CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl/pypi-django-recaptcha

Django form field and widget integration for Google reCAPTCHA services, supporting reCAPTCHA V2 and V3.

Pending
Overview
Eval results
Files

configuration.mddocs/

Configuration and Settings

Django settings integration, constants, and system validation for reCAPTCHA configuration. Provides development support with test keys, comprehensive Django settings integration, and system checks for production readiness.

Capabilities

Django Settings Integration

The package integrates with Django's settings system for global configuration. All settings are optional and have sensible defaults for development.

# Django settings.py configuration
RECAPTCHA_PUBLIC_KEY = "your_site_key_here"
RECAPTCHA_PRIVATE_KEY = "your_secret_key_here"
RECAPTCHA_DOMAIN = "www.google.com"  # or "www.recaptcha.net" for global access
RECAPTCHA_PROXY = {
    'http': 'http://proxy.example.com:8080',
    'https': 'https://proxy.example.com:8080'
}
RECAPTCHA_VERIFY_REQUEST_TIMEOUT = 10  # seconds
RECAPTCHA_REQUIRED_SCORE = 0.5  # Default V3 score threshold

Test Keys and Development Support

Constants providing Google's official test keys for development and testing environments.

TEST_PUBLIC_KEY = "6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI"
"""
Google's official test public key.
Always passes reCAPTCHA validation without showing challenges.
"""

TEST_PRIVATE_KEY = "6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe"
"""
Google's official test private key.
Paired with test public key for development environments.
"""

DEFAULT_RECAPTCHA_DOMAIN = "www.google.com"
"""
Default API domain for reCAPTCHA requests.
Can be changed to www.recaptcha.net for global accessibility.
"""

Django App Configuration

App configuration class providing Django integration and system check registration.

class DjangoRecaptchaConfig(AppConfig):
    """
    Django app configuration for django-recaptcha.
    
    Registers system checks for production readiness validation.
    """
    name = "django_recaptcha"
    verbose_name = "Django reCAPTCHA"
    
    def ready(self):
        """
        Called when Django app is ready.
        
        Registers security system checks for reCAPTCHA configuration.
        """

System Checks

Function that validates reCAPTCHA configuration and warns about test key usage in production.

def recaptcha_key_check(app_configs, **kwargs):
    """
    Django system check for reCAPTCHA key configuration.
    
    Validates that production keys are used instead of Google's test keys.
    
    Parameters:
    - app_configs: Django app configurations
    - **kwargs: Additional system check parameters
    
    Returns:
    list[checks.Error]: List of configuration errors found
    
    Generates:
    - django_recaptcha.recaptcha_test_key_error: When test keys detected
    """

Settings Reference

Required Settings

For production use, configure your reCAPTCHA keys:

# Required for production
RECAPTCHA_PUBLIC_KEY = "6Lc..."  # Your site key from Google
RECAPTCHA_PRIVATE_KEY = "6Lc..."  # Your secret key from Google

Optional Settings

Additional configuration options for customization:

# API Configuration
RECAPTCHA_DOMAIN = "www.recaptcha.net"  # Alternative domain for global access
RECAPTCHA_VERIFY_REQUEST_TIMEOUT = 15   # API request timeout in seconds

# Proxy Configuration
RECAPTCHA_PROXY = {
    'http': 'http://proxy.company.com:8080',
    'https': 'https://proxy.company.com:8080'
}

# V3 Configuration
RECAPTCHA_REQUIRED_SCORE = 0.7  # Default minimum score for V3 validation

Settings Validation

The package validates settings types at import time:

  • RECAPTCHA_DOMAIN: Must be string
  • RECAPTCHA_PRIVATE_KEY: Must be string
  • RECAPTCHA_PROXY: Must be dictionary
  • RECAPTCHA_PUBLIC_KEY: Must be string
  • RECAPTCHA_VERIFY_REQUEST_TIMEOUT: Must be integer

System Checks

Production Readiness Check

The package includes a Django system check that warns when test keys are used:

# Check ID: django_recaptcha.recaptcha_test_key_error
# Level: ERROR
# Message: RECAPTCHA_PRIVATE_KEY or RECAPTCHA_PUBLIC_KEY is making use
#          of the Google test keys and will not behave as expected in a
#          production environment

Silencing Checks

To silence the system check (not recommended), add to settings:

SILENCED_SYSTEM_CHECKS = ['django_recaptcha.recaptcha_test_key_error']

Usage Examples

Basic Configuration

# settings.py
INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'django_recaptcha',  # Add to INSTALLED_APPS
]

# reCAPTCHA configuration
RECAPTCHA_PUBLIC_KEY = '6Lc_your_site_key_here'
RECAPTCHA_PRIVATE_KEY = '6Lc_your_secret_key_here'

Development Configuration

# settings.py - Development
DEBUG = True

# No need to set reCAPTCHA keys - will use test keys automatically
# Test keys always pass validation without user interaction

Production Configuration

# settings.py - Production
DEBUG = False

# Production reCAPTCHA keys (required)
RECAPTCHA_PUBLIC_KEY = os.environ.get('RECAPTCHA_PUBLIC_KEY')
RECAPTCHA_PRIVATE_KEY = os.environ.get('RECAPTCHA_PRIVATE_KEY')

# Optional: Custom domain for global access
RECAPTCHA_DOMAIN = 'www.recaptcha.net'

# Optional: Proxy configuration
RECAPTCHA_PROXY = {
    'http': os.environ.get('HTTP_PROXY'),
    'https': os.environ.get('HTTPS_PROXY')
}

Enterprise Configuration

# settings.py - Enterprise environment
RECAPTCHA_PUBLIC_KEY = '6Lc_enterprise_site_key'
RECAPTCHA_PRIVATE_KEY = '6Lc_enterprise_secret_key'

# Proxy configuration for corporate network
RECAPTCHA_PROXY = {
    'http': 'http://corporate-proxy.company.com:8080',
    'https': 'https://corporate-proxy.company.com:8080'
}

# Increased timeout for slower networks
RECAPTCHA_VERIFY_REQUEST_TIMEOUT = 30

# Stricter V3 scoring
RECAPTCHA_REQUIRED_SCORE = 0.8

Multi-environment Configuration

# settings/base.py
INSTALLED_APPS = [
    # ... other apps
    'django_recaptcha',
]

# settings/development.py
from .base import *
# Uses test keys automatically

# settings/staging.py  
from .base import *
RECAPTCHA_PUBLIC_KEY = '6Lc_staging_site_key'
RECAPTCHA_PRIVATE_KEY = '6Lc_staging_secret_key'

# settings/production.py
from .base import *
RECAPTCHA_PUBLIC_KEY = os.environ['RECAPTCHA_PUBLIC_KEY']
RECAPTCHA_PRIVATE_KEY = os.environ['RECAPTCHA_PRIVATE_KEY']
RECAPTCHA_DOMAIN = 'www.recaptcha.net'

Runtime Key Configuration

# Override keys per field instance
from django_recaptcha.fields import ReCaptchaField

class SpecialForm(forms.Form):
    # Use different keys for specific forms
    captcha = ReCaptchaField(
        public_key='6Lc_special_public_key',
        private_key='6Lc_special_private_key'
    )

Install with Tessl CLI

npx tessl i tessl/pypi-django-recaptcha

docs

client-api.md

configuration.md

form-fields.md

index.md

widgets.md

tile.json