Skip to main content

Wraps the recaptcha-client library to provide a drop-in replacement for collective.captcha.

Project description

collective.recaptcha

This package provides an integration of the reCAPTCHA service into Zope. ReCAPTCHA is a third-party CAPTCHA service provided by Google.

The API is based on collective.captcha and is provided via a “@@captcha” browser view, so these two packages can be swapped for each other relatively simply. Use collective.captcha if you need to not be dependent on an external service; use collective.recaptcha for a slightly better user experience.

Plone users interested in adding ReCAPTCHA in z3c.form forms will probably find interesting the package plone.formwidget.recaptcha.

Upgrade

To upgrade to collective.recaptcha 2.* (reCaptcha API V2), you need double check your keys because global keys are not supported in the V2 API, so you need to create a new key if you wish to use the V2 API.

Installation and Configuration

Simply make sure that the ZCML for this package is loaded. (You cannot configure this package at the same time as collective.captcha, because the ‘@@captcha’ browser view registration will conflict.)

Before the service will work, you must obtain a public and private key from https://developers.google.com/recaptcha/, and configure them at http://path/to/site/@@recaptcha-settings

You can use plone.app.registry in your profile to provide your configuration:

<registry>
  <records interface="collective.recaptcha.settings.IRecaptchaSettings">
   <value key="public_key"></value>
   <value key="private_key"></value>
  </records>
</registry>

Usage

You can insert a Recaptcha using the following TAL:

<tal:block tal:replace="structure context/@@captcha/image_tag"/>

You can verify Recaptcha input by testing the return value of:

context.restrictedTraverse('@@captcha').verify()

Differences between this package’s API and collective.captcha

Because the simplest form of Recaptcha is rendered entirely via a remote call to the service, we couldn’t implement the ICaptchaView interface from collective.captcha exactly as it was defined there. Differences include:

* The image_tag method returns the HTML for the entire CAPTCHA widget,
  including text entry and audio link, not just the tag for the CAPTCHA
  image.

* The audio_url method returns None

* The verify method does not require the input parameter, as a standard
  form input name is used and the value can be found in the request.

* There is an additional method, external, which simply returns True.
  This is a bit of a hack so that a template requiring captcha can
  adjust to the different semantics of the @@captcha view in this
  package as compared to collective.captcha.

Tests

This add-on is tested using GitHub Actions. The current status of the add-on is :

https://img.shields.io/github/workflow/status/collective/collective.recaptcha/Plone%20package/master?label=GitHub%20Actions

Contributors

Changelog

2.1.2 (2022-07-26)

  • Keep record values when reapplying profile (fixes #36). [wesleybl]

2.1.1 (2022-07-21)

  • Fix recaptcha loading in Plone 4 modal. [wesleybl]

  • Fixed startup on Python 3 (Plone 5.2). The tests are not run yet on 5.2, so compatibility is not confirmed. [maurits]

  • Add translations [rodfersou]

2.1.0 (2017-12-04)

  • Updated bootstrap

  • Updated the documentation

  • Support Plone 5 without the need to pull in zope.formlib [ale-rt]

  • Add install and uninstall profile and a controlpanel configlet [frapell]

2.0.0 (2016-03-06)

  • Google reCAPTCHA API v.2 [mamico]

1.1.5 (2014-05-07)

  • Fix the retrieval of config from the registry [mpeeters]

  • Minor correction in interface name, in the README [frapell]

1.1.4 (2013-04-09)

  • Add Plone 4.3 compat [aclark4life]

1.1.3 (2011-08-19)

  • Add z3c.autoinclude entry point for automatic ZCML loading in Plone 3.3+. [WouterVH]

1.1.2 (2011-05-17)

  • Require the latest version of recaptcha-client, which has the correct HTTPS URL for the recaptcha service. [davisagli]

  • Add support for Zope2.13: try to use five.formlib first. [toutpt]

1.1.1 (2011-02-15)

  • Register the @@captcha view using browser:page instead of browser:view, because I still fail to understand the latter and was breaking access from restricted python in Zope 2.12. [davisagli]

1.1 (2010-11-18)

  • Use the recaptcha settings from plone.formwidget.recaptcha if it is installed, since it overrides our recaptcha-settings view. [davisagli]

1.0.1 (2009-08-05)

  • Disallowed dependency on broken release of recaptcha-client (1.0.4). [davisagli]

1.0 (2009-05-04)

  • Fixed method signature for verify method so that the vestigial input parameter from collective.captcha’s ICaptchaView is no longer required. [davisagli]

  • Added documentation. [davisagli]

1.0b2 (2009-01-14)

  • Correctly handle comma-delimited values in the HTTP_X_FORWARDED_FOR header. [davisagli]

  • Added support for verifying the captcha multiple times within the same request. [davisagli]

  • Added security declarations on the view methods so they can be called from restricted Python. [davisagli]

1.0b1 (2009-01-14)

  • Initial release

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

collective.recaptcha-2.1.2.tar.gz (11.8 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page