Mä chiqap dirección de correo electrónico ukax mä punkuw directa comunicación ukar utt’ayañataki, leads ukanakar uñstayañataki, aljañanak jikxatañataki, privado invitaciones ukanakax comunidades en línea ukar puriñatakiwa, ukat juk’ampinaka, jan yäqañakiti kunatix medios sociales ukanakax mayjt’askiwa. Tecnología tuqin evoluciones tuqiw correo electrónico ukax wali yant’ata ukat chiqpach thakhiw conectar. Jiwasax kunaymaninak jan ch’amäñapatakiw sarañäni ukatx janiw zero ukhat codificañ munktanti kunatix Python ukax utjki uka módulos ukaniwa codificación jank’ak lurañ yanapt’añataki.  Nayax aljirinakaruw formularios de inscripción correo electrónico ukanak lurañ mayipxitu, jupanakan yänakap uñt’ayañataki, ukampis janiw khitis uka aljirinakatxa sapa phaxsi qullqi churañ munapkänti, mä servicio fuera de estante 3r partido ukataki, ukatwa formularios de contacto personalizados ukanakamp qullqip qhispiyawayta ukax wiñayatakiw apnaqapxaspa. Nayax ukhamarakiw yanapt’apxiristam qalltañataki, cliente, qhathunak lurañataki, jan ukax taqi kunat sipansa, spam ukar jisk’achañataki.  Akax khitinakatix Python ukan codificañ yatiqañ munapki jupanakatakiwa ukat qalltirinakatakix wali askiwa, jupanakax inas jan seguridad tuqit amuyt’apkchiti, kunjamakitix filtrar usuarios ukan mantañapataki, correo electrónico ukar chiqanchañataki, ukat correo electrónico doble opt-ins ukar chiqanchañataki. Aka yatichäwinx 1-3 t’aqa lurawinakatw uñakipt’añäni:  Usuario ukan mantañapatakix mä chiqap correo electrónico ukar filtraña  Doble opt-in ukax qillqt’atawa  Bot/spam ukat jark’aqasiñataki  Janiw 3r partidos servicios ukar atinisiñasäkiti kunjamakitix Auth0, Facebook, jan ukax Google ukax app ukat servicios ukar mantañataki ukax kuna pachas jist’antasispa jan ukax datos ukar uñt’ayasispa.  ¡App ukan datos ukanakax jumanakankiwa!  Qalltañatakix,   . Akax juk’amp kusiskañawa (inas) WordPress apnaqañat sipansa, CMS ukax juk’amp uñt’atawa. Mä juk’a WordPress plugin ukar qullqi churañaw wakisispa, ukhamat pachpa capacidad ukaniñataki, mä extensión de Flask gratuita ukar uñtasita. Nayax nayraqat Wordpress (PHP) ukan lurawayta ukatx Python Flask ukax web apps ukatakix juk’amp askiwa Wordpress ukax web apps lurañatakix wali ch’amaniwa. Python ukan mä juk’a yatxatañaw wakisi kunatix Flask marco ukax MySQL ukan mä base de datos ukamp apnaqañapawa  Jiwasax utjki uka Python módulos ukanak apnaqañäni, ukax apnaqirin mantawipar q’umachañ jan ch’amäki, mä chiqanchañ enlace uñstayaña, ukat base de datos ukamp aruskipt’aña.  Sapa codigo fragmento ukax qhananchatawa ukatx mä qawqha amuyunakax codigo ukan uñt’ayatarakiniwa. Janitï apnaqir qillqantayañ lurapkta jan ukax manqhan irnaqawip yatipksta ukhax nayax jumatakix detalles ukanakat qhanañcht’apxäma, ukatx qhipa código tukuyan uñjapxasma (janiw nayrar sartañakiti).  Akax mä jisk’a uñacht’äwiwa, kuna lurawinakas phuqhañäni kunjamatix nayrïr t’aqax sisktan ukhama:    uñakipataspawa, mä expresión regular jan ukax mä extensión Flask ukampiw apnaqirit mantañ cadena ukar uñakipt’asa. Janiw aleatorio texto jan ukax SQL inyección tipo hacks ukanakax jaysatäkaniti. Mä chiqap correo electrónico ukax    katuqirix permiso churañapatakiw mayi, jupanakarux correo electrónico tuqiw mä enlace de validación ukax bandeja de entrada ukar katuqasa. Ukax jilpachax yaqha jaqin correo electrónico ukar jan apnaqañapatakiw apnaqasi. Ukax yant’äw apnaqirinakaruw jark’araki, jupanakax mäkiw qillqantasipxi ukat cuentanakap jaytapxi. Doble opt-in ukax    mä imantat chiqampiw lurasispa, ukax janiw apnaqirir uñacht’ayatakiti ukampis jilpachax auto-llenado ukhamawa, bots ukanakax formularios de inscripción vulnerables ukanakatakiw rastreo lurapxi, ukampis janiw mä "captcha" ukham atiniskañjamakiti, mä servicio 3r partido ukan. Bot jark’aqawix  Codificación qalltañäni. Mä irnaqawi directorio luraña:   mkdir signup cd signup  Python ukan pachap lurañax   jan ukax   lurasi. Nayax conda ukarux juk’amp munta, ukat juk’amp yatxatañ munsta ukhax Python environments ukan qillqatax uñakipt’asmawa. python3 -m venv signup conda create -n double-opt-contact python3  Aka dependencias ukanakax utt’ayatawa:    Jan ukax, pachpa dependencias ukanakax   qillqatan uñt’ayatawa ukatx   phuqhañapawa pip flask flask-mail secure SQLAlchemy Flask-WTF Flask-SQLAlchemy mysql-connector-python bleach requirements.txt pip install -r requirements.txt    qillqat lurañax aka dependencias ukanakamp chikancht’atawa: app.py   from flask import Flask, render_template, request, url_for, redirect, flash from flask_mail import Mail, Message from datetime import datetime from flask_sqlalchemy import SQLAlchemy from sqlalchemy.sql import func from itsdangerous import URLSafeTimedSerializer, SignatureExpired import secrets import bleach  App objeto ukax plantilla carpeta ukan uñstayatapampiw qalltaña:   app = Flask(__name__, template_folder='templates')  Aka chimpunakampi apnaqasa servidor configuración ukan yatiyawinakap qillqt’añamawa:   secret = secrets.token_urlsafe(32) app.secret_key = secret app.config['SECRET_KEY'] = secret # auto-generated secret key # SQLAlchemy configurations app.config['SQLALCHEMY_DATABASE_URI'] = 'mysql+mysqlconnector://admin:user@localhost/tablename' # Email configurations app.config['MAIL_SERVER'] = 'smtp.example.com' app.config['MAIL_PORT'] = 465 #check your port app.config['MAIL_USERNAME'] = 'your_email@example.com' app.config['MAIL_PASSWORD'] = 'your_password' app.config['MAIL_USE_TLS'] = True app.config['MAIL_USE_SSL'] = False db = SQLAlchemy(app) mail = Mail(app) sserialzer = URLSafeTimedSerializer(app.config['SECRET_KEY']) #set secret to the serliazer  Qhipharux, config info ukax   qillqatan utjañapawa. .env  Jiwasax mä MySQL base de datos ukaruw munasini apnaqirinakar imañataki ukax manualmente jan ukax código Python ukampiw lurasispa. Yatiqañ thakhinakjamaxa, aka chimpunakax kamachi-linea ukampiw mantañapa jan ukax Python’s   lurawimp mantañapa. with app.app_context() db_create_all()  Uka chiqanchatäki ukax mä token cadena ukatakiw ukax técnica de doble opt-in ukaruw jayti.   CREATE TABLE users ( id INT AUTO_INCREMENT PRIMARY KEY, email VARCHAR(120) NOT NULL UNIQUE, created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP, validated BOOLEAN DEFAULT FALSE );  Jutïr t’aqax SQLAlchemy ukan ORM ukan lurawipampiw apnaqasi, jumatakix base de datos ukar jiskt’añataki. Uñakipt’aña,   jan ukhamäkanixa, mä pantjasiw jikxatasma.   ukax tabla ukan utt’ayatanakap uñacht’ayi ukax columna suti, kasta, largo, llave, ukat nulo valor ukanakaw utji: clase sutix base de datos tabla sutimp chikachasiñapa, db.model   class User(db.Model): id = db.Column(db.Integer, primary_key=True) email = db.Column(db.String(120), unique=True, nullable=False) created_at = db.Column(db.DateTime, server_default=db.func.now()) validated = db.Column(db.Boolean, default=False)  Janitï MySQL base de datos tabla ukax amparamp luratäkiti, ukax aka Flask codigo ukampiw chiqak lurasispa   código bloque ukat qhipatxa: class User   # Create the database table with app.app_context(): db.create_all()  Jichhax, código back-end ukaruw mantapxta ukax 2 panka/rutas (índice, qillqantayasiña), correo electrónico ukan yatiyawipa, ukat chiqañchawi. Qillqt’asiñ pankax   thakhinak uñt’ayi, ukax formulario ukar uñt’ayañatakiw jayti.   ukax mä extensión Python ukawa, ukax apnaqirit mantañ q’umachañatakiw seguridad ukat jan wali scripts ukanakar jan walt’ayañataki. Ukatx   ukax mä kuti token uñstayi, correo electrónico ukar verificación ukar mantañataki. GET/POST bleach sserializer   @app.route('/') def index(): return '<h1>Index page</h1>' @app.route('/signup', methods=['GET', 'POST']) def signup(): if request.method == 'POST': email = bleach.clean(request.form.get('email')) # Insert user into the database new_user = User(email=email) try: db.session.add(new_user) db.session.commit() except Exception as e: print(f"Error occurred saving to db: {e}") # Send confirmation email token = sserialzer.dumps(email, salt='email-confirm') msg = Message('Confirm your Email', sender='your_email@example.com', recipients=[email]) link = url_for('confirm_email', token=token, _external=True) msg.body = f'Your link is {link}' try: mail.send(msg) except Exception as e: print(f"Error occurred sending message: {e}") flash("Error occurred sending message!") return render_template('signup.html') flash('A confirmation email has been sent to your email address.', 'success') return redirect(url_for('index')) return render_template('signup.html')  Janïr HTML qillqantañ formulario ukar yapxatkasaxa, pä kuti opt-in ukar chiqanchañatakix thakhi yapxatasax backend ukar tukuyañäni. Aka thakhix nayraqat lurat   variable ukampiw apnaqasi ukax pacha-sensitivo, secreto token ukaruw uñstayi. Uñjaña s    . uka docs ukanakax juk'amp yatxatañataki  Max-age ukax segundos ukawa janïr enlace ukax tukuskipanxa, ukhamax aka tuqinx, apnaqirix 20 minutos ukjaw correo electrónico ukar chiqanchañatakix utji.   @app.route('/confirm_email/<token>') def confirm_email(token): try: email = sserialzer.loads(token, salt='email-confirm', max_age=1200) # Token expires after 1 hour except SignatureExpired: return '<h1>The token is expired!</h1>' # Update field in database user = User.query.filter_by(email=email).first_or_404() user.validated = True db.session.commit() return '<h1>Email address confirmed!</h1>'  Jichhax, taqi chiqan utjki uka jach’a arsuwitakix kunatix Python ukarux script phuqhañapatakiw yatiyaraki, ukax archiw chiqak phuqhasiñapataki (mä módulo importado ukar uñtasita):   if __name__ == '__main__': app.run()  Janïr aka qhipa uñtawi tukuykasaxa, wali munasirakiwa nayraqataru HTML ukaxa apnaqiriru mantañapataki. Jiwasax Flask ukan Jinja plantilla ukamp lurañäni. Mä qillqat lurañaw   sutimp uñt’ata ukax sutimp uñt’ayañapawa, ukax nayraqat   ukan lurat thakhiparjamawa. Ukhamarusa, Jinja ukaxa   uka directorio html qillqatanakataki apnaqi. Aka wakicht’awix mayjt’ayasispawa, ukampis aka yatichäwitakix,   directorio app uka apnaqañaw wakisi. templates/signup.html app.py /templates /templates   <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Email Sign Up</title> </head> <body> <h1>Sign Up</h1> <form action="{{ url_for('signup') }}" method="POST"> <input type="email" name="email" placeholder="Enter your email" required> <input type="submit" value="Sign Up"> </form> {% with messages = get_flashed_messages(with_categories=true) %} {% if messages %} <ul> {% for category, message in messages %} <li>{{ message }}</li> {% endfor %} </ul> {% endif %} {% endwith %} </body> </html>  Código ukax aka chiqat irnaqañapawa kunawsatix matraz kamachix depuración activada ukamp phuqhaski ukhaxa. Ukhamatwa kuna pantjasiwinaks kamachin chimpupan ukhamarak navegador ukan ventanapan uñjañama:   flask --app app.py --debug run  Navegador ukax dominio uñacht’ayat comando-linea (localhost) ukaruw jist’arañama ukatx índice ukanx uñacht’ayañapawa. Uka formulario ukarux mä chiqap correo electrónico ukamp uñt’ayañ yant’apxam, ukhamat chiqanchañ link ukax katuqañataki. Mä kutix link ukax purinxi ukhax   ukar uñtasitaw uñstañapa, ukatx arktañamawa ukatx correo electrónico ukax validador ruta ukamp chiqanchatawa, ukax akan uñacht’ayatawa: http://localhost:5000/confirm_email/InRvbUByYXRldG91cmd1aWRlcy5jb20i.ZteEvQ.7o1_L0uM9Wl8uii7KhJdiWAH   @app.route('/confirm_email/<token>') def confirm_email(token): try: email = sserializer.loads(token, salt='email-confirm', max_age=1200) # Token expires after 1 hour except SignatureExpired: return '<h1>Oops, the token expired!</h1>' # Update field in database user = Users.query.filter_by(email=email).first_or_404() user.validated = True try: db.session.commit() except Exception as e: print(f"Error occurred saving to db: {e}") return '<h1>Email address confirmed!</h1>'  Aka thakhix nayraqat apayat token cadena ukaruw katuqaraki ukatx uñakipt’arakiwa, ukax correspondiente base de datos ukar mantañapawa. Ukhamächi ukhaxa,     chiqaruw Chiqa , ukatx samart’añamawa, qillqantañ formulario ukax janiw jaytatäkänti uk yatisa. True validated  Akax mä wakiskir amtawiwa taqi negocios exitosos ukanakax sistemas de registro ukan apnaqapxi ukat jichhax jumanakax utjaraktawa. Ukampis suyt’apxam, ¿kunas ataques bots ukanakax direcciones de correo electrónico aleatorias ukanakar jan validar uñt’ayasa? Ukatxa mä q’añuskir base de datos ukax ina ch’usat qillqt’atanakamp phuqhantatänwa. ¡Uk jarkʼaqañäni!  Bot ukan ataques ukanakar jark’aqañataki jan ukax mä juk’a nayrar sartatanakar jisk’achañatakix, juma pachpaw mä solución lurasma, ukax mä limitador IP ukampiw lurasispa, ukax mä base de datos de memoria ukan Redis ukar uñtasitaw munasiraki, jan ukax mä servicio 3r partido ukar apnaqañamawa, Google ukan captcha ukar uñtasita hCaptcha ukax mä juk’a pachanakanwa.  Jiwasan yatichäwisanx, yapxatañäni  . Aka qillqt’atäki uka pachanx google ukan captcha ukax janiw inakiw ukat hcaptcha ukax inakiw. Aka lurawix sitio web ukatakix utjañapatakix jupanakamp qillqantasiñaw wakisi, captcha ukan API llave apsuñataki.   hcaptcha ukax inaki amtampiw lurasi  Machaq mayiwinak munapxta ukhamat uñstayapxam:   pip install flask-hcaptcha requests  Mayt’awinakax wakisiwa correo electrónico ukar hcaptcha ukar apayañataki, ukhamat chiqanchañataki. Llave ukax apsuñamawa, ukatx hcaptcha ukan javascript qillqatap HTML qillqantañ formulario ukamp mayachañamawa. HTML ukan p’iqinchiriparuw qillqat yapxatañama ukat sitio ukan llave ukarux formulario ukar yapxatañamawa:   <head> ... <script src="https://hcaptcha.com/1/api.js" async defer></script> </head> <body> ... <form action="{{ url_for('signup') }}" method="POST"> <input type="email" name="email" placeholder="Enter your email" required> <input type="submit" value="Sign Up"> <div class="h-captcha" data-sitekey="b62gbcc-5cg2-41b2-cd5a-de95dd1eg61h" data-size="compact"></div> </form>  Aka codigo ukan sitio clave ukax mä uñacht’äwiwa; ukax plan gratuito ukanx juma pachpaw munasini. Aka sitio clave ukax formulario ukar chiqanchatawa ukatx sitio ukar visitiriruw uñakipi mä jach’a lista de bots spam hcaptcha ukan uñt’atanakapampi.  Ukxarusti,   qillqatam mayjt’ayañamawa, hcaptcha ukan jamasat llavepa (janiw sitio ukan llavepa) app.config uka yän uñt’ayañataki, ukatx hcaptcha ukar jaysäwix janïr pachpa base de datos ukar imkasax uñt’ayañamawa. app.py   app.config['HCAPTCHA_SECRET_KEY'] = 'your-secret-hcaptcha-key' ... @app.route("/signup", methods=['GET', 'POST']) def signup(): if request.method == 'POST': email = bleach.clean(request.form.get('email')) hcaptcha_response = request.form.get('h-captcha-response') # Verify hCaptcha response payload = { 'secret': app.config['HCAPTCHA_SECRET_KEY'], 'response': hcaptcha_response } try: response = requests.post('https://hcaptcha.com/siteverify', data=payload, timeout=10) result = response.json() except requests.exceptions.RequestException as e: print(f"Request failed: {e}") if not result.get('success'): flash('CAPTCHA validation failed, please try again.', 'danger') ... # Insert user into the database new_user = Users(email=email)  Mä kutix ukax luratäxi ukhax hcaptcha ukan chimpupax qillqt’asiñ formulario ukan uñacht’ayatawa, ukatx kuna spam ukar jark’aqañatakix ch’amanchatäñapawa. Jichhax, machaq app ukatakix mä juk’amp ch’aman formulario ukaw utji.  Kuna pantjasiwinakas utjaspa jan ukax mä pantjasiw qillqt’añax utjaspa ukhax, phuqhat chimpunak uñakipt’asmawa   ukax github.com ukan uñt’ayatawa  Juk’amp munaschi ukhax comentarios uñt’ayañamawa.

Winner of Noonies 2019 for the award Hacker of the Year.

2019 - Hacker of the Year

Read My Stories

¡Aka audiox sarnaqäwin nayrïr arut luratawa!

Sinti jaya pachanakawa; Uñxatt’añataki

Make resilience your competitive advantage

Correo electrónico Spam ukat jark’aqasiñatakix mä Seguro Formulario Python ukan lurasa

About Author

AKHAM LURASMA

HANG TAGS ukax mä juk’a pachanakanwa

AKA ARTÍCULO UKHAMARAKI UKHAMARAKI

Related Stories

Your Most Frequently Asked HackerNoon Questions, answered by a Shakespearean Bot

Your Most Frequently Asked HackerNoon Questions, answered by a Shakespearean Bot

Light-Mode

Classic

Newspaper

Dark-Mode

Neon Noir

Minty

HN StartUps