If you benefit from web2py hope you feel encouraged to pay it forward by contributing back to society in whatever form you choose!


  • 0
    villas  13 years ago
    I have also tried this variation. I hope using cache.ram is a reasonable idea.
    ### captcha after failed login attempts
    ip = request.env.remote_addr
    num_login_attempts = cache.ram(ip, lambda: 0) or 0
    if num_login_attempts >= 3:
        #api key is for locahost - if not working, get your own
        auth.settings.login_captcha = Recaptcha(request,\
            '6LedxsASAAAAAAqffUEhN_sJ8GYHexLnF4JE3oWn',\
            '6LedxsASAAAAANjQXMAEinriIZCWuvJk-c3Rq-a2' )
    
    def login_attempt(form):
        cache.ram.increment(ip)
        
    auth.settings.login_onvalidation.append(login_attempt)
    
    def login_success(form):
        cache.ram.clear(ip)
    
    auth.settings.login_onaccept.append(login_success)
    ### ends captcha
    
    Regards, David

Commented on:

To limit abuse this slice shows how to use CAPTCHA after a number of unsuccessful login attempts.

Hosting graciously provided by:
Python Anywhere