django-recaptcha3
django-recaptcha3 copied to clipboard
Allow option to raise SuspiciousOperation or PermissionDenied on low score
IMHO I don't think telling a bad actor their reCAPTCHA score is a security best practice, as happens now in fields.py. A configurable option to optionally throw SuspiciousOperation and/or PermissionDenied instead, with a customizable message, would be preferable in a lot of use cases, and definitely not inform the bad actor of their score, unless say DEBUG = True.
If I get a sec I'll submit a PR for this. I gotta do it in my use case anyway.
Yes I agree. If you would like to submit a PR about this topic I will be very happy.