTCHA widget options, thanks Brandon Taylor.

4. Allow for key and ssl specification at runtime, thanks Evgeny Fadeev.

0.0.1 (2010-06-17)

1. Initial release.