- Timestamp:
- 7 Dec 2011, 07:18:52 (13 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
main/waeup.sirp/trunk/src/waeup/sirp/browser/captcha.py
r7300 r7303 237 237 ## 238 238 API_SSL_SERVER = "https://www.google.com/recaptcha/api" 239 VERIFY_SERVER = "http://www.google.com" 239 VERIFY_SERVER = "https://www.google.com/recaptcha/api" 240 # Do not use the following keys in productive environments! 241 # As they are both made publicly available, they are not secure any more! 242 # Use them for testing and evaluating only! 240 243 PUBLIC_KEY = "6Lc0y8oSAAAAAHwdojrqPtcKn7Rww5qGprb0rrSk" 241 244 PRIVATE_KEY = "6Lc0y8oSAAAAAMHVbMrGWLLjw2pm8v2Uprwm9AbR" 242 245 243 244 245 class RecaptchaResponse(object): 246 def __init__(self, is_valid, error_code=None): 247 self.is_valid = is_valid 248 self.error_code = error_code 249 return 250 251 class CaptchaTestPage(SIRPPage): 252 grok.name('captcha') 253 grok.context(IUniversity) 254 grok.require('waeup.Public') 255 title = 'Captcha Test' 256 label = title 257 258 def update(self, recaptcha_challenge_field=None, 259 recaptcha_response_field=None): 260 self.error_code = None 261 print "CHAL: ", recaptcha_challenge_field 262 print "RESP: ", recaptcha_response_field 263 print self.request.form.items() 264 verify_result = 'NONE' 265 if recaptcha_challenge_field and recaptcha_response_field: 266 verify_result = self.verify( 267 recaptcha_challenge_field, recaptcha_response_field) 268 print "VERIFY: ", verify_result 269 if verify_result != 'NONE': 270 print " VALID: ", verify_result.is_valid 271 print " ERR: ", verify_result.error_code 272 self.error_code = verify_result.error_code 273 pass 274 275 def verify(self, challenge, solution, private_key=PRIVATE_KEY, 276 remote_ip='127.0.0.1'): 246 class ReCaptcha(StaticCaptcha): 247 248 grok.implements(ICaptcha) 249 250 #: name of solution field in HTTP request 251 sol_field = 'recaptcha_response_field' 252 #: name of challenge field in HTTP request 253 chal_field = 'recaptcha_challenge_field' 254 255 def verify(self, request): 256 form = getattr(request, 'form', {}) 257 solution=form.get(self.sol_field, None) 258 challenge=form.get(self.chal_field, None) 277 259 if not challenge or not solution: 278 return RecaptchaResponse( 279 is_valid=False, error_code='incorrect-captcha-sol') 260 # maybe first display of the captcha: not a valid solution 261 # but no error code to prevent any error messages 262 return CaptchaResponse( 263 is_valid=False) 280 264 params = urllib.urlencode( 281 265 { 282 'privatekey': private_key,283 'remoteip': remote_ip,266 'privatekey': PRIVATE_KEY, 267 'remoteip': '127.0.0.1', 284 268 'challenge': challenge, 285 269 'response': solution, 286 270 }) 287 271 request = urllib2.Request( 288 url = "%s/ recaptcha/api/verify" % VERIFY_SERVER,272 url = "%s/verify" % VERIFY_SERVER, 289 273 data = params, 290 274 headers = { … … 299 283 300 284 if ret_code == "true": 301 return RecaptchaResponse(is_valid=True) 302 return RecaptchaResponse(is_valid=False, error_code=ret_vals[1]) 285 return CaptchaResponse(is_valid=True) 286 return CaptchaResponse(is_valid=False, error_code=ret_vals[1]) 287 288 def display(self, error_code=None): 289 """Display challenge and input field for solution as HTML. 290 """ 291 error_param = '' 292 if error_code: 293 error_param = '&error=%s' % error_code 294 295 html = ( 296 u'<script type="text/javascript" ' 297 u'src="%(ApiServer)s/challenge?k=%(PublicKey)s%(ErrorParam)s">' 298 u'</script>' 299 u'' 300 u'<noscript>' 301 u'<iframe' 302 u' src="%(ApiServer)s/noscript?k=%(PublicKey)s%(ErrorParam)s"' 303 u' height="300" width="500" frameborder="0"></iframe><br />' 304 u'<textarea name="recaptcha_challenge_field"' 305 u' rows="3" cols="40"></textarea>' 306 u'<input type="hidden" name="recaptcha_response_field"' 307 u' value="manual_challenge" />' 308 u'</noscript>' % { 309 'ApiServer' : API_SSL_SERVER, 310 'PublicKey' : PUBLIC_KEY, 311 'ErrorParam' : error_param, 312 } 313 ) 314 return html 315 316 grok.global_utility(ReCaptcha, name=u'ReCaptcha') 317 318 319 class CaptchaTestPage(SIRPPage): 320 grok.name('captcha') 321 grok.context(IUniversity) 322 grok.require('waeup.Public') 323 title = 'Captcha Test' 324 label = title 325 326 def update(self, recaptcha_challenge_field=None, 327 recaptcha_response_field=None): 328 self.captcha = getUtility(ICaptcha, name='ReCaptcha') 329 result = self.captcha.verify(self.request) 330 self.captcha_error = result.error_code 331 print "VERIFY: ", result.is_valid, result.error_code 332 return 303 333 304 334 def render(self): 305 error_param = ''306 if self.error_code:307 error_param = '&error=%s' % self.error_code308 335 return """ 309 336 <form method="POST" action=""> 310 <script type="text/javascript" 311 src="%(ApiServer)s/challenge?k=%(PublicKey)s%(ErrorParam)s"> 312 </script> 313 314 <noscript> 315 <iframe src="%(ApiServer)s/noscript?k=%(PublicKey)s%(ErrorParam)s" 316 height="300" width="500" frameborder="0"></iframe><br /> 317 <textarea name="recaptcha_challenge_field" rows="3" cols="40"></textarea> 318 <input type='hidden' name='recaptcha_response_field' 319 value='manual_challenge' /> 320 </noscript> 337 %s 321 338 <input type="submit" name="SUBMIT" /> 322 339 </form> 323 """ % { 324 'ApiServer' : API_SSL_SERVER, 325 'PublicKey' : PUBLIC_KEY, 326 'ErrorParam' : error_param, 327 } 340 """ % (self.captcha.display(self.captcha_error),)
Note: See TracChangeset for help on using the changeset viewer.