Skip to main content

Provides protection against spammers and scammers.

Project description

Travis CI Status

A SmartFile Open Source project. Read more about how SmartFile uses and contributes to Open Source software.

SmartFile

Introduction

Provides protection against spammers and scammers.

Installation

Install using pip pip install django-secureform

Then install the application into your Django project in settings.py. There are also optional settings which will affect the behavior of SecureForm instances.

INSTALLED_APPS += ('django_secureform', )

# If you wish to use an encryption key other than Django's SECRET_KEY
SECUREFORM_CRYPT_KEY = 'super-secret encryption key'

# This is the name of the hidden field added to the form to contain
# security data.
SECUREFORM_FIELD_NAME = 'foobar'

# The number of seconds allowed between form rendering and submittal.
SECUREFORM_TTL = 300

# The number of honeypot fields added to the form.
SECUREFORM_HONEYPOTS = 1

# By default, jQuery is needed to hide honeypots. If you already
# use jQuery in your app, you can disable this feature (preventing
# a duplicate script reference to jQuery).
SECUREFORM_INCLUDE_JQUERY = False

Usage

from django_secureform.forms import SecureForm


# Define your form class as usual.
class MySecureForm(SecureForm):
    class Meta:
        # Override options in settings.py for this class.
        include_jquery = False

    name = forms.CharField()

Unit Testing

If you want to write unit tests for forms that derive from SecureForm, you will need to let this application know you are testing. SecureForm looks for settings.TESTING to evaluate to True. If so, it disables the security allowing the Django test client to send POST data using the original field names.

In the future, I would rather provide tools so that testing can happen with security enabled, but this is a quick workaround. Our test framework uses an environment variable to set settings.TESTING. For example, in settings.py…

import os

TESTING = True if 'TESTING' in os.environ else False

Project details


Release history Release notifications

This version
History Node

0.3-1

History Node

0.2-1

History Node

0.1-7

History Node

0.1-6

History Node

0.1-5

History Node

0.1-4

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
django-secureform-0.3-1.tar.gz (6.8 kB) Copy SHA256 hash SHA256 Source None Apr 17, 2013

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging CloudAMQP CloudAMQP RabbitMQ AWS AWS Cloud computing Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page