shuckc
commented
3 years ago I've had another go at this on #19 which leaves the flow through the ReCaptchaField clean method mostly unchanged and removes the mock result. Perhaps that is better.
Closed shuckc closed 3 years ago
shuckc
commented
3 years ago I've had another go at this on #19 which leaves the flow through the ReCaptchaField clean method mostly unchanged and removes the mock result. Perhaps that is better.
kbytesys
commented
3 years ago I think we can close this pr :P Do you agree?
shuckc
commented
3 years ago Yes closing, the other approach is fine by me.
Expose the
score,actionandhostnamethat come from the server during validation as the FormField'scleaned_dataattribute. Emphasise that whilst we can make a bot/human decision by settingscore_thresholdorRECAPTCHA_SCORE_THRESHOLD, it is perfectly fine to use this module just to retrieve/record the scores for later processing.Changes to unit test and README to cover these cases. The raw client-provided token has no real value ending up in the form's
cleaned_data, and there were no tests broken by removing it.Additionally, I've made it so that setting
RECAPTCHA_DISABLEreturns a mocked response including{score: 0.5}and running this through the validation logic/decision making, which makes it possible to simulate both success and failure in unit tests by changing the desiredscore_threshold.To try this out, put this in
requirements.txt: