Closed daviddjh closed 3 years ago
This LGTM
The "secret key" provided in the latest commit Add secret recaptcha key to conf.py.dist and request handler
isn't our actual secret recaptcha key. It is a test key provided by the recaptcha FAQ page ment for testing the recaptcha box. Our actual secret key is stored in an ansible vault and will be placed into the production conf.py upon deployment.
This adds a check for a valid form recaptcha attempt before sending an email. It contacts Google's servers with our secret key and the form provided attempt key. As a responds, google sends back whether the attempt was a success or not. Depending on the recaptcha success, the email is sent.