flask-session-captcha
Advanced tools
A captcha implemention for flask using flask-session and captcha packages. Each captcha challenge answer is saved in the server side session of the challenged client. Support for different types of captchas such as numeric/letter/symbol captchas.
flask-sessionstore to flask-session. Added functionality for alphabetic and punctuation characters to be included in the captcha (thanks @alisharify7). Support moved to python 3.8, 3.9, 3.10, 3.11.import uuid
import logging
from flask import Flask, request, render_template
from flask_session import Session
from flask_session_captcha import FlaskSessionCaptcha
app = Flask(__name__)
app.config["SECRET_KEY"] = uuid.uuid4().hex
# captcha configs:
app.config['CAPTCHA_ENABLE'] = True
app.config['CAPTCHA_LENGTH'] = 5
app.config['CAPTCHA_WIDTH'] = 200
app.config['CAPTCHA_HEIGHT'] = 160
# app.config['CAPTCHA_LOG'] = False # log information to terminal
# app.config['CAPTCHA_INCLUDE_ALPHABET'] = False
# app.config['CAPTCHA_INCLUDE_NUMERIC'] = True
# app.config['CAPTCHA_INCLUDE_PUNCTUATION'] = False
# app.config['CAPTCHA_SESSION_KEY'] = 'captcha_image' # In case you want to use another key in your session to store the captcha
# session config
app.config['SESSION_TYPE'] = 'redis' # or other type of drivers for session, see https://flask-session.readthedocs.io/en/latest/
Session(app)
captcha = FlaskSessionCaptcha(app)
@app.route('/', methods=['POST','GET'])
def some_route():
if request.method == "POST":
if captcha.validate():
return "captcha validated successfully"
else:
return "invalid captcha/answer"
return render_template("form.html")
if __name__ == "__main__":
app.run(debug=True)
Template can look as follows. captcha.validate() will be default try to validate against a form input with name "captcha".
<form method="POST">
{{ captcha() }} <!-- This renders an <img> tag with the captcha img. -->
<input type="text" name="captcha">
<input type="submit">
</form>
It can also take a css_class argument to add classes to the generated DOM:
<form method="POST">
{{ captcha(css_class="captcha") }}
<input type="text" name="captcha">
<input type="submit">
</form>
You can also override settings for the captcha contents itself, via include_alphabet, include_numeric and include_punctuation.
Like so:
<form method="POST">
{{ captcha(include_alphabet=True) }}
<input type="text" name="captcha">
<input type="submit">
</form>
FAQs
Captcha implementation for flask and flask-session.
We found that flask-session-captcha demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.