包含django形式的验证码

时间:2019-02-26 15:26:41

标签: python django recaptcha

我正在尝试将验证码添加到我的Django表单中。我尝试了三种不同的库,但是它们都没有为我工作,我也不知道我在做什么错。 这是我的最后尝试:

我使用了this库。 我的forms.py看起来像这样:

class NewUserForm(UserCreationForm):
    email = forms.EmailField(required=True)
    captcha = NoReCaptchaField()

    class Meta:
        model = User
        fields = ("username", "email", "password1", "password2")

    def save(self, commit=True):
        user = super(NewUserForm, self).save(commit=False)
        user.email = self.cleaned_data['email']
        if commit:
            user.save()
        return user

这是urls.pypath("login/", views.login_request, name="login")

这是前端:login.html<script src="https://www.google.com/recaptcha/api.js" async defer></script>

我更新了settings.py文件,因此该错误一定不存在。

2 个答案:

答案 0 :(得分:2)

您可以使用django-simple-captach

  1. 只需安装

    pip install  django-simple-captcha
  2. 在您的settings.py中将验证码添加到INSTALLED_APPS
  3. 运行python manage.py migration

  4. 向您的urls.py添加一个条目:

    urlpatterns += [
    path(r'captcha/', include('captcha.urls')),
]

forms.py 

from django import forms
from captcha.fields import CaptchaField

class YourForm(forms.Form):
    captcha = CaptchaField()

在模板中

<form action="/your-name/" method="post">
   {% csrf_token %}
   {{ form.captcha }}
   <input type="submit" value="Submit">
</form>

希望有帮助

答案 1 :(得分:1)

您也可以使用mixin

让您的视图继承自可验证Recaptcha的mixin,c.greys解决方案可能会更简单,但您可能希望对模板外部的请求执行其他操作。

import requests
from django.http.response import HttpResponseForbidden
from ipware import get_client_ip

from .settings import RECAPTCHA_KEY, RECAPTCHA_SECRET


class GoogleRecaptchaMixin:
    def post(self, request, *args, **kwargs):
        g_recaptcha_response = request.POST.get('g-recaptcha-response', None)
        client_ip, is_routable = get_client_ip(request)
        response = requests.post(
            "https://www.google.com/recaptcha/api/siteverify",
            data={
                "secret": RECAPTCHA_SECRET,
                "response": g_recaptcha_response,
                "remoteip": client_ip
            }
        )
        response_dict = response.json()
        if response_dict.get("success", None):
            return super().post(request, *args, **kwargs)
        else:
            return HttpResponseForbidden(*args, **kwargs)

在与上面的代码相同的目录中,您将拥有一个包含密钥和机密的设置文件,或者您可以直接从django.conf导入

#settings.py
from django.conf import settings


RECAPTCHA_SECRET = getattr(settings, "RECAPTCHA_SECRET", '')
RECAPTCHA_KEY = getattr(settings, "RECAPTCHA_KEY", '')

在您的模板中,您会看到类似以下内容的

<form id="form-00" method="post" action="/process">{% csrf_token %}
  <button class="g-recaptcha"
          data-sitekey="your recaptcha key"
          data-callback="formSubmit">Recaptcha this</button>
</form>
<script type="text/javascript" src='https://www.google.com/recaptcha/api.js'></script>
<script type="text/javascript">
        function formSubmit(token) {
            document.getElementById("form-00").submit();
        }
</script>
相关问题
最新问题