Extremely simple, "Good Enough" captcha implemention for flask forms. No server side sessions required.
Project description
Install
pip3 install flask-simple-captcha
or if installing from source
python3 setup.py install
How to use
This package is intended to assign a unique CSRF string per each form submit per user session, without requiring any backend session tracking. First, you'll want to set a variable SECRET_CSRF_KEY
in your app config to a random, complex string. Example: SECRET_CSRF_KEY = 'wMmeltW4mhwidorQRli6Oijuhygtfgybunxx9VPXldz'
Second, add this to the top of your code.
import flask_simple_captcha as CAPTCHA
app = CAPTCHA.init_app(app)
For each route you want captcha protected, add the following code:
@app.route('/example, methods=['GET','POST']
def example():
if request.method == 'GET':
captcha = CAPTCHA.create()
render_template('example.html', captcha=captcha)
if request.method == 'POST':
c_hash = request.form.get('captcha-hash')
c_text = request.form.get('captcha-text')
if CAPTCHA.verify(c_text, c_hash):
return 'success'
else:
return 'failed captcha'
In the HTML forms you want to generate a captcha: {{ captcha_html(captcha) }}
This will create something like this:
<input type="text" name="captcha-text">
<input type="hidden" name="captcha-hash" value="1o9ig...">
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Hashes for flask_simple_captcha-1.0.0-py3.7.egg
Algorithm | Hash digest | |
---|---|---|
SHA256 | f61d7bd1db2557bf59bcd3139dfc80fc977abc7cec121c8a5d4235cc08360268 |
|
MD5 | 4a39aec77c81695a2e0cf44c3293cd64 |
|
BLAKE2b-256 | ee489ad1b7c4b3e901b3ed91cb8e35aa2fe716c5bc1527a306cc6dd135ee1496 |