CODEWITHSUNDEEP
djangodjango-admin
ekruten
ekruten

Reputation: 37

Captcha in django admin

Any captcha plugin for django admin?

I want to add this functionality at admin login.

Upvotes: 1

Views: 2976

Answers (3)

Jingo
Jingo

Reputation: 3240

An idea could be to force the /admin to use another login view (http://djangosnippets.org/snippets/2127/). I think youll have to import the login_required decorator in that snippet.

Now you can provide your own login view which implements i.e. recaptcha. You can easily integrate it into your custom login form (http://code.google.com/intl/de-DE/apis/recaptcha/docs/display.html). In your authentication view youll just have to check the returning value from the recaptcha api (it returns "true" or "false" as first part of the string, so split it) like this:

import urllib, urllib2
def recaptcha(request, postdata):
        rc_challenge = postdata.get('recaptcha_challenge_field','')
        rc_user_input = postdata.get('recaptcha_response_field', '').encode('utf-8')
        url = 'http://www.google.com/recaptcha/api/verify'
        values = {'privatekey' : 'XXXXXXXXXXXXXXXXXXXXXXX', 'remoteip': request.META['REMOTE_ADDR'], 'challenge' : rc_challenge, 'response' : rc_user_input,}
        data = urllib.urlencode(values)
        req = urllib2.Request(url, data)
        response = urllib2.urlopen(req)
        result = response.read().split()[0]
        response.close()
        return result

In your view check the following POST data:

def login_view(request, template_name="login.html"):   
if request.method == 'POST':
        postdata = request.POST.copy()
        captcha = recaptcha(request, postdata)
        form = LoginUserForm(request, postdata)
        if captcha == "false":
            return render_to_response(template_name, locals(),
                              context_instance=RequestContext(request))
        if form.is_valid():
        # do authentication here
else:
# just display the login_form on GET request

You can use the variable "captcha" to render an error message in your template, if the user input returned false on the captcha. Youll also have to define your own LoginUserForm to use in a separate custom HTML template.

This is just a littel hacky concept from my head, I think, a more elegant way could be to write a custom captcha widget.

Hope these thoughts may lead to a possible solution.

Upvotes: 2

kosmos342
kosmos342

Reputation: 852

you can override AdminSite class and set your login_form and login_template. But in this case you need to register all your models via your custom AdminSite object.

Upvotes: 3

Frankline
Frankline

Reputation: 41025

Have you looked at Simple Captcha?

Upvotes: 1

Related Questions