Django reCAPTCHA form field/widget integration app.
Contents
django-recaptcha uses a modified version of the Python reCAPTCHA client which is included in the package as client.py
.
Install or add
django-recaptcha
to your Python path.Add
captcha
to yourINSTALLED_APPS
setting.Add a
RECAPTCHA_PUBLIC_KEY
setting to the project'ssettings.py
file. This is your public API key as provided by reCAPTCHA, i.e.:RECAPTCHA_PUBLIC_KEY = '76wtgdfsjhsydt7r5FFGFhgsdfytd656sad75fgh'
This can be seperately specified at runtime by passing a
public_key
parameter when constructing theReCaptchaField
, see field usage below.Add a
RECAPTCHA_PRIVATE_KEY
setting to the project'ssettings.py
file. This is your private API key as provided by reCAPTCHA, i.e.:RECAPTCHA_PRIVATE_KEY = '98dfg6df7g56df6gdfgdfg65JHJH656565GFGFGs'
This can be seperately specified at runtime by passing a
private_key
parameter when constructing theReCaptchaField
, see field usage below.If you would like to use the new No Captcha reCaptcha add a
NOCAPTCHA = True
setting to the project'ssettings.py
file. ie.:NOCAPTCHA = True
Optionally add a
RECAPTCHA_USE_SSL
setting to the project'ssettings.py
file. This causes reCAPTCHA validation submits to be made over SSL, i.e.:RECAPTCHA_USE_SSL = True
If you don't add this setting the default behaviour is to NOT use SSL. Note that if you have
NOCAPTCHA = True
set, SSL will always be used. This can be seperately specified at runtime by passing ause_ssl
parameter when constructing theReCaptchaField
, see field usage below.If you require a proxy, add a
RECAPTCHA_PROXY
setting to the project'ssettings.py
file, i.e.:RECAPTCHA_PROXY = 'https://127.0.0.1:8000'
The quickest way to add reCAPTHCA to a form is to use the included ReCaptchaField
field type. A ReCaptcha
widget will be rendered with the field validating itself without any further action required from you. For example:
from django import forms
from captcha.fields import ReCaptchaField
class FormWithCaptcha(forms.Form):
captcha = ReCaptchaField()
To allow for runtime specification of keys and SSL usage you can optionally pass private_key
, public_key
or use_ssl
parameters to the constructor, i.e.:
captcha = ReCaptchaField(
public_key='76wtgdfsjhsydt7r5FFGFhgsdfytd656sad75fgh',
private_key='98dfg6df7g56df6gdfgdfg65JHJH656565GFGFGs',
use_ssl=True
)
If specified these parameters will be used instead of your reCAPCTHA project settings.
The reCAPTCHA widget supports several Javascript options variables customizing the behaviour of the widget, such as theme
and lang
. You can forward these options to the widget by passing an attr
parameter containing a dictionary of options to ReCaptchaField
, i.e.:
captcha = ReCaptchaField(attrs={'theme' : 'clean'})
The captcha client takes the key/value pairs and writes out the RecaptchaOptions value in JavaScript.
django-recaptcha introduces an environmental variable RECAPTCHA_TESTING which helps facilitate tests. The environmental variable should be set to "True", and cleared, using the setUp() and tearDown() methods in your test classes.
Setting RECAPTCHA_TESTING to True causes django-recaptcha to accept
"PASSED" as the recaptcha_response_field
value. Note that if you are using the new No Captcha reCaptcha
(ie. with NOCAPTCHA = True
in your settings) the response field is called g-recaptcha-response
.
Example:
import os
os.environ['RECAPTCHA_TESTING'] = 'True'
form_params = {'recaptcha_response_field': 'PASSED'} # use 'g-recaptcha-response' param name if using NOCAPTCHA
form = RegistrationForm(form_params) # assuming only one ReCaptchaField
form.is_valid() # True
os.environ['RECAPTCHA_TESTING'] = 'False'
form.is_valid() # False
Passing any other values will cause django-recaptcha to continue normal processing and return a form error.
Check tests.py
for a full example.
To make Recapcha work in ajax-loaded forms:
import recaptcha_ajax.js on your page (not in the loaded template):
<script type="text/javascript" src="https://www.google.com/recaptcha/api/js/recaptcha_ajax.js"></script>
settings.py
CAPTCHA_AJAX = True
Inspired Marco Fucci's blogpost titled Integrating reCAPTCHA with Django
client.py
taken from recaptcha-client licenced MIT/X11 by Mike Crawford.
reCAPTCHA copyright 2012 Google.