Open hndmrsh opened 2 years ago
Okay, I added Google's default testing key. I'm not seeing the red warning message mentioned here though. Not sure why.
The site is using reCAPTCHA v2 because I was getting some weird errors with v3. Not sure if that's something that should be fixed at some point.
Also, at some point I changed around the fields in the "user_profile" table, and I noticed just now that I'm getting some errors with registration and login. I'll open up another issue (#11) regarding writing some unit tests for user registration and login.
In order to run the site locally, any contributors must have the production reCAPTCHA API keys. To prevent this, we should use a different testing set of reCAPTCHA API keys for when the site is running in testing/debug mode - it seems like Google provide a private/public key pair for testing purposes. This pair of API keys can be stored directly in
settings.py
.By doing this, contributors will not need to have the production reCAPTCHA API key at all, simplifying the setup process and increasing security by keeping the prod key private to those who need to be able to deploy to prod.