| 49 | |
| 50 | |
| 51 | def login_using_recaptcha(request): |
| 52 | # Enter your recaptcha secret key here |
| 53 | secret_key = "secretKey" # noqa: S105 |
| 54 | url = "https://www.google.com/recaptcha/api/siteverify" |
| 55 | |
| 56 | # when method is not POST, direct user to login page |
| 57 | if request.method != "POST": |
| 58 | return render(request, "login.html") |
| 59 | |
| 60 | # from the frontend, get username, password, and client_key |
| 61 | username = request.POST.get("username") |
| 62 | password = request.POST.get("password") |
| 63 | client_key = request.POST.get("g-recaptcha-response") |
| 64 | |
| 65 | # post recaptcha response to Google's recaptcha api |
| 66 | response = httpx.post( |
| 67 | url, data={"secret": secret_key, "response": client_key}, timeout=10 |
| 68 | ) |
| 69 | # if the recaptcha api verified our keys |
| 70 | if response.json().get("success", False): |
| 71 | # authenticate the user |
| 72 | user_in_database = authenticate(request, username=username, password=password) |
| 73 | if user_in_database: |
| 74 | login(request, user_in_database) |
| 75 | return redirect("/your-webpage") |
| 76 | return render(request, "login.html") |