我正在试图将Recaptcha添加到Django的登录表单中.我尝试了不同的库,但它们似乎都没有用,因为验证码表单并没有出现在我的模板中.
这是我目前的工作:
urls.py
path(r'captcha/', include('captcha.urls'))
forms.py
class NewUserForm(UserCreationForm):
email = forms.EmailField(required=True)
class YourForm(forms.Form):
captcha = CaptchaField()
class Meta:
model = User
fields = ("username", "email", "password1", "password2")
def save(self, commit=True):
user = super(NewUserForm, self).save(commit=False)
user.email = self.cleaned_data['email']
if commit:
user.save()
return user
这是我的login.html模板
<form action="/your-name/" method="post">
{% csrf_token %}
{{ form.captcha }}
<input type="submit" value="Submit">
</form>
在这种情况下,只会显示“提交”按钮,但不会显示验证码表单.这就是我尝试过的任何其他库所发生的事情.谁能给我一些帮助?提前致谢!
解决方法:
由于您没有提到您尝试使用的库,因此很难直接提供帮助.这是我向Django登录添加v2 recaptcha的方法,不需要额外的库.
在这个例子中,我将recaptcha脚本添加到django登录模板,并覆盖django auth app的登录视图,以扩展其功能,使其验证recaptcha服务器端(根据google docs使用适当的RECAPTCHA_SECRET).
另请注意,context_processor用于在登录模板中插入RECAPTCHA_SITE_KEY.
的login.html
...
<head>
<script src="https://www.google.com/recaptcha/api.js" async defer</script>
<script>
function onSubmit(token) {
document.getElementById("theForm").submit();
}
</script>
</head>
<body>
<form id="theForm">
<button class="g-recaptcha btn btn-primary"
data-callback="onSubmit"
data-sitekey="{{RECAPTCHA_SITE_KEY}}"
type="submit">Login
</button>
</form>
</body>
...
url.py
...
# overriding auth app endpoint
url(r'^accounts/login/', MyLoginView.as_view(), name='login'),
...
context_processor.py
from django.conf import settings
def recaptcha_site_key(request):
return {'RECAPTCHA_SITE_KEY': settings.RECAPTCHA_SITE_KEY}
settings.py
TEMPLATES = [
{
...
'OPTIONS': {
'context_processors': [
...
'yourapp.context_processors.recaptcha_site_key',
...
],
},
},
]
MyLoginView.py
from django.contrib.auth import views as auth_views
def _validate_recaptcha(token, ip):
# implement server side validation according to google docs
pass
class MyLoginView(auth_views.LoginView):
'''Use django login flow, with added logic for google recaptcha
'''
def form_valid(self, form):
request_body = self.request.POST
if not request_body:
return None
recaptcha_token = request_body['g-recaptcha-response']
ip_addr, _ = get_client_ip(self.request)
if not _validate_recaptcha(recaptcha_token, ip_addr):
# your logic
return redirect('login')
return super().form_valid(form)