Added new method to verify

2025-07-10 13:19:16 +02:00 · 2025-07-10 13:19:16 +02:00 · adddfb2737
commit adddfb2737
parent 2beca59775
5 changed files with 17 additions and 9 deletions
--- a/.gitignore
+++ b/.gitignore
@ -55,8 +55,7 @@ coverage.xml

 # Node (if using JS build tools)
 node_modules/
-
-
+build/

 # Docker
 *.pid
--- a/django_hoptcha/decorators.py
+++ b/django_hoptcha/decorators.py
@ -39,19 +39,25 @@ from .settings import (
 )

 # Built-in key functions
-def get_ip(request):
+def get_ip(group, request):
    return request.META.get('REMOTE_ADDR', 'unknown-ip')

-def get_user(request):
+def user_or_session(group, request):
+    if request.user.is_authenticated:
+        return str(request.user.pk)
+    return request.session.session_key or request.META.get("REMOTE_ADDR")
+
+def get_user(group, request):
    return str(request.user.id) if request.user.is_authenticated else None

-def get_user_or_ip(request):
+def get_user_or_ip(group, request):
    return get_user(request) or get_ip(request)

 BUILTIN_KEYS = {
    'ip': get_ip,
    'user': get_user,
    'user_or_ip': get_user_or_ip,
+    'user_or_session': user_or_session
 }

 def hoptcha_protected(
@ -107,7 +113,7 @@ def hoptcha_protected(
            if request.method not in methods:
                return view_func(request, *args, **kwargs)

-            user_key = key_func(request)
+            user_key = key_func(None, request)
            if not shared:
                user_key = f"{user_key}:{request.path}"

@ -129,6 +135,7 @@ def hoptcha_protected(
                        pass  # Malformed or empty JSON

                if not token or not verify_token(token):
+                    print(token)
                    return response(request) if response else JsonResponse({
                        "captcha": True,
                        "url": f"{HOPTCHA_URL}?{urlencode({'client_key': HOPTCHA_CLIENT_ID, 'timestamp': int(time.time() * 1000), 'type': type})}"
--- a/django_hoptcha/settings.py
+++ b/django_hoptcha/settings.py
@ -28,7 +28,7 @@ def get(key, default=None):
    return getattr(settings, key, default)

 HOPTCHA_URL = get('HOPTCHA_URL', 'https://hoptcha.com/captcha/')
-HOPTCHA_VERIFY_URL = get('CAPTCHA_VERIFY_URL', 'https://hoptcha.com/captcha/validate/')
+HOPTCHA_VERIFY_URL = get('HOPTCHA_VERIFY_URL', 'https://hoptcha.com/captcha/validate/')

 HOPTCHA_CLIENT_ID = get('HOPTCHA_CLIENT_ID', '')
 HOPTCHA_CLIENT_SECRET = get('HOPTCHA_CLIENT_SECRET', '')
--- a/django_hoptcha/templatetags/hoptcha_tags.py
+++ b/django_hoptcha/templatetags/hoptcha_tags.py
@ -41,7 +41,7 @@ def captcha_placeholder():
@register.simple_tag
 def captcha_iframe():
    context = {
-        'captcha_url': getattr(settings, 'HOPTCHA_URL', '#'),
-        'public_key': getattr(settings, 'HOPTCHA_CLIENT_ID', ''),
+        'captcha_url': HOPTCHA_URL,
+        'public_key': HOPTCHA_CLIENT_ID,
    }
    return render_to_string('django_hoptcha/captcha_iframe.html', context)
--- a/django_hoptcha/validators.py
+++ b/django_hoptcha/validators.py
@ -42,6 +42,8 @@ def verify_token(token):
        headers = {"Content-Type": "application/json"}
        response = requests.post(HOPTCHA_VERIFY_URL, data=json.dumps(payload), headers=headers, timeout=5)

+        print(HOPTCHA_VERIFY_URL, HOPTCHA_CLIENT_SECRET)
+
        if response.status_code == 200:
            return response.json().get("success", False)
        return False