django-contact-form-recaptcha 1.6.0¶
django-contact-form-recaptcha provides customizable contact-form functionality for Django-powered Web sites.
Basic functionality (collecting a name, email address, subject and message) can be achieved out of the box by setting up a few templates and adding one line to your site’s root URLconf:
url(r'^contact/', include('contact_form.urls')),
For notes on getting started quickly, and on how to customize django-contact-form-recaptcha’s behavior, read through the full documentation below.
Originally forked from django-contact-form.
Contents:
Installation guide¶
The 1.6.0 release of django-contact-form-recaptcha supports Django 1.11 and 2.0 on the following Python versions (matching the versions supported by Django itself):
- Django 1.11 supports Python 2.7, 3.4, 3.5, and 3.6.
- Django 2.0 supports Python 3.4, 3.5, and 3.6.
Normal installation¶
The preferred method of installing django-contact-form-recaptcha is via pip,
the standard Python package-installation tool. If you don’t have
pip, instructions are available for how to obtain and install it. If you’re using
Python 2.7.9 or later (for Python 2) or Python 3.4 or later (for
Python 3), pip came bundled with your installation of Python.
Once you have pip, type:
pip install django-contact-form-recaptcha
If you plan to use the included spam-filtering contact form class
AkismetContactForm, you will also need
the Python akismet module. You can manually install it via pip
install akismet, or tell django-contact-form-recaptcha to install it for
you, by running:
pip install django-contact-form-recaptcha[akismet]
If you plan to use the included spam-filtering contact form class
ReCaptchaContactForm, you will also need
the Python django-recaptcha module. You can manually install it via pip
install django-recaptcha, or it is installed by default with
django-contact-form-recaptcha, by running:
pip install django-contact-form-recaptcha
If you do not already have a supported version of Django installed, installing django-contact-form-recaptcha will automatically install the most recent supported version of Django.
Installing from a source checkout¶
If you want to work on django-contact-form-recaptcha, you can obtain a source checkout.
The development repository for django-contact-form-recaptcha is at <https://github.com/maru/django-contact-form-recaptcha>. If you have git installed, you can obtain a copy of the repository by typing:
git clone https://github.com/maru/django-contact-form-recaptcha.git
From there, you can use normal git commands to check out the specific
revision you want, and install it using pip install -e . (the
-e flag specifies an “editable” install, allowing you to change
code as you work on django-contact-form-recaptcha, and have your changes picked
up automatically).
Configuration and use¶
Once you have Django and django-contact-form-recaptcha installed, check out the quick start guide to see how to get your contact form up and running.
Quick start guide¶
First you’ll need to have Django and django-contact-form-recaptcha installed; for details on that, see the installation guide.
Once that’s done, you can start setting up
django-contact-form-recaptcha. Since it doesn’t provide any database models
or use any other application-config mechanisms, you do not need to
add django-contact-form-recaptcha to your INSTALLED_APPS setting; you
can begin using it right away.
URL configuration¶
The quicket way to set up the views in django-contact-form-recaptcha is to use
the provided URLconf, found at contact_form.urls. You can include
it wherever you like in your site’s URL configuration; for example, to
have it live at the URL /contact/:
from django.conf.urls import include, url
urlpatterns = [
# ... other URL patterns for your site ...
url(r'^contact/', include('contact_form.urls')),
]
If you’re using Django 2.0, and want to use the new-style URL configuration, instead you can do:
from django.conf.urls import include, path
urlpatterns = [
# ... other URL patterns for your site ...
path('contact/', include('contact_form.urls')),
]
If you’ll be using a custom form class, you’ll need to manually set up your URLs so you can tell django-contact-form-recaptcha about your form class. For example:
from django.conf.urls import include, url
from django.views.generic import TemplateView
from contact_form.views import ContactFormView
from yourapp.forms import YourCustomFormClass
urlpatterns = [
# ... other URL patterns for your site ...
url(r'^contact/$',
ContactFormView.as_view(
form_class=YourCustomFormClass
),
name='contact_form'),
url(r'^contact/sent/$',
TemplateView.as_view(
template_name='contact_form/contact_form_sent.html'
),
name='contact_form_sent'),
]
Important
Where to put custom forms and views
When writing a custom form class (or custom ContactFormView
subclass), don’t put your custom code inside
django-contact-form-recaptcha. Instead, put your custom code in the
appropriate place (a forms.py or views.py file) in an
application you’ve written.
Required templates¶
The two views above will need two templates to be created:
contact_form/contact_form.html- This is used to display the contact form. It has a
RequestContext(so any context processors will be applied), and also provides the form instance as the context variableform. contact_form/contact_form_sent.html- This is used after a successful form submission, to let the user
know their message has been sent. It has a
RequestContext, but provides no additional context variables of its own.
You’ll also need to create at least two more templates to handle the
rendering of the message: contact_form/contact_form_subject.txt
for the subject line of the email to send, and
contact_form/contact_form.txt for the body (note that the file
extension for these is .txt, not .html!). Both of these will
receive a RequestContext with a set of variables named for the
fields of the form (by default: name, email, title (subject) and body), as
well as one more variable: site, representing the current site
(either a Site or RequestSite instance, depending on whether
Django’s sites framework is
installed).
Warning
Subject must be a single line
In order to prevent header injection attacks, the subject
must be only a single line of text, and Django’s email framework
will reject any attempt to send an email with a multi-line
subject. So it’s a good idea to ensure your
contact_form_subject.txt template only produces a single line
of output when rendered; as a precaution, however,
django-contact-form-recaptcha will split the output of this template at
line breaks, then forcibly re-join it into a single line of text.
Using a spam-filtering contact form¶
Spam filtering is a common desire for contact forms, due to the large amount of spam they can attract. There are two spam-filtering contact form classes included in django-contact-form-recaptcha:
reCAPTCHA¶
ReCaptchaContactForm, which uses the Google reCAPTCHA spam-detection service.To use this form, you will need to do the following things:
- Install the Python
reCAPTCHAmodule to allow django-contact-form-recaptcha to communicate with the reCAPTCHA service. You can do this viapip install django-recaptcha, or as you install django-contact-form-recaptcha viapip install django-contact-form-recaptcha. - Obtain the reCAPTCHA API keys from <https://www.google.com/recaptcha>.
- Supply the API keys for django-contact-form-recaptcha to use. You can
either place them in the Django settings
RECAPTCHA_PUBLIC_KEYandRECAPTCHA_PRIVATE_KEY, or in the environment variablesPYTHON_RECAPTCHA_PUBLIC_KEYandPYTHON_RECAPTCHA_PRIVATE_KEY.
Then you can replace the suggested URLconf above with the following:
from django.conf.urls import include, url urlpatterns = [ # ... other URL patterns for your site ... url(r'^contact/', include('contact_form.recaptcha_urls')), ]
- Install the Python
Contact form classes¶
There are three contact-form classes included in django-contact-form-recaptcha; one provides all the infrastructure for a contact form, and will usually be the base class for subclasses which want to extend or modify functionality. The other two are subclasses which add spam filtering to the contact form.
The ContactForm class¶
-
class
contact_form.forms.ContactForm¶ The base contact form class from which all contact form classes should inherit.
If you don’t need any customization, you can use this form to provide basic contact-form functionality; it will collect name, email address, subject and message.
The
ContactFormViewincluded in this application knows how to work with this form and can handle many types of subclasses as well (see below for a discussion of the important points), so in many cases it will be all that you need. If you’d like to use this form or a subclass of it from one of your own views, here’s how:- When you instantiate the form, pass the current
HttpRequestobject as the keyword argumentrequest; this is used internally by the base implementation, and also made available so that subclasses can add functionality which relies on inspecting the request (such as spam filtering). - To send the message, call the form’s
savemethod, which accepts the keyword argumentfail_silentlyand defaults it toFalse. This argument is passed directly to Django’ssend_mail()function, and allows you to suppress or raise exceptions as needed for debugging. Thesavemethod has no return value.
Other than that, treat it like any other form; validity checks and validated data are handled normally, through the
is_valid()method and thecleaned_datadictionary.Under the hood, this form uses a somewhat abstracted interface in order to make it easier to subclass and add functionality.
The following attributes play a role in determining behavior, and any of them can be implemented as an attribute or as a method (for example, if you wish to have
from_emailbe dynamic, you can implement a method namedfrom_email()instead of setting the attributefrom_email):-
from_email¶ The email address to use in the
From:header of the message. By default, this is the value of the settingDEFAULT_FROM_EMAIL.
-
recipient_list¶ The list of recipients for the message. By default, this is the email addresses specified in the setting
MANAGERS.
-
subject_template_name¶ The name of the template to use when rendering the subject line of the message. By default, this is
contact_form/contact_form_subject.txt.
-
template_name¶ The name of the template to use when rendering the body of the message. By default, this is
contact_form/contact_form.txt.
And two methods are involved in producing the contents of the message to send:
-
message()¶ Returns the body of the message to send. By default, this is accomplished by rendering the template name specified in
template_name.
-
subject()¶ Returns the subject line of the message to send. By default, this is accomplished by rendering the template name specified in
subject_template_name.
Finally, the message itself is generated by the following two methods:
-
get_message_dict()¶ This method loops through
from_email,recipient_list,message()andsubject(), collecting those parts into a dictionary with keys corresponding to the arguments to Django’ssend_mailfunction, then returns the dictionary. Overriding this allows essentially unlimited customization of how the message is generated. Note that for compatibility, implementations which override this should support callables for the values offrom_emailandrecipient_list.
-
get_context()¶ For methods which render portions of the message using templates (by default,
message()andsubject()), generates the context used by those templates. The default context will be aRequestContext(using the current HTTP request, so user information is available), plus the contents of the form’scleaned_datadictionary, and one additional variable:site- If
django.contrib.sitesis installed, the currently-activeSiteobject. Otherwise, aRequestSiteobject generated from the request.
Meanwhile, the following attributes/methods generally should not be overridden; doing so may interfere with functionality, may not accomplish what you want, and generally any desired customization can be accomplished in a more straightforward way through overriding one of the attributes/methods listed above.
-
request¶ The
HttpRequestobject representing the current request. This is set automatically in__init__(), and is used both to generate aRequestContextfor the templates and to allow subclasses to engage in request-specific behavior.
-
save()¶ If the form has data and is valid, will send the email, by calling
get_message_dict()and passing the result to Django’ssend_mailfunction.
Note that subclasses which override
__init__orsave()need to accept*argsand**kwargs, and pass them viasuper, in order to preserve behavior (each of those methods accepts at least one additional argument, and this application expects and requires them to do so).- When you instantiate the form, pass the current
The ReCaptcha (spam-filtering) contact form class¶
-
class
contact_form.forms.ReCaptchaContactForm¶ A subclass of
ContactFormwhich adds spam filtering, via the Google reCAPTCHA spam-detection service.Use of this class requires you to provide configuration for the reCAPTCHA web service; you’ll need to obtain the reCAPTCHA API keys. You can do this at <https://www.google.com/recaptcha>. Once you have, you can configure in either of two ways:
- Put your reCAPTCHA API keys in the Django settings
RECAPTCHA_PUBLIC_KEYandRECAPTCHA_PRIVATE_KEY, or - Put your reCAPTCHA API keys in the environment variables
PYTHON_RECAPTCHA_PUBLIC_KEYandPYTHON_RECAPTCHA_PRIVATE_KEY.
You will also need the Python reCAPTCHA module to communicate with the reCAPTCHA web service. You can install it by running
pip install django-recaptcha, or django-contact-form-recaptcha installs it automatically for you when you runpip install django-contact-form-recaptcha.Once you have the reCAPTCHA API keys configured, and the
django-recaptchamodule installed, you can drop inReCaptchaContactFormanywhere you would have usedContactForm. For example, you could define a view (subclassingContactFormView) like so, and then point a URL at it:from contact_form.forms import ReCaptchaContactForm from contact_form.views import ContactFormView class ReCaptchaContactFormView(ContactFormView): form_class = ReCaptchaContactForm
Or directly specify the form in your URLconf:
from django.conf.urls import url from contact_form.forms import ReCaptchaContactForm from contact_form.views import ContactFormView urlpatterns = [ # other URL patterns... url(r'^contact-form/$', ContactForm.as_view( form_class=ReCaptchaContactForm ), name='contact_form'), ]
- Put your reCAPTCHA API keys in the Django settings
Built-in views¶
-
class
contact_form.views.ContactFormView¶ The base view class from which most custom contact-form views should inherit. If you don’t need any custom functionality, and are content with the default
ContactFormclass, you can also use it as-is (and the provided URLConf,contact_form.urls, does exactly this).This is a subclass of Django’s FormView, so refer to the Django documentation for a list of attributes/methods which can be overridden to customize behavior.
One non-standard attribute is defined here:
-
recipient_list¶ The list of email addresses to send mail to. If not specified, defaults to the
recipient_listof the form.
Additionally, the following standard (from
FormView) methods and attributes are commonly useful to override (all attributes below can also be passed toas_view()in the URLconf, permitting customization without the need to write a full custom subclass ofContactFormView):-
form_class¶ The form class to use. By default, will be
ContactForm. This can also be overridden as a method namedform_class(); this permits, for example, per-request customization (by inspecting attributes ofself.request).
-
template_name¶ The template to use when rendering the form. By default, will be
contact_form/contact_form.html.
-
get_success_url()¶ The URL to redirect to after successful form submission. By default, this is the named URL
contact_form.sent. In the default URLconf provided with django-contact-form-recaptcha, that URL is mapped toTemplateViewrendering the templatecontact_form/contact_form_sent.html.
-
get_form_kwargs()¶ Returns additional keyword arguments (as a dictionary) to pass to the form class on initialization.
By default, this will return a dictionary containing the current
HttpRequest(as the keyrequest) and, ifrecipient_listwas defined, its value (as the keyrecipient_list).Warning
If you override
get_form_kwargs(), you must ensure that, at the very least, the keyword argumentrequestis still provided, orContactForminitialization will raiseTypeError. The easiest approach is to usesuper()to call the base implementation inContactFormView, and modify the dictionary it returns.
-
Frequently asked questions¶
The following notes answer some common questions, and may be useful to you when installing, configuring or using django-contact-form-recaptcha.
What versions of Django and Python are supported?¶
As of django-contact-form-recaptcha 1.6.0, Django 1.11 and 2.0 are supported, on Python 2.7 (Django 1.11 only), 3.4, 3.5, or 3.6.
What license is django-contact-form-recaptcha under?¶
django-contact-form-recaptcha is offered under a three-clause BSD-style
license; this is an OSI-approved open-source license, and allows you
a large degree of freedom in modifiying and redistributing the
code. For the full terms, see the file LICENSE which came with
your copy of django-contact-form-recaptcha; if you did not receive a copy of
this file, you can view it online at
<https://github.com/maru/django-contact-form-recaptcha/blob/master/LICENSE>.
Why am I getting a bunch of BadHeaderError exceptions?¶
Most likely, you have an error in your
ContactForm subclass. Specifically, one
or more of from_email,
recipient_list or
subject() are returning values
which contain newlines.
As a security precaution against email header injection attacks (which
allow spammers and other malicious users to manipulate email and
potentially cause automated systems to send mail to unintended
recipients), Django’s email-sending framework does not permit
newlines in message headers.
BadHeaderError is the exception Django raises when a newline is
detected in a header.
Note that this only applies to the headers of an email message; the message body can (and usually does) contain newlines.
I found a bug or want to make an improvement!¶
The canonical development repository for django-contact-form-recaptcha is online at <https://github.com/maru/django-contact-form-recaptcha>. Issues and pull requests can both be filed there.
If you’d like to contribute to django-contact-form-recaptcha, that’s great! Just please remember that pull requests should include tests and documentation for any changes made, and that following PEP 8 is mandatory. Pull requests without documentation won’t be merged, and PEP 8 style violations or test coverage below 100% are both configured to break the build.