Skip to content

Commit cbab728

Browse files
committed
added py4web/utils/racaptcha.py, to use:
from py4web.utils.recaptcha import ReCaptcha auth.extra_form_fields = {"login": [recaptcha.field]} auth.enable(uses=(session, T, db, recaptcha.fixture), env=dict(T=T)) and add [[=recaptcha]] to yourapp/templates/auth.html
1 parent 89846ce commit cbab728

File tree

1 file changed

+69
-0
lines changed

1 file changed

+69
-0
lines changed

py4web/utils/recaptcha.py

Lines changed: 69 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,69 @@
1+
import requests
2+
from yatl.helpers import XML
3+
4+
from py4web.core import Field, Fixture, request
5+
6+
API_KEY = "6Lfw6AAlAAAAALXil7eFMT8ICeBD1HltA2EaK9QC"
7+
API_SECRET = "6Lfw6AAlAAAAAOk1f1PFg-fXzbvB4XqTXdzQAYdD"
8+
9+
10+
class recaptcha_fixture(Fixture):
11+
def __init__(self, api_key):
12+
self.api_key = api_key
13+
Fixture.__init__(self)
14+
15+
def on_request(self, context):
16+
value = request.POST.get("g-recaptcha-response")
17+
if value:
18+
request.POST["g_recaptcha_response"] = value
19+
del request.POST["g-recaptcha-response"]
20+
21+
def on_success(self, context):
22+
context["output"]["recaptcha"] = XML(
23+
"""<script>
24+
var field = document.querySelector("input[name=g_recaptcha_response]");
25+
if(field) {
26+
field.hidden = true;
27+
var form = document.querySelector(".auth-container form");
28+
var button = form.querySelector("input[type=submit]");
29+
window.recaptcha_submit = function(token){ form.submit(); };
30+
button.setAttribute("class", "g-recaptcha");
31+
button.setAttribute("data-action", "submit");
32+
button.setAttribute("data-callback", "recaptcha_submit");
33+
button.setAttribute("data-sitekey", "%s");
34+
}
35+
</script>
36+
<script src="https://www.google.com/recaptcha/api.js"></script>
37+
"""
38+
% self.api_key
39+
)
40+
41+
42+
class ReCaptcha:
43+
def __init__(self, api_key, api_secret):
44+
self.api_key = api_key
45+
self.api_secret = api_secret
46+
47+
@property
48+
def fixture(self):
49+
return recaptcha_fixture(self.api_key)
50+
51+
@property
52+
def field(self):
53+
return Field("g_recaptcha_response", requires=self.validator, label="")
54+
55+
@property
56+
def script(self):
57+
return recaptcha_script(self.api_key)
58+
59+
def validator(self, value, _):
60+
data = {"secret": self.api_secret, "response": value}
61+
res = requests.post(
62+
"https://www.google.com/recaptcha/api/siteverify", data=data
63+
)
64+
try:
65+
if res.json()["success"]:
66+
return (True, None)
67+
return (False, "Invalid ReCaptcha response")
68+
except exc:
69+
return (False, str(exc))

0 commit comments

Comments
 (0)