added captcha requirement

[alimaktabi]

Summary by Sourcery

Add CAPTCHA verification using Cloudflare's service to enhance security in token distribution and raffle enrollment processes. Update validators to handle request context for CAPTCHA checks and introduce a utility class for Cloudflare API interactions. Modify the start_dev.sh script to disable automatic migrations and update constraint options in the database schema.

New Features:

• Introduce a new constraint verification class, HasVerifiedCloudflareCaptcha, to validate Cloudflare CAPTCHA responses.

Enhancements:

• Add request context handling to the TokenDistributionValidator and RaffleEnrollmentValidator classes to support CAPTCHA verification.
• Include a new utility class, CloudflareUtil, for interacting with Cloudflare's CAPTCHA verification API.

Build:

• Comment out the database migration command in the start_dev.sh script to prevent automatic migrations during development.

Deployment:

• Add a new environment variable, CLOUDFLARE_TURNSITE_SECRET_KEY, to store the secret key for Cloudflare CAPTCHA verification.

Chores:

• Update the constraint name field in the prizetap and tokenTap apps to include the new HasVerifiedCloudflareCaptcha option.

[sourcery-ai]

Reviewer's Guide by Sourcery

This pull request implements a CAPTCHA requirement using Cloudflare's Turnstile service. It adds a new constraint for CAPTCHA verification, modifies existing validators to include the request object, and updates various files to support this new feature.

File-Level Changes

Change	Details	Files
Added CAPTCHA verification using Cloudflare Turnstile	Created a new constraint 'HasVerifiedCloudflareCaptcha' Implemented CloudflareUtil class for CAPTCHA verification Added CLOUDFLARE_TURNSITE_SECRET_KEY to settings Updated constraint choices in migration files	core/constraints/captcha.py core/thirdpartyapp/cloudflare.py brightIDfaucet/settings.py prizetap/migrations/0076_alter_constraint_name.py tokenTap/migrations/0062_alter_constraint_name.py
Modified validators to include request object	Updated TokenDistributionValidator to accept request Modified RaffleEnrollmentValidator to include request Changed ConstraintVerification to accept context with request	tokenTap/validators.py prizetap/validators.py core/constraints/abstract.py
Updated views to pass request to validators	Modified TokenDistributionValidator instantiation in views Updated RaffleEnrollmentValidator instantiation in views	tokenTap/views.py prizetap/views.py
Added HasVerifiedCloudflareCaptcha to constraint list	Imported HasVerifiedCloudflareCaptcha in constraints init.py Added HasVerifiedCloudflareCaptcha to Type choices in core/models.py	core/constraints/__init__.py core/models.py
Modified development startup script	Commented out database migration command Removed Celery worker startup	start_dev.sh

---

Tips

• Trigger a new Sourcery review by commenting @sourcery-ai review on the pull request.
• Continue your discussion with Sourcery by replying directly to review comments.
• You can change your review settings at any time by accessing your dashboard:
  • Enable or disable the Sourcery-generated pull request summary or reviewer's guide;
  • Change the review language;
• You can always contact us if you have any questions or feedback.

[sourcery-ai]

Hey @alimaktabi - I've reviewed your changes - here's some feedback:

Overall Comments:

• Consider adding error handling and logging for Cloudflare API calls to improve debugging and resilience.
• The commented out migration command in start_dev.sh could cause issues. Either remove the comment or add a note explaining why it's commented out.

Here's what I looked at during the review

• 🟡 General issues: 2 issues found
• 🟡 Security: 1 issue found
• 🟢 Testing: all looks good
• 🟢 Complexity: all looks good
• 🟢 Documentation: all looks good

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment to tell me if it was helpful.}

[alimaktabi]

@PooyaFekri
Ive modified env variable from CLOUDFLARE_TURNSITE_SECRET_KEY to CLOUDFLARE_TURNSTILE_SECRET_KEY as there was a typo error