EU CAPTCHA for Django

Frequently Asked Questions

• How do I add EU CAPTCHA to a Django form?

  Install the EU CAPTCHA Django module via pip and add it to INSTALLED_APPS in settings.py. Configure EU_CAPTCHA_SITEKEY and EU_CAPTCHA_SECRET_KEY. Add the EU CAPTCHA field to your Form or ModelForm class, include the widget in your template using the provided template tag, and the module handles token verification automatically during form validation.

• Is there an official EU CAPTCHA Django module?

  Yes. EU CAPTCHA provides an official Django module installable via pip. It integrates with Django's form validation system, provides a custom form field and widget, and automatically verifies the CAPTCHA token as part of the standard form.is_valid() flow. It supports Django 3.2 and later.

• Does EU CAPTCHA work with Django's class-based views?

  Yes. EU CAPTCHA works with Django's class-based views including FormView, CreateView, and UpdateView. Add the EU CAPTCHA field to your form class and the module performs token verification automatically when form_valid is called. No additional view-level code is required if you use the Django form integration.

• How do I verify a CAPTCHA token manually in a Django function-based view?

  If you prefer manual verification, read request.POST.get('eu-captcha-response') in your view, call the EU CAPTCHA Python client's verify method with your secret key and the token, and return an appropriate error response if verification fails. This approach works with or without the Django form integration module.

• Can EU CAPTCHA be used with Django REST Framework?

  Yes. For DRF API views, read the eu-captcha-response value from request.data in your APIView or ViewSet. Call the EU CAPTCHA Python client to verify the token and return a Response with HTTP_400_BAD_REQUEST if verification fails. You can also create a custom DRF permission class or serializer validator to encapsulate the CAPTCHA check.

• How do I protect Django's login and registration forms with EU CAPTCHA?

  For Django's built-in authentication forms, subclass AuthenticationForm and UserCreationForm to add the EU CAPTCHA field. Override the clean method to include the token verification step. Point Django's login and registration views to your custom form classes using the form_class parameter or by overriding the view's get_form_class method.

• Is EU CAPTCHA GDPR compliant for Django applications?

  Yes. EU CAPTCHA is operated by an EU-based company, is hosted entirely in Germany, and does not rely on US cloud providers or infrastructure subject to US surveillance laws. The service processes only the data necessary to provide and verify the CAPTCHA (such as IP address and technical browser or device information) in line with the requirements of the GDPR. Your organization remains responsible for providing transparent privacy information, selecting an appropriate legal basis, and obtaining any required consent for your specific Django implementation. This information does not constitute legal advice; please consult your legal counsel for an assessment of your individual case.