# Django REST reCAPTCHA
**Django REST reCAPTCHA v2 and v3 field serializer**
[](https://github.com/llybin/drf-recaptcha/actions)
[](https://www.codacy.com/app/llybin/drf-recaptcha?utm_source=github.com&utm_medium=referral&utm_content=llybin/drf-recaptcha&utm_campaign=Badge_Grade)
[](https://www.codacy.com/app/llybin/drf-recaptcha?utm_source=github.com&utm_medium=referral&utm_content=llybin/drf-recaptcha&utm_campaign=Badge_Coverage)
[](https://github.com/psf/black)
[](https://pypi.org/project/drf-recaptcha/)
[](https://pypi.org/project/drf-recaptcha/)
[](https://pypi.org/project/drf-recaptcha/)
## Requirements
* Python: 3.7, 3.8, 3.9, 3.10, 3.11
* Django: 3.2, 4.0, 4.1, 4.2
* DRF: 3.11, 3.12, 3.13, 3.14
## Installation
1. [Sign up for reCAPTCHA](https://www.google.com/recaptcha/)
2. Install with `pip install drf-recaptcha`
3. Add `"drf_recaptcha"` to your `INSTALLED_APPS` settings.
4. Set in settings `DRF_RECAPTCHA_SECRET_KEY`
```python
INSTALLED_APPS = [
...,
"drf_recaptcha",
...,
]
...
DRF_RECAPTCHA_SECRET_KEY = "YOUR SECRET KEY"
```
## Usage
```python
from rest_framework.serializers import Serializer, ModelSerializer
from drf_recaptcha.fields import ReCaptchaV2Field, ReCaptchaV3Field
from feedback.models import Feedback
class V2Serializer(Serializer):
recaptcha = ReCaptchaV2Field()
...
class GetOTPView(APIView):
def post(self, request):
serializer = V2Serializer(data=request.data, context={"request": request})
serializer.is_valid(raise_exception=True)
...
class V3Serializer(Serializer):
recaptcha = ReCaptchaV3Field(action="example")
...
class V3WithScoreSerializer(Serializer):
recaptcha = ReCaptchaV3Field(
action="example",
required_score=0.6,
)
...
class GetReCaptchaScore(APIView):
def post(self, request):
serializer = V3WithScoreSerializer(data=request.data, context={"request": request})
serializer.is_valid()
score = serializer.fields['recaptcha'].score
...
class FeedbackSerializer(ModelSerializer):
recaptcha = ReCaptchaV2Field()
class Meta:
model = Feedback
fields = ("phone", "full_name", "email", "comment", "recaptcha")
def validate(self, attrs):
attrs.pop("recaptcha")
...
return attrs
class DynamicContextSecretKey(APIView):
def post(self, request):
if request.platform == "android":
recaptcha_secret_key = "SPECIAL_FOR_ANDROID"
else:
recaptcha_secret_key = "SPECIAL_FOR_IOS"
serializer = WithReCaptchaSerializer(
data=request.data,
context={
"request": request,
"recaptcha_secret_key": recaptcha_secret_key,
},
)
serializer.is_valid(raise_exception=True)
...
class DynamicContextSecretKey(GenericAPIView):
serializer_class = WithReCaptchaSerializer
def get_serializer_context(self):
if self.request.platform == "android":
recaptcha_secret_key = "SPECIAL_FOR_ANDROID"
else:
recaptcha_secret_key = "SPECIAL_FOR_IOS"
context = super().get_serializer_context()
context.update({"recaptcha_secret_key": recaptcha_secret_key})
return context
class MobileSerializer(Serializer):
recaptcha = ReCaptchaV3Field(secret_key="")
...
```
## Settings
`DRF_RECAPTCHA_SECRET_KEY` - set your Google reCAPTCHA secret key. Type: str.
`DRF_RECAPTCHA_DEFAULT_V3_SCORE` - by default: `0.5`. Type: float.
`DRF_RECAPTCHA_ACTION_V3_SCORES` - by default: `{}`. Type: dict. You can define specific score for each action e.g. `{"login": 0.6, "feedback": 0.3}`
`DRF_RECAPTCHA_DOMAIN` - by default: `www.google.com`. Type: str.
`DRF_RECAPTCHA_PROXY` - by default: `{}`. Type: dict. e.g. `{'http': 'http://127.0.0.1:8000', 'https': 'https://127.0.0.1:8000'}`
`DRF_RECAPTCHA_VERIFY_REQUEST_TIMEOUT` - by default: `10`. Type: int.
### Priority of secret_key value
1. settings `DRF_RECAPTCHA_SECRET_KEY`
2. the argument `secret_key` of field
3. request.context["recaptcha_secret_key"]
## reCAPTCHA v3
Validation is passed if the score value returned by Google is greater than or equal to required score.
Required score value: `0.0 - 1.0`
### Priority of score value
If not defined or zero in current item then value from next item.
1. Value for action in settings `DRF_RECAPTCHA_ACTION_V3_SCORES`
2. Value in argument `required_score` of field
3. Default value in settings `DRF_RECAPTCHA_DEFAULT_V3_SCORE`
4. Default value `0.5`
## Testing
Set `DRF_RECAPTCHA_TESTING=True` in settings, no request to Google, no warnings, `DRF_RECAPTCHA_SECRET_KEY` is not required, set returning verification result in setting below.
`DRF_RECAPTCHA_TESTING_PASS=True|False` - all responses are pass, default `True`.
Use `from django.test import override_settings`
## Credits
[django-recaptcha](https://github.com/praekelt/django-recaptcha)
reCAPTCHA copyright 2012 Google.
Raw data
{
"_id": null,
"home_page": "https://github.com/llybin/drf-recaptcha",
"name": "drf-recaptcha",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.7",
"maintainer_email": "",
"keywords": "django,drf,rest,django-rest-framework,reCAPTCHA,reCAPTCHA v2,reCAPTCHA v3",
"author": "Lev Lybin",
"author_email": "lev.lybin@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/1c/76/79d58c1846e5858ac5c7ffa4b447f20705fcd392187a494770dbe5b4de91/drf-recaptcha-3.0.0.tar.gz",
"platform": null,
"description": "# Django REST reCAPTCHA\n\n**Django REST reCAPTCHA v2 and v3 field serializer**\n\n[](https://github.com/llybin/drf-recaptcha/actions)\n[](https://www.codacy.com/app/llybin/drf-recaptcha?utm_source=github.com&utm_medium=referral&utm_content=llybin/drf-recaptcha&utm_campaign=Badge_Grade)\n[](https://www.codacy.com/app/llybin/drf-recaptcha?utm_source=github.com&utm_medium=referral&utm_content=llybin/drf-recaptcha&utm_campaign=Badge_Coverage)\n[](https://github.com/psf/black)\n[](https://pypi.org/project/drf-recaptcha/)\n[](https://pypi.org/project/drf-recaptcha/)\n[](https://pypi.org/project/drf-recaptcha/)\n\n## Requirements\n\n* Python: 3.7, 3.8, 3.9, 3.10, 3.11\n* Django: 3.2, 4.0, 4.1, 4.2\n* DRF: 3.11, 3.12, 3.13, 3.14\n\n## Installation\n\n1. [Sign up for reCAPTCHA](https://www.google.com/recaptcha/)\n2. Install with `pip install drf-recaptcha`\n3. Add `\"drf_recaptcha\"` to your `INSTALLED_APPS` settings.\n4. Set in settings `DRF_RECAPTCHA_SECRET_KEY`\n\n```python\nINSTALLED_APPS = [\n ...,\n \"drf_recaptcha\",\n ...,\n]\n\n...\n\nDRF_RECAPTCHA_SECRET_KEY = \"YOUR SECRET KEY\"\n```\n\n## Usage\n\n```python\nfrom rest_framework.serializers import Serializer, ModelSerializer\nfrom drf_recaptcha.fields import ReCaptchaV2Field, ReCaptchaV3Field\nfrom feedback.models import Feedback\n\n\nclass V2Serializer(Serializer):\n recaptcha = ReCaptchaV2Field()\n ...\n\nclass GetOTPView(APIView):\n def post(self, request):\n serializer = V2Serializer(data=request.data, context={\"request\": request})\n serializer.is_valid(raise_exception=True)\n ...\n\nclass V3Serializer(Serializer):\n recaptcha = ReCaptchaV3Field(action=\"example\")\n ...\n\nclass V3WithScoreSerializer(Serializer):\n recaptcha = ReCaptchaV3Field(\n action=\"example\",\n required_score=0.6,\n )\n ...\n\nclass GetReCaptchaScore(APIView):\n def post(self, request):\n serializer = V3WithScoreSerializer(data=request.data, context={\"request\": request})\n serializer.is_valid()\n score = serializer.fields['recaptcha'].score\n ...\n\nclass FeedbackSerializer(ModelSerializer):\n recaptcha = ReCaptchaV2Field()\n\n class Meta:\n model = Feedback\n fields = (\"phone\", \"full_name\", \"email\", \"comment\", \"recaptcha\")\n\n def validate(self, attrs):\n attrs.pop(\"recaptcha\")\n ...\n return attrs\n\n \nclass DynamicContextSecretKey(APIView):\n def post(self, request):\n if request.platform == \"android\":\n recaptcha_secret_key = \"SPECIAL_FOR_ANDROID\"\n else:\n recaptcha_secret_key = \"SPECIAL_FOR_IOS\"\n serializer = WithReCaptchaSerializer(\n data=request.data,\n context={\n \"request\": request,\n \"recaptcha_secret_key\": recaptcha_secret_key,\n },\n )\n serializer.is_valid(raise_exception=True)\n ...\n \n\nclass DynamicContextSecretKey(GenericAPIView):\n serializer_class = WithReCaptchaSerializer\n \n def get_serializer_context(self):\n if self.request.platform == \"android\":\n recaptcha_secret_key = \"SPECIAL_FOR_ANDROID\"\n else:\n recaptcha_secret_key = \"SPECIAL_FOR_IOS\"\n context = super().get_serializer_context()\n context.update({\"recaptcha_secret_key\": recaptcha_secret_key})\n return context\n \n\nclass MobileSerializer(Serializer):\n recaptcha = ReCaptchaV3Field(secret_key=\"\")\n ...\n```\n\n## Settings\n\n`DRF_RECAPTCHA_SECRET_KEY` - set your Google reCAPTCHA secret key. Type: str.\n\n`DRF_RECAPTCHA_DEFAULT_V3_SCORE` - by default: `0.5`. Type: float.\n\n`DRF_RECAPTCHA_ACTION_V3_SCORES` - by default: `{}`. Type: dict. You can define specific score for each action e.g. `{\"login\": 0.6, \"feedback\": 0.3}`\n\n`DRF_RECAPTCHA_DOMAIN` - by default: `www.google.com`. Type: str.\n\n`DRF_RECAPTCHA_PROXY` - by default: `{}`. Type: dict. e.g. `{'http': 'http://127.0.0.1:8000', 'https': 'https://127.0.0.1:8000'}`\n\n`DRF_RECAPTCHA_VERIFY_REQUEST_TIMEOUT` - by default: `10`. Type: int.\n\n### Priority of secret_key value\n\n1. settings `DRF_RECAPTCHA_SECRET_KEY`\n2. the argument `secret_key` of field\n3. request.context[\"recaptcha_secret_key\"]\n\n## reCAPTCHA v3\n\nValidation is passed if the score value returned by Google is greater than or equal to required score.\n\nRequired score value: `0.0 - 1.0`\n\n### Priority of score value\n\nIf not defined or zero in current item then value from next item.\n\n1. Value for action in settings `DRF_RECAPTCHA_ACTION_V3_SCORES`\n2. Value in argument `required_score` of field\n3. Default value in settings `DRF_RECAPTCHA_DEFAULT_V3_SCORE`\n4. Default value `0.5`\n\n## Testing\n\nSet `DRF_RECAPTCHA_TESTING=True` in settings, no request to Google, no warnings, `DRF_RECAPTCHA_SECRET_KEY` is not required, set returning verification result in setting below.\n\n`DRF_RECAPTCHA_TESTING_PASS=True|False` - all responses are pass, default `True`.\n\nUse `from django.test import override_settings`\n\n## Credits\n\n[django-recaptcha](https://github.com/praekelt/django-recaptcha)\n\nreCAPTCHA copyright 2012 Google.\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "Django rest framework recaptcha field serializer.",
"version": "3.0.0",
"project_urls": {
"Homepage": "https://github.com/llybin/drf-recaptcha"
},
"split_keywords": [
"django",
"drf",
"rest",
"django-rest-framework",
"recaptcha",
"recaptcha v2",
"recaptcha v3"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "288da53ab9c5fc603f9348c89a0470342089b83aff43f347402d777f25e4858b",
"md5": "2a816ca5dc51720713722a9f2f9d7054",
"sha256": "351d8b1a203841aac540636a1a2d60e1bb5cf62a6e019c873e82b959bc6941fa"
},
"downloads": -1,
"filename": "drf_recaptcha-3.0.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "2a816ca5dc51720713722a9f2f9d7054",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.7",
"size": 9296,
"upload_time": "2023-07-01T15:24:47",
"upload_time_iso_8601": "2023-07-01T15:24:47.228281Z",
"url": "https://files.pythonhosted.org/packages/28/8d/a53ab9c5fc603f9348c89a0470342089b83aff43f347402d777f25e4858b/drf_recaptcha-3.0.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "1c7679d58c1846e5858ac5c7ffa4b447f20705fcd392187a494770dbe5b4de91",
"md5": "3b42982bc1f0bdbbc6a60a913169155d",
"sha256": "30ede1831737bcbdc60a67b41d83fa290bea15f6bf39a6470e9d68057abccd76"
},
"downloads": -1,
"filename": "drf-recaptcha-3.0.0.tar.gz",
"has_sig": false,
"md5_digest": "3b42982bc1f0bdbbc6a60a913169155d",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.7",
"size": 12467,
"upload_time": "2023-07-01T15:24:48",
"upload_time_iso_8601": "2023-07-01T15:24:48.679062Z",
"url": "https://files.pythonhosted.org/packages/1c/76/79d58c1846e5858ac5c7ffa4b447f20705fcd392187a494770dbe5b4de91/drf-recaptcha-3.0.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-07-01 15:24:48",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "llybin",
"github_project": "drf-recaptcha",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "drf-recaptcha"
}
JSON
