本文介绍了如何在Django项目中为密码重置功能添加reCAPTCHA验证,以防止垃圾邮件并提高安全性。首先需要在Google注册站点获取reCAPTCHA密钥,然后安装并配置django-recaptcha库,接着自定义表单添加验证码字段,最后更新视图以使用自定义表单。通过这些步骤,可以有效地增强Django网站的安全防护。
django 添加验证码
Recently we implemented a “Forgot your password?” feature in one of our django sites and wanted to protect the mechanism so our users wouldn’t get spammy messages from our servers. As much as we may hate it, forms in our sites usually act as spambots magnets. We need some kind of protection and CAPTCHAs usually do a good job.
最近,我们实施了“忘记密码?” django网站之一中的“邮件”功能,并希望保护该机制,以便我们的用户不会从我们的服务器收到垃圾邮件。 尽管我们讨厌它,但我们站点中的形式通常充当水龙头磁铁。 我们需要某种形式的保护和验证码平时做好。
There are cool tutorials like this one that can help you integrate django-auth views for password reset in your site. In his post we discuss how to add CAPTCHA protection to this mechanism. Our service of choice is reCAPTCHA because of its security and accessibility (plus their cool book digitalization efforts).
像这样的很棒的教程可以帮助您集成django-auth视图以在您的站点中重置密码。 在他的文章中,我们讨论了如何向此机制添加CAPTCHA保护。 我们选择的服务是reCAPTCHA,因为它具有安全性和可访问性(加上出色的图书数字化工作)。
The first step is registering your site in recaptcha to get a key set, for this you will need a Google account (TIP: You can register localhost).
第一步是在Recaptcha中注册您的站点以获得密钥集,为此,您将需要一个Google帐户(提示:您可以注册localhost)。
To connect to ReCAPTCHA from django we used django-recaptcha:
要从django连接到ReCAPTCHA,我们使用django-recaptcha :
sudo easy_install django-recaptchasudo easy_install django-recaptcha
Now we have to add our keys to our settings file. Also, we have to add captcha to our INSTALLED_APPS:
现在,我们必须将密钥添加到我们的设置文件中。 另外,我们必须将验证码添加到我们的INSTALLED_APPS:
Adding captcha validation to any form is as easy as adding a line of code. In our password reset we used one of django’s built-in forms, but that’s not a big deal since we can just subclass it and add a ReCAPTCHA field:
向任何形式添加验证码验证就像添加一行代码一样容易。 在我们的密码重置中,我们使用了django的一种内置形式,但这没什么大不了的,因为我们可以将其子类化并添加一个ReCAPTCHA字段:
Notice that we added an attribute to tweak ReCAPTCHA’s look. There are a lot of possible customizations nicely explained in the docs.
注意,我们添加了一个属性来调整ReCAPTCHA的外观。 在文档中很好地解释了许多可能的自定义。
Finally we we have to tell our view to use our form and not the default one:
最后,我们必须告诉我们要使用表单而不是默认表单的视图:
Notice that, unless you specify it otherwise, this view will use the admin’s password reset template located in registration/password_reset_form.html. Not a problem given you can create a registration folder in your templates directory and replace these templates with your own.
请注意,除非另行指定,否则该视图将使用位于registration / password_reset_form.html中的管理员密码重置模板。 没问题,您可以在模板目录中创建一个注册文件夹,并用自己的模板替换这些模板。
Now, once you finish you may obtain something like this:
现在,一旦完成,您可能会获得以下内容:
翻译自: https://www.pybloggers.com/2012/03/django-adding-captcha-validation-to-your-forms/
django 添加验证码
扫一扫
1192
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
