Added honeypot field validation for signup

StackTipsLab · Dec 19, 2023 · f1cb6eb · f1cb6eb
1 parent 63c305a
commit f1cb6eb
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 10 deletions.
diff --git a/bloggy/forms/signup_form.py b/bloggy/forms/signup_form.py
@@ -1,9 +1,15 @@
+import logging
 from django.contrib.auth.forms import UserCreationForm
-
+from django.core.exceptions import ValidationError
 from bloggy.models import User
+from django import forms
+
+logger = logging.getLogger(__name__)
 
 
 class SignUpForm(UserCreationForm):
+    honeypot = forms.CharField(required=False, widget=forms.HiddenInput)
+
     class Meta:
         model = User
         fields = ('name', 'email', 'password1', 'password2')
@@ -19,6 +25,13 @@ def save(self, commit=True):
             user.save()
         return user
 
+    def clean_honeypot(self):
+        honeypot_value = self.cleaned_data.get('honeypot')
+        if honeypot_value:
+            logger.error("ERROR: Honeypot validation error!")
+            raise ValidationError("Oops! Looks like you're not a human!")
+        return honeypot_value
+
     @staticmethod
     def generate_unique_username(name):
         # Convert the user's name to a lowercase username with underscores

diff --git a/bloggy/settings.py b/bloggy/settings.py
@@ -284,7 +284,6 @@
 CACHE_MIDDLEWARE_SECONDS = CACHE_TTL  # number of seconds to cache a page for (TTL)
 CACHE_MIDDLEWARE_KEY_PREFIX = ''  # should be used if the cache is shared across multiple sites that use the same
 
-
 ENABLE_CACHING = os.getenv("ENABLE_CACHING", "False") == "True"
 if ENABLE_CACHING:
     CACHES = {
@@ -365,4 +364,4 @@ def get_post_types():
             "propagate": False,
         },
     },
-}
+}
diff --git a/bloggy/templates/auth/register.html b/bloggy/templates/auth/register.html
@@ -6,7 +6,8 @@
         <div class="register-wrapper-inner align-items-center">
             <h1 class="display-2 lh-1 fw-normal">Create your free account!</h1>
             <p>
-                Register to get exclusive access to articles, live-demos, or courses, We aim to teach in the ways developers learn best.
+                Register to get exclusive access to articles, live-demos, or courses, We aim to teach in the ways
+                developers learn best.
             </p>
             <form action="{% url 'register' %}"
                   role="form"
@@ -20,7 +21,6 @@ <h1 class="display-2 lh-1 fw-normal">Create your free account!</h1>
                     {{ form.name.errors }}
                 </div>
 
-
                 <div class="form-group">
                     <label for="{{ form.email.id_for_label }}" class="label form-text ">Email</label>
                     {{ form.email|add_class:"form-control" }}
@@ -39,15 +39,20 @@ <h1 class="display-2 lh-1 fw-normal">Create your free account!</h1>
                     {{ form.password2|add_class:"form-control" }}
                     {{ form.password2.errors }}
                 </div>
-                <ul class = "form-errors text-danger list-unstyled my-2">
-                    {% for error in form.non_field_errors %}<li>{{ error }}</li>{% endfor %}
+                {{ form.honeypot|add_class:"hidden" }}
+                <ul class="form-errors text-danger list-unstyled my-2">
+                    {% for error in form.non_field_errors %}
+                        <li>{{ error }}</li>{% endfor %}
                 </ul>
+                {{ form.honeypot.errors }}
                 <p class="form-text text-muted mb-2">
-                    By continuing, you indicate that you have read and agree to stacktips.com's <a href="/terms-of-service">Terms of Service</a> and <a href="/privacy">Privacy Policy</a>.
+                    By continuing, you indicate that you have read and agree to stacktips.com's <a
+                        href="/terms-of-service">Terms of Service</a> and <a href="/privacy">Privacy Policy</a>.
                 </p>
                 <div class="form-group  py-2">
                     <button class="btn btn-md btn-primary  login-btn w-100">Create my account</button>
-                    <a href="{% url 'login' %}" class="mt-3 btn login-btn btn-md btn-secondary w-100">Already registered? Login</a>
+                    <a href="{% url 'login' %}" class="mt-3 btn login-btn btn-md btn-secondary w-100">Already
+                        registered? Login</a>
                 </div>
             </form>
         </div>

diff --git a/bloggy/templates/base-with-header-footer.html b/bloggy/templates/base-with-header-footer.html
@@ -43,7 +43,7 @@
         {% endif %}
         {% block content %}{% endblock content %}
     </main>
-    <footer class="footer mt-auto bg-dark">
+    <footer class="footer mt-auto bg-primary">
         {% include "partials/footer.html" %}
     </footer>
     </body>