以 django 形式包含验证码
Including captcha in a django form
我正在尝试将验证码添加到我的 Django 表单中。我尝试了三个不同的库,但其中 none 个对我有用,我不知道我做错了什么。
这是我最后一次尝试:
我使用了 this 库。
我的 forms.py 看起来像这样:
class NewUserForm(UserCreationForm):
email = forms.EmailField(required=True)
captcha = NoReCaptchaField()
class Meta:
model = User
fields = ("username", "email", "password1", "password2")
def save(self, commit=True):
user = super(NewUserForm, self).save(commit=False)
user.email = self.cleaned_data['email']
if commit:
user.save()
return user
这是urls.py:path("login/", views.login_request, name="login")。
这是前端:login.html:<script src="https://www.google.com/recaptcha/api.js" async defer></script>
我更新了我的 settings.py 文件,所以应该没有错误。
您可以使用 django-simple-captcha.
- 安装它
pip install django-simple-captcha
- 将验证码添加到 settings.py
中的 INSTALLED_APPS
- 运行
python manage.py migrate
- 向您的 urls.py 添加一个条目:
urlpatterns += [
path(r'captcha/', include('captcha.urls')),
]
在forms.py中:
from django import forms
from captcha.fields import CaptchaField
class YourForm(forms.Form):
captcha = CaptchaField()
在模板中:
<form action="/your-name/" method="post">
{% csrf_token %}
{{ form.captcha }}
<input type="submit" value="Submit">
</form>
你也可以使用 mixin
让您的视图继承自验证 recaptcha 的 mixin,c.greys 解决方案可能更简单,但您可能希望在模板之外对请求执行其他操作。
import requests
from django.http.response import HttpResponseForbidden
from ipware import get_client_ip
from .settings import RECAPTCHA_KEY, RECAPTCHA_SECRET
class GoogleRecaptchaMixin:
def post(self, request, *args, **kwargs):
g_recaptcha_response = request.POST.get('g-recaptcha-response', None)
client_ip, is_routable = get_client_ip(request)
response = requests.post(
"https://www.google.com/recaptcha/api/siteverify",
data={
"secret": RECAPTCHA_SECRET,
"response": g_recaptcha_response,
"remoteip": client_ip
}
)
response_dict = response.json()
if response_dict.get("success", None):
return super().post(request, *args, **kwargs)
else:
return HttpResponseForbidden(*args, **kwargs)
在与上述代码相同的目录中,您将拥有一个包含您的密钥和密码的设置文件,或者您可以直接从 django.conf
导入
#settings.py
from django.conf import settings
RECAPTCHA_SECRET = getattr(settings, "RECAPTCHA_SECRET", '')
RECAPTCHA_KEY = getattr(settings, "RECAPTCHA_KEY", '')
在您的模板中,您将拥有类似的内容:
<form id="form-00" method="post" action="/process">{% csrf_token %}
<button class="g-recaptcha"
data-sitekey="your recaptcha key"
data-callback="formSubmit">Recaptcha this</button>
</form>
<script type="text/javascript" src='https://www.google.com/recaptcha/api.js'></script>
<script type="text/javascript">
function formSubmit(token) {
document.getElementById("form-00").submit();
}
</script>
我正在尝试将验证码添加到我的 Django 表单中。我尝试了三个不同的库,但其中 none 个对我有用,我不知道我做错了什么。 这是我最后一次尝试:
我使用了 this 库。
我的 forms.py 看起来像这样:
class NewUserForm(UserCreationForm):
email = forms.EmailField(required=True)
captcha = NoReCaptchaField()
class Meta:
model = User
fields = ("username", "email", "password1", "password2")
def save(self, commit=True):
user = super(NewUserForm, self).save(commit=False)
user.email = self.cleaned_data['email']
if commit:
user.save()
return user
这是urls.py:path("login/", views.login_request, name="login")。
这是前端:login.html:<script src="https://www.google.com/recaptcha/api.js" async defer></script>
我更新了我的 settings.py 文件,所以应该没有错误。
您可以使用 django-simple-captcha.
- 安装它
pip install django-simple-captcha
- 将验证码添加到 settings.py 中的
- 运行
python manage.py migrate - 向您的 urls.py 添加一个条目:
INSTALLED_APPS
urlpatterns += [
path(r'captcha/', include('captcha.urls')),
]
在forms.py中:
from django import forms
from captcha.fields import CaptchaField
class YourForm(forms.Form):
captcha = CaptchaField()
在模板中:
<form action="/your-name/" method="post">
{% csrf_token %}
{{ form.captcha }}
<input type="submit" value="Submit">
</form>
你也可以使用 mixin
让您的视图继承自验证 recaptcha 的 mixin,c.greys 解决方案可能更简单,但您可能希望在模板之外对请求执行其他操作。
import requests
from django.http.response import HttpResponseForbidden
from ipware import get_client_ip
from .settings import RECAPTCHA_KEY, RECAPTCHA_SECRET
class GoogleRecaptchaMixin:
def post(self, request, *args, **kwargs):
g_recaptcha_response = request.POST.get('g-recaptcha-response', None)
client_ip, is_routable = get_client_ip(request)
response = requests.post(
"https://www.google.com/recaptcha/api/siteverify",
data={
"secret": RECAPTCHA_SECRET,
"response": g_recaptcha_response,
"remoteip": client_ip
}
)
response_dict = response.json()
if response_dict.get("success", None):
return super().post(request, *args, **kwargs)
else:
return HttpResponseForbidden(*args, **kwargs)
在与上述代码相同的目录中,您将拥有一个包含您的密钥和密码的设置文件,或者您可以直接从 django.conf
导入#settings.py
from django.conf import settings
RECAPTCHA_SECRET = getattr(settings, "RECAPTCHA_SECRET", '')
RECAPTCHA_KEY = getattr(settings, "RECAPTCHA_KEY", '')
在您的模板中,您将拥有类似的内容:
<form id="form-00" method="post" action="/process">{% csrf_token %}
<button class="g-recaptcha"
data-sitekey="your recaptcha key"
data-callback="formSubmit">Recaptcha this</button>
</form>
<script type="text/javascript" src='https://www.google.com/recaptcha/api.js'></script>
<script type="text/javascript">
function formSubmit(token) {
document.getElementById("form-00").submit();
}
</script>