Brunobrno/vontor-cz
Template
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5ca62497b173e14a5cd50da0ceb526dc80a76f84
vontor-cz/backend/vontor_cz/turnstile.py
David Bruno Vontor 5ca62497b1 turnstile is working - keep SSL turned of on dev
2026-06-11 11:37:31 +02:00

34 lines
1.1 KiB
Python
Raw Blame History

import logging
import requests
from django.conf import settings
logger = logging.getLogger(__name__)
SITEVERIFY_URL = "https://challenges.cloudflare.com/turnstile/v0/siteverify"
def verify_turnstile(token: str, remote_ip: str | None = None) -> bool:
"""
Verify a Cloudflare Turnstile token against the siteverify API.
Returns True if valid, False otherwise.
If CLOUDFLARE_TURNSTILE_SECRET_KEY is not configured, skips verification (dev bypass).
"""
secret = getattr(settings, "CLOUDFLARE_TURNSTILE_SECRET_KEY", "")
if not secret:
logger.debug("Turnstile: no secret key configured, skipping verification.")
return True
payload = {"secret": secret, "response": token}
if remote_ip:
payload["remoteip"] = remote_ip
try:
resp = requests.post(SITEVERIFY_URL, data=payload, timeout=5)
result = resp.json()
if not result.get("success"):
logger.warning("Turnstile verification failed: %s", result.get("error-codes"))
return bool(result.get("success"))
except Exception as e:
logger.error("Turnstile: siteverify request failed: %s", e)
return False
Reference in New Issue View Git Blame Copy Permalink