Changeset 7306 for main


Ignore:
Timestamp:
7 Dec 2011, 16:30:56 (13 years ago)
Author:
uli
Message:

Tell a bit about ReCaptcha?.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • main/waeup.sirp/trunk/src/waeup/sirp/browser/captcha.py

    r7305 r7306  
    245245    http://www.google.com/recaptcha.
    246246
    247     ReCaptcha is widely used and adopted in web applications
     247    ReCaptcha is widely used and adopted in web applications. See the
     248    above web page to learn more about recaptcha.
     249
     250    Basically, it generates a captcha box in a page loaded by a
     251    client. The client can then enter a solution for a challenge
     252    picture (or audio file) and send the solution back to our server
     253    along with the challenge string generated locally on the client.
     254
     255    This component then verifies the entered solution deploying the
     256    private key set by asking a verification server. The result (valid
     257    or invalid solution) is then returned to any calling component.
     258
     259    As any captcha-component, :class:`ReCaptcha` can be used by any
     260    other component that wants to display/verify captchas.
     261
     262    To incorporate captcha usage in a view, page, or viewlet, the
     263    following steps have to be performed:
     264
     265    * get the currently site-wide selected captcha type by doing::
     266
     267        mycaptcha = getUtility(ICaptchaChooser).getCaptcha()
     268
     269    * if you want a specific captcha type (like ReCaptcha)::
     270
     271        mycaptcha = getUtility(ICaptcha, name='ReCaptcha')
     272
     273    Now, as you have a captcha, you can verify sent data by doing::
     274
     275        result = mycaptcha.verify(self.request)
     276
     277    where ``self.request`` should be the sent HTTP request and
     278    ``result`` will be an instance of class:``CaptchaResponse``. The
     279    response will contain an error code (``result.error_code``) that
     280    might be ``None`` but can (and should) be passed to the
     281    :meth:``display`` method to display error messages in the captcha
     282    box. The error code is most probably not a human readable string
     283    but some code you shouldn't rely upon.
     284
     285    All this could be done in the ``update()`` method of a view, page,
     286    or viewlet.
     287
     288    To render the needed HTML code, you can deploy the
     289    :meth:`display`` method of ``mycaptcha``.
    248290    """
    249291
     
    262304
    263305    def verify(self, request):
     306        """Grab challenge/solution from HTTP request and verify it.
     307
     308        Verification happens against recaptcha remote API servers. It
     309        only happens, when really a solution was sent with the
     310        request.
     311
     312        Returns a :class:`CaptchaResponse` indicating that the
     313        verification failed or succeeded.
     314        """
    264315        form = getattr(request, 'form', {})
    265316        solution=form.get(self.sol_field, None)
    266317        challenge=form.get(self.chal_field, None)
    267318        if not challenge or not solution:
    268             # maybe first display of the captcha: not a valid solution
    269             # but no error code to prevent any error messages
     319            # Might be first-time display of the captcha: not a valid
     320            # solution but no error code to prevent any error
     321            # messages. Skip further verification.
    270322            return CaptchaResponse(
    271323                is_valid=False)
     
    296348    def display(self, error_code=None):
    297349        """Display challenge and input field for solution as HTML.
     350
     351        Returns the HTML code to be placed inside an existing ``<form>``
     352        of your page. You can add other fields and should add a submit
     353        button to send the form.
     354
     355        The ``error_code`` can be taken from a previously fetched
     356        :class:``CaptchaResponse`` instance (as returned by
     357        :meth:``verify``). If it is not ``None``, it might be
     358        displayed inside the generated captcha box (in human readable
     359        form).
    298360        """
    299361        error_param = ''
     
    326388
    327389class CaptchaTestPage(SIRPPage):
     390    # A test page to see a captcha in action
    328391    grok.name('captcha')
    329392    grok.context(IUniversity)
Note: See TracChangeset for help on using the changeset viewer.