From adddfb273733bd34d26d31d7757d43ffe509a057 Mon Sep 17 00:00:00 2001 From: Ivan Nikolskiy Date: Thu, 10 Jul 2025 13:19:16 +0200 Subject: [PATCH] Added new method to verify --- .gitignore | 3 +-- django_hoptcha/decorators.py | 15 +++++++++++---- django_hoptcha/settings.py | 2 +- django_hoptcha/templatetags/hoptcha_tags.py | 4 ++-- django_hoptcha/validators.py | 2 ++ 5 files changed, 17 insertions(+), 9 deletions(-) diff --git a/.gitignore b/.gitignore index 32ed2c1..1830301 100755 --- a/.gitignore +++ b/.gitignore @@ -55,8 +55,7 @@ coverage.xml # Node (if using JS build tools) node_modules/ - - +build/ # Docker *.pid diff --git a/django_hoptcha/decorators.py b/django_hoptcha/decorators.py index 27dec26..501f802 100755 --- a/django_hoptcha/decorators.py +++ b/django_hoptcha/decorators.py @@ -39,19 +39,25 @@ from .settings import ( ) # Built-in key functions -def get_ip(request): +def get_ip(group, request): return request.META.get('REMOTE_ADDR', 'unknown-ip') -def get_user(request): +def user_or_session(group, request): + if request.user.is_authenticated: + return str(request.user.pk) + return request.session.session_key or request.META.get("REMOTE_ADDR") + +def get_user(group, request): return str(request.user.id) if request.user.is_authenticated else None -def get_user_or_ip(request): +def get_user_or_ip(group, request): return get_user(request) or get_ip(request) BUILTIN_KEYS = { 'ip': get_ip, 'user': get_user, 'user_or_ip': get_user_or_ip, + 'user_or_session': user_or_session } def hoptcha_protected( @@ -107,7 +113,7 @@ def hoptcha_protected( if request.method not in methods: return view_func(request, *args, **kwargs) - user_key = key_func(request) + user_key = key_func(None, request) if not shared: user_key = f"{user_key}:{request.path}" @@ -129,6 +135,7 @@ def hoptcha_protected( pass # Malformed or empty JSON if not token or not verify_token(token): + print(token) return response(request) if response else JsonResponse({ "captcha": True, "url": f"{HOPTCHA_URL}?{urlencode({'client_key': HOPTCHA_CLIENT_ID, 'timestamp': int(time.time() * 1000), 'type': type})}" diff --git a/django_hoptcha/settings.py b/django_hoptcha/settings.py index a7458aa..fd4843d 100755 --- a/django_hoptcha/settings.py +++ b/django_hoptcha/settings.py @@ -28,7 +28,7 @@ def get(key, default=None): return getattr(settings, key, default) HOPTCHA_URL = get('HOPTCHA_URL', 'https://hoptcha.com/captcha/') -HOPTCHA_VERIFY_URL = get('CAPTCHA_VERIFY_URL', 'https://hoptcha.com/captcha/validate/') +HOPTCHA_VERIFY_URL = get('HOPTCHA_VERIFY_URL', 'https://hoptcha.com/captcha/validate/') HOPTCHA_CLIENT_ID = get('HOPTCHA_CLIENT_ID', '') HOPTCHA_CLIENT_SECRET = get('HOPTCHA_CLIENT_SECRET', '') diff --git a/django_hoptcha/templatetags/hoptcha_tags.py b/django_hoptcha/templatetags/hoptcha_tags.py index 7f515f7..aecdf47 100755 --- a/django_hoptcha/templatetags/hoptcha_tags.py +++ b/django_hoptcha/templatetags/hoptcha_tags.py @@ -41,7 +41,7 @@ def captcha_placeholder(): @register.simple_tag def captcha_iframe(): context = { - 'captcha_url': getattr(settings, 'HOPTCHA_URL', '#'), - 'public_key': getattr(settings, 'HOPTCHA_CLIENT_ID', ''), + 'captcha_url': HOPTCHA_URL, + 'public_key': HOPTCHA_CLIENT_ID, } return render_to_string('django_hoptcha/captcha_iframe.html', context) diff --git a/django_hoptcha/validators.py b/django_hoptcha/validators.py index 00e22ff..49c8cc9 100755 --- a/django_hoptcha/validators.py +++ b/django_hoptcha/validators.py @@ -42,6 +42,8 @@ def verify_token(token): headers = {"Content-Type": "application/json"} response = requests.post(HOPTCHA_VERIFY_URL, data=json.dumps(payload), headers=headers, timeout=5) + print(HOPTCHA_VERIFY_URL, HOPTCHA_CLIENT_SECRET) + if response.status_code == 200: return response.json().get("success", False) return False