AsyncIO client for the hCaptcha service
Secure your forms using a captcha.
pip install aiohcaptcha
You can define the secret key HCAPTCHA_SECRET_KEY
in the environment or directly pass it to the HCaptchaClient
model as a parameter.
Get the secret and public keys from the hcaptcha.com.
<div class="h-captcha" data-sitekey="your_site_key"></div>
<script src="https://hcaptcha.com/1/api.js" async defer></script>
Check hCaptcha docs for more details on the HTML widget.
from aiohcaptcha import HCaptchaClient
response_token = request.POST["h-captcha-response"]
client = HCaptchaClient(secret_key)
verified = await client.verify(response_token) # a boolean
You can adjust it to any Python Web framework that has async view support.
If you are sending the form data using an AJAX request, use $('textarea[name=h-captcha-response]').val();
for the captcha key.
Response details are stored in client.response
,
details of the HCaptchaResponse
model is same as the JSON response provided in the hCaptcha documentation.
You can also add remote_ip
and sitekey
(expected key) to the client.verify
function.
These parameters are explained in the hCaptcha docs.
For unit testing, you can create the Client HCaptchaClient
with debug=True
parameter.
In this mode, the verify
function will return True
if the user_response
token and sitekey
parameters do match, otherwise it will return False
:
client = HCaptchaClient("<SECRET_KEY>", debug=True)
assert await client.verify("<USER_TOKEN>", sitekey="<SAME_TOKEN>")
assert await client.verify("<USER_TOKEN>", sitekey="<DIFFERENT_TOKEN>") is False
© 2020 Emin Mastizada. MIT Licenced.