How to use Python plugin reCaptcha client for validation?

Question

I want to make a captcha validation.

I get the key from the recaptcha website and already succeed to put the public key to load the webpage with the challenge.

Answer 1

Sorry to say, but this module, while it works just fine, is almost entirely undocumented, and it's layout is a tad confusing for those of us who prefer using ">> help(modulename)" after installation. I'll give an example using cherrypy, and make some cgi-related comments afterwards.

captcha.py contains two functions and a class:

• display_html: which returns the familiar "reCaptcha box"

• submit: which submits the values entered by the user in the background

• RecapchaResponse: which is a container class that contains the response from reCaptcha

You'll first need to import the complete path to capcha.py, then create a couple of functions that handle displaying and dealing with the response.

from recaptcha.client import captcha
class Main(object):

    @cherrypy.expose
    def display_recaptcha(self, *args, **kwargs):
        public = "public_key_string_you_got_from_recaptcha"
        captcha_html = captcha.displayhtml(
                           public,
                           use_ssl=False,
                           error="Something broke!")

        # You'll probably want to add error message handling here if you 
        # have been redirected from a failed attempt
        return """
        <form action="validate">
        %s
        <input type=submit value="Submit Captcha Text" \>
        </form>
        """%captcha_html

    # send the recaptcha fields for validation
    @cherrypy.expose
    def validate(self, *args, **kwargs):
        # these should be here, in the real world, you'd display a nice error
        # then redirect the user to something useful

        if not "recaptcha_challenge_field" in kwargs:
            return "no recaptcha_challenge_field"

        if not "recaptcha_response_field" in kwargs:
            return "no recaptcha_response_field"

        recaptcha_challenge_field  = kwargs["recaptcha_challenge_field"]
        recaptcha_response_field  = kwargs["recaptcha_response_field"]

        # response is just the RecaptchaResponse container class. You'll need 
        # to check is_valid and error_code
        response = captcha.submit(
            recaptcha_challenge_field,
            recaptcha_response_field,
            "private_key_string_you_got_from_recaptcha",
            cherrypy.request.headers["Remote-Addr"],)

        if response.is_valid:
            #redirect to where ever we want to go on success
            raise cherrypy.HTTPRedirect("success_page")

        if response.error_code:
            # this tacks on the error to the redirect, so you can let the
            # user knowwhy their submission failed (not handled above,
            # but you are smart :-) )
            raise cherrypy.HTTPRedirect(
                "display_recaptcha?error=%s"%response.error_code)

It'll be pretty much the same if using cgi, just use the REMOTE_ADDR environment variable where I used cherrypy's request.headers and use field storage to do your checks.

There is no magic, the module just follows the docs: https://developers.google.com/recaptcha/docs/display

Validation errors you might need to handle: https://developers.google.com/recaptcha/docs/verify

Answer 2

It is quite straightforward. This is an example from a trivial trac plugin I'm using:

from recaptcha.client import captcha

if req.method == 'POST':
    response = captcha.submit(
        req.args['recaptcha_challenge_field'],
        req.args['recaptcha_response_field'],
        self.private_key,
        req.remote_addr,
        )
    if not response.is_valid:
        say_captcha_is_invalid()
    else:
        do_something_useful()
else:
    data['recaptcha_javascript'] = captcha.displayhtml(self.public_key)
    data['recaptcha_theme'] = self.theme
    return 'recaptchaticket.html', data, n