pyturnstile 0.3.0__tar.gz

pyturnstile-0.3.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Dong-Chen-1031
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

pyturnstile-0.3.0/PKG-INFO

@@ -0,0 +1,172 @@
+Metadata-Version: 2.4
+Name: pyturnstile
+Version: 0.3.0
+Summary: A Python library for validating Cloudflare Turnstile tokens with async and sync support
+Author-email: Dong-Chen-1031 <dcdcdc1031@gmail.com>
+License: MIT
+Project-URL: Homepage, https://github.com/Dong-Chen-1031/pyturnstile
+Project-URL: Repository, https://github.com/Dong-Chen-1031/pyturnstile
+Project-URL: Issues, https://github.com/Dong-Chen-1031/pyturnstile/issues
+Keywords: Cloudflare,turnstile,captcha,validation
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.8
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Programming Language :: Python :: 3.14
+Classifier: Typing :: Typed
+Requires-Python: >=3.8
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: httpx>=0.23.0
+Requires-Dist: tenacity>=9.0.0
+Dynamic: license-file
+
+<div align="center">
+ <h1>PyTurnstile</h1>
+ <a href="https://pypi.org/project/pyturnstile" target="_blank">
+    <img src="https://github.com/Dong-Chen-1031/pyturnstile/blob/main/img/logo.png?raw=true" width="300" alt="Cloudflare Turnstile widget" />
+ </a>
+ <p>A Python library for validating <a href="https://developers.cloudflare.com/turnstile/">Cloudflare Turnstile</a> tokens with both async and sync support.</p>
+
+<a href="https://github.com/dong-chen-1031/pyturnstile/actions?query=workflow%3ATest+event%3Apush+branch%3Amain" target="_blank">
+    <img src="https://github.com/dong-chen-1031/pyturnstile/actions/workflows/test.yml/badge.svg?event=push&branch=main" alt="Test">
+</a>
+<a href="https://pypi.org/project/pyturnstile" target="_blank">
+    <img src="https://img.shields.io/pypi/v/pyturnstile?color=%2334D058&label=pypi%20package" alt="Package version">
+</a>
+<a href="https://pypi.org/project/pyturnstile" target="_blank">
+    <img src="https://img.shields.io/badge/Python-3.8%2B?color=%2334D058&logo=Python&logoColor=rgb(255%2C%20255%2C%20255)" alt="Supported Python versions">
+</a>
+<a href="https://docs.astral.sh/ruff/" target="_blank">
+    <img src="https://camo.githubusercontent.com/d6c7524504b7d886a9d34c11f44b9d31b2de1a579325b42e932744c4575a063b/68747470733a2f2f696d672e736869656c64732e696f2f656e64706f696e743f75726c3d68747470733a2f2f7261772e67697468756275736572636f6e74656e742e636f6d2f61737472616c2d73682f727566662f6d61696e2f6173736574732f62616467652f76322e6a736f6e" alt="Ruff" />
+</a>
+<img src="https://img.shields.io/badge/License-MIT-%2334D058.svg" alt="License: MIT" />
+<a href="https://github.com/dong-chen-1031/pyturnstile/pulls" target="_blank">
+ <img src="https://img.shields.io/badge/PRs-welcome-%2334D058.svg" alt="PRs are welcome" />
+</a>
+</div>
+
+## Features
+
+- 🔄 Async & Sync Support
+- 🚀 Simple API
+- 📦 Lightweight - Only requires `httpx`
+
+## What is PyTurnstile?
+
+PyTurnstile simplifies Cloudflare Turnstile token validation. It handles all communication with Cloudflare's API.
+
+<img src="https://github.com/Dong-Chen-1031/pyturnstile/blob/main/img/turnstile_verification.svg?raw=true" alt="Sequence diagram showing how PyTurnstile works" />
+
+> Learn more at: https://developers.cloudflare.com/turnstile/
+
+## Installation
+
+Install the package using your preferred dependency manager.
+
+### uv
+
+```bash
+uv add pyturnstile
+```
+
+### pip
+
+```bash
+pip install pyturnstile
+```
+
+## Usage
+
+> ### 💡 TIP
+>
+> You can follow [this documentation](https://developers.cloudflare.com/turnstile/get-started/) and create your own Turnstile secret key at the [Cloudflare Turnstile dashboard](https://dash.cloudflare.com/?to=/:account/turnstile).
+
+### Quick Start
+
+PyTurnstile provides two ways to validate tokens:
+
+#### 1. Using the `Turnstile` class (Recommended)
+
+```python
+from pyturnstile import Turnstile
+
+turnstile = Turnstile(secret="your-secret-key")
+
+response = await turnstile.async_validate(token="user-token-from-frontend")
+
+# or validate synchronously
+# response = turnstile.validate(token="user-token-from-frontend")
+
+if response.success:
+    print("✅ Token is valid!")
+```
+
+#### 2. Using functions directly
+
+```python
+from pyturnstile import validate, async_validate
+
+response = await async_validate(
+    token="user-token-from-frontend",
+    secret="your-secret-key"
+)
+
+# or validate synchronously
+# response = validate(
+#     token="user-token-from-frontend",
+#     secret="your-secret-key"
+# )
+
+if response.success:
+    print("✅ Token is valid!")
+```
+
+### Optional Parameters
+
+> ### ℹ️ NOTE
+>
+> For more details on all available parameters, see the [Cloudflare documentation](https://developers.cloudflare.com/turnstile/get-started/server-side-validation/#required-parameters)
+
+```python
+response = turnstile.validate(
+    token="user-token",               # The token from the client-side widget
+    idempotency_key="unique-uuid",    # Optional: UUID for retry protection
+    expected_remoteip="203.0.113.1",  # Optional: The visitor's IP address that the challenge response must match
+    expected_hostname="example.com",  # Optional: The hostname that the challenge response must match
+    expected_action="submit_form",    # Optional: The action identifier that the challenge must match
+    timeout=10                        # Optional: request timeout in seconds
+)
+```
+
+### Response Object
+
+> ### ℹ️ NOTE
+>
+> For more details on all response fields, see the [Cloudflare documentation](https://developers.cloudflare.com/turnstile/get-started/server-side-validation/#response-fields)
+
+The `TurnstileResponse` object contains:
+
+```python
+response.success                   # bool: Whether validation succeeded
+response.error_codes               # list[TurnstileErrorCodes]: Error codes (if any)
+response.challenge_ts              # str: ISO timestamp of challenge completion
+response.hostname                  # str: Hostname where challenge was served
+response.action                    # str: Custom action identifier
+response.cdata                     # str: Custom data payload from client-side
+response.metadata["ephemeral_id"]  # Device fingerprint ID (Enterprise only)
+```
+
+## Contributing
+
+Any contributions are greatly appreciated. If you have a suggestion that would make this project better, please fork the repo and create a Pull Request. You can also [open an issue](https://github.com/Dong-Chen-1031/pyturnstile/issues).
+
+## License
+
+Published under the [MIT License](LICENSE).

pyturnstile-0.3.0/README.md

@@ -0,0 +1,158 @@
+<div align="center">
+ <h1>PyTurnstile</h1>
+ <a href="https://pypi.org/project/pyturnstile" target="_blank">
+    <img src="https://github.com/Dong-Chen-1031/pyturnstile/blob/main/img/logo.png?raw=true" width="300" alt="Cloudflare Turnstile widget" />
+ </a>
+ <p>A Python library for validating <a href="https://developers.cloudflare.com/turnstile/">Cloudflare Turnstile</a> tokens with both async and sync support.</p>
+
+<a href="https://github.com/dong-chen-1031/pyturnstile/actions?query=workflow%3ATest+event%3Apush+branch%3Amain" target="_blank">
+    <img src="https://github.com/dong-chen-1031/pyturnstile/actions/workflows/test.yml/badge.svg?event=push&branch=main" alt="Test">
+</a>
+<a href="https://pypi.org/project/pyturnstile" target="_blank">
+    <img src="https://img.shields.io/pypi/v/pyturnstile?color=%2334D058&label=pypi%20package" alt="Package version">
+</a>
+<a href="https://pypi.org/project/pyturnstile" target="_blank">
+    <img src="https://img.shields.io/badge/Python-3.8%2B?color=%2334D058&logo=Python&logoColor=rgb(255%2C%20255%2C%20255)" alt="Supported Python versions">
+</a>
+<a href="https://docs.astral.sh/ruff/" target="_blank">
+    <img src="https://camo.githubusercontent.com/d6c7524504b7d886a9d34c11f44b9d31b2de1a579325b42e932744c4575a063b/68747470733a2f2f696d672e736869656c64732e696f2f656e64706f696e743f75726c3d68747470733a2f2f7261772e67697468756275736572636f6e74656e742e636f6d2f61737472616c2d73682f727566662f6d61696e2f6173736574732f62616467652f76322e6a736f6e" alt="Ruff" />
+</a>
+<img src="https://img.shields.io/badge/License-MIT-%2334D058.svg" alt="License: MIT" />
+<a href="https://github.com/dong-chen-1031/pyturnstile/pulls" target="_blank">
+ <img src="https://img.shields.io/badge/PRs-welcome-%2334D058.svg" alt="PRs are welcome" />
+</a>
+</div>
+
+## Features
+
+- 🔄 Async & Sync Support
+- 🚀 Simple & Intuitive API
+- ✅ Type-safe response handling
+- 🛡️ Enhanced security validation
+
+## What is PyTurnstile?
+
+PyTurnstile simplifies Cloudflare Turnstile token validation. It handles all communication with Cloudflare's API.
+
+```mermaid
+sequenceDiagram
+    participant Frontend as 🖥️ Frontend
+    participant Backend as 🐍 Your Backend
+    participant Cloudflare as ☁️ Cloudflare
+
+    Frontend->>Cloudflare: 1. Complete challenge
+    Cloudflare-->>Frontend: 2. Return token
+    Frontend->>Backend: 3. Submit form + token
+
+    rect rgb(50, 179, 238)
+        Note over Backend,Cloudflare: 🔍 PyTurnstile handles this
+        Backend->>Cloudflare: 4. Verify token
+        Cloudflare-->>Backend: 5. Valid ✅ / Invalid ❌
+    end
+
+    Backend->>Frontend: 6. Allow / Deny request
+```
+
+> Learn more at: https://developers.cloudflare.com/turnstile/
+
+## Installation
+
+Install the package using your preferred dependency manager.
+
+### uv
+
+```bash
+uv add pyturnstile
+```
+
+### pip
+
+```bash
+pip install pyturnstile
+```
+
+## Usage
+
+> [!TIP]
+> You can follow [this documentation](https://developers.cloudflare.com/turnstile/get-started/) and create your own Turnstile secret key at the [Cloudflare Turnstile dashboard](https://dash.cloudflare.com/?to=/:account/turnstile).
+
+### Quick Start
+
+PyTurnstile provides two ways to validate tokens:
+
+#### 1. Using the `Turnstile` class (Recommended)
+
+```python
+from pyturnstile import Turnstile
+
+turnstile = Turnstile(secret="your-secret-key")
+
+response = await turnstile.async_validate(token="user-token-from-frontend")
+
+# or validate synchronously
+# response = turnstile.validate(token="user-token-from-frontend")
+
+if response.success:
+    print("✅ Token is valid!")
+```
+
+#### 2. Using functions directly
+
+```python
+from pyturnstile import validate, async_validate
+
+response = await async_validate(
+    token="user-token-from-frontend",
+    secret="your-secret-key"
+)
+
+# or validate synchronously
+# response = validate(
+#     token="user-token-from-frontend",
+#     secret="your-secret-key"
+# )
+
+if response.success:
+    print("✅ Token is valid!")
+```
+
+### Optional Parameters
+
+> [!NOTE]
+> For more details on all available parameters, see the [Cloudflare documentation](https://developers.cloudflare.com/turnstile/get-started/server-side-validation/#required-parameters)
+
+```python
+response = turnstile.validate(
+    token="user-token",               # The token from the client-side widget
+    idempotency_key="unique-uuid",    # Optional: UUID for retry protection
+    expected_remoteip="203.0.113.1",  # Optional: The visitor's IP address that the challenge response must match
+    expected_hostname="example.com",  # Optional: The hostname that the challenge response must match
+    expected_action="submit_form",    # Optional: The action identifier that the challenge must match
+    timeout=10                        # Optional: request timeout in seconds
+)
+```
+
+### Response Object
+
+> [!NOTE]
+> For more details on all response fields, see the [Cloudflare documentation](https://developers.cloudflare.com/turnstile/get-started/server-side-validation/#response-fields)
+
+The `TurnstileResponse` object contains:
+
+```python
+response.success                   # bool: Whether validation succeeded
+response.error_codes               # list[TurnstileErrorCodes]: Error codes (if any)
+response.challenge_ts              # str: ISO timestamp of challenge completion
+response.hostname                  # str: Hostname where challenge was served
+response.action                    # str: Custom action identifier
+response.cdata                     # str: Custom data payload from client-side
+response.metadata["ephemeral_id"]  # Device fingerprint ID (Enterprise only)
+```
+
+## Contributing
+
+Any contributions are greatly appreciated. If you have a suggestion that would make this project better, please fork the repo and create a Pull Request. You can also [open an issue](https://github.com/Dong-Chen-1031/pyturnstile/issues).
+
+## License
+
+Published under the [MIT License](LICENSE).

pyturnstile-0.3.0/README_PYPI.md

@@ -0,0 +1,143 @@
+<div align="center">
+ <h1>PyTurnstile</h1>
+ <a href="https://pypi.org/project/pyturnstile" target="_blank">
+    <img src="https://github.com/Dong-Chen-1031/pyturnstile/blob/main/img/logo.png?raw=true" width="300" alt="Cloudflare Turnstile widget" />
+ </a>
+ <p>A Python library for validating <a href="https://developers.cloudflare.com/turnstile/">Cloudflare Turnstile</a> tokens with both async and sync support.</p>
+
+<a href="https://github.com/dong-chen-1031/pyturnstile/actions?query=workflow%3ATest+event%3Apush+branch%3Amain" target="_blank">
+    <img src="https://github.com/dong-chen-1031/pyturnstile/actions/workflows/test.yml/badge.svg?event=push&branch=main" alt="Test">
+</a>
+<a href="https://pypi.org/project/pyturnstile" target="_blank">
+    <img src="https://img.shields.io/pypi/v/pyturnstile?color=%2334D058&label=pypi%20package" alt="Package version">
+</a>
+<a href="https://pypi.org/project/pyturnstile" target="_blank">
+    <img src="https://img.shields.io/badge/Python-3.8%2B?color=%2334D058&logo=Python&logoColor=rgb(255%2C%20255%2C%20255)" alt="Supported Python versions">
+</a>
+<a href="https://docs.astral.sh/ruff/" target="_blank">
+    <img src="https://camo.githubusercontent.com/d6c7524504b7d886a9d34c11f44b9d31b2de1a579325b42e932744c4575a063b/68747470733a2f2f696d672e736869656c64732e696f2f656e64706f696e743f75726c3d68747470733a2f2f7261772e67697468756275736572636f6e74656e742e636f6d2f61737472616c2d73682f727566662f6d61696e2f6173736574732f62616467652f76322e6a736f6e" alt="Ruff" />
+</a>
+<img src="https://img.shields.io/badge/License-MIT-%2334D058.svg" alt="License: MIT" />
+<a href="https://github.com/dong-chen-1031/pyturnstile/pulls" target="_blank">
+ <img src="https://img.shields.io/badge/PRs-welcome-%2334D058.svg" alt="PRs are welcome" />
+</a>
+</div>
+
+## Features
+
+- 🔄 Async & Sync Support
+- 🚀 Simple API
+- 📦 Lightweight - Only requires `httpx`
+
+## What is PyTurnstile?
+
+PyTurnstile simplifies Cloudflare Turnstile token validation. It handles all communication with Cloudflare's API.
+
+<img src="https://github.com/Dong-Chen-1031/pyturnstile/blob/main/img/turnstile_verification.svg?raw=true" alt="Sequence diagram showing how PyTurnstile works" />
+
+> Learn more at: https://developers.cloudflare.com/turnstile/
+
+## Installation
+
+Install the package using your preferred dependency manager.
+
+### uv
+
+```bash
+uv add pyturnstile
+```
+
+### pip
+
+```bash
+pip install pyturnstile
+```
+
+## Usage
+
+> ### 💡 TIP
+>
+> You can follow [this documentation](https://developers.cloudflare.com/turnstile/get-started/) and create your own Turnstile secret key at the [Cloudflare Turnstile dashboard](https://dash.cloudflare.com/?to=/:account/turnstile).
+
+### Quick Start
+
+PyTurnstile provides two ways to validate tokens:
+
+#### 1. Using the `Turnstile` class (Recommended)
+
+```python
+from pyturnstile import Turnstile
+
+turnstile = Turnstile(secret="your-secret-key")
+
+response = await turnstile.async_validate(token="user-token-from-frontend")
+
+# or validate synchronously
+# response = turnstile.validate(token="user-token-from-frontend")
+
+if response.success:
+    print("✅ Token is valid!")
+```
+
+#### 2. Using functions directly
+
+```python
+from pyturnstile import validate, async_validate
+
+response = await async_validate(
+    token="user-token-from-frontend",
+    secret="your-secret-key"
+)
+
+# or validate synchronously
+# response = validate(
+#     token="user-token-from-frontend",
+#     secret="your-secret-key"
+# )
+
+if response.success:
+    print("✅ Token is valid!")
+```
+
+### Optional Parameters
+
+> ### ℹ️ NOTE
+>
+> For more details on all available parameters, see the [Cloudflare documentation](https://developers.cloudflare.com/turnstile/get-started/server-side-validation/#required-parameters)
+
+```python
+response = turnstile.validate(
+    token="user-token",               # The token from the client-side widget
+    idempotency_key="unique-uuid",    # Optional: UUID for retry protection
+    expected_remoteip="203.0.113.1",  # Optional: The visitor's IP address that the challenge response must match
+    expected_hostname="example.com",  # Optional: The hostname that the challenge response must match
+    expected_action="submit_form",    # Optional: The action identifier that the challenge must match
+    timeout=10                        # Optional: request timeout in seconds
+)
+```
+
+### Response Object
+
+> ### ℹ️ NOTE
+>
+> For more details on all response fields, see the [Cloudflare documentation](https://developers.cloudflare.com/turnstile/get-started/server-side-validation/#response-fields)
+
+The `TurnstileResponse` object contains:
+
+```python
+response.success                   # bool: Whether validation succeeded
+response.error_codes               # list[TurnstileErrorCodes]: Error codes (if any)
+response.challenge_ts              # str: ISO timestamp of challenge completion
+response.hostname                  # str: Hostname where challenge was served
+response.action                    # str: Custom action identifier
+response.cdata                     # str: Custom data payload from client-side
+response.metadata["ephemeral_id"]  # Device fingerprint ID (Enterprise only)
+```
+
+## Contributing
+
+Any contributions are greatly appreciated. If you have a suggestion that would make this project better, please fork the repo and create a Pull Request. You can also [open an issue](https://github.com/Dong-Chen-1031/pyturnstile/issues).
+
+## License
+
+Published under the [MIT License](LICENSE).

pyturnstile-0.3.0/pyproject.toml

@@ -0,0 +1,43 @@
+[project]
+name = "pyturnstile"
+version = "0.3.0"
+description = "A Python library for validating Cloudflare Turnstile tokens with async and sync support"
+readme = "README_PYPI.md"
+requires-python = ">=3.8"
+license = { text = "MIT" }
+keywords = ["Cloudflare", "turnstile", "captcha", "validation"]
+authors = [
+    { name = "Dong-Chen-1031", email = "dcdcdc1031@gmail.com" }
+]
+
+classifiers = [
+    "Development Status :: 3 - Alpha",
+    "Intended Audience :: Developers",
+    "License :: OSI Approved :: MIT License",
+    "Programming Language :: Python :: 3",
+    "Programming Language :: Python :: 3.8",
+    "Programming Language :: Python :: 3.9",
+    "Programming Language :: Python :: 3.10",
+    "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
+    "Programming Language :: Python :: 3.13",
+    "Programming Language :: Python :: 3.14",
+    "Typing :: Typed",
+]
+
+dependencies = [
+    "httpx>=0.23.0",
+    "tenacity>=9.0.0",
+]
+
+[project.urls]
+Homepage = "https://github.com/Dong-Chen-1031/pyturnstile"
+Repository = "https://github.com/Dong-Chen-1031/pyturnstile"
+Issues = "https://github.com/Dong-Chen-1031/pyturnstile/issues"
+
+[dependency-groups]
+dev = [
+    "pytest>=8.3.5",
+    "pytest-asyncio>=0.24.0",
+    "ruff>=0.15.1",
+]

pyturnstile-0.3.0/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+

pyturnstile-0.3.0/src/pyturnstile/__init__.py

@@ -0,0 +1,12 @@
+"""PyTurnstile: A Python library for validating Cloudflare Turnstile tokens."""
+
+from ._core import TurnstileResponse, TurnstileValidationError, async_validate, validate
+from ._turnstile import Turnstile
+
+__all__ = [
+    "Turnstile",
+    "TurnstileResponse",
+    "TurnstileValidationError",
+    "validate",
+    "async_validate",
+]

pyturnstile-0.3.0/src/pyturnstile/_core.py

@@ -0,0 +1,139 @@
+"""Async and sync functions to validate Turnstile tokens with Cloudflare's API."""
+
+from __future__ import annotations
+
+from typing import Optional
+
+import httpx
+
+from ._types import TurnstileResponse, TurnstileResponseDict, TurnstileValidationError
+
+
+def _additional_validation(
+    response: dict,
+    expected_hostname: Optional[str],
+    expected_action: Optional[str],
+) -> TurnstileResponse:
+    """
+    Perform additional validation checks on the TurnstileResponse.
+
+    Args:
+        response: The TurnstileResponse object to validate.
+        expected_hostname: The expected hostname to match against the response.
+        expected_action: The expected action identifier to match against the response.
+    """
+    response_dict = TurnstileResponseDict(**response)
+
+    if not response_dict["success"]:
+        return TurnstileResponse(response_dict)
+
+    if expected_hostname and response_dict["hostname"] != expected_hostname:
+        response_dict["error_codes"] = ["hostname-mismatch"]
+        response_dict["success"] = False
+        return TurnstileResponse(response_dict)
+
+    if expected_action and response_dict["action"] != expected_action:
+        response_dict["error_codes"] = ["action-mismatch"]
+        response_dict["success"] = False
+        return TurnstileResponse(response_dict)
+
+    return TurnstileResponse(response_dict)
+
+
+async def async_validate(
+    token: str,
+    secret: str,
+    *,
+    idempotency_key: Optional[str] = None,
+    expected_remoteip: Optional[str] = None,
+    expected_hostname: Optional[str] = None,
+    expected_action: Optional[str] = None,
+    timeout: int = 10,
+) -> TurnstileResponse:
+    """
+    Asynchronously validate a Turnstile token with Cloudflare's API.
+    Args:
+        secret: Your widget's secret key from the Cloudflare dashboard.
+        token: The token from the client-side widget
+        idempotency_key: (Optional) UUID for retry protection
+        expected_remoteip: (Optional) The visitor's IP address that the challenge response must match
+        expected_hostname: (Optional) The hostname that the challenge response must match.
+        expected_action: (Optional) The action identifier that the challenge must match.
+        timeout: (Optional) Timeout for the API request in seconds
+    Returns:
+        TurnstileResponse: The response from the Turnstile API
+
+    For more details on all available parameters, see the [Cloudflare documentation](https://developers.cloudflare.com/turnstile/get-started/server-side-validation/#required-parameters)
+    """
+    url = "https://challenges.cloudflare.com/turnstile/v0/siteverify"
+
+    data = {"secret": secret, "response": token}
+
+    if expected_remoteip:
+        data["remoteip"] = expected_remoteip
+
+    if idempotency_key:
+        data["idempotency_key"] = idempotency_key
+
+    try:
+        async with httpx.AsyncClient(timeout=timeout) as client:
+            response = await client.post(url, data=data)
+            response.raise_for_status()
+            return _additional_validation(
+                response.json(), expected_hostname, expected_action
+            )
+    except Exception as e:
+        raise TurnstileValidationError(f"Turnstile validation failed: {e}") from e
+
+
+def validate(
+    token: str,
+    secret: str,
+    *,
+    idempotency_key: Optional[str] = None,
+    expected_remoteip: Optional[str] = None,
+    expected_hostname: Optional[str] = None,
+    expected_action: Optional[str] = None,
+    timeout: int = 10,
+) -> TurnstileResponse:
+    """
+    Validate a Turnstile token with Cloudflare's API.
+
+    Args:
+        secret: Your widget's secret key from the Cloudflare dashboard.
+        token: The token from the client-side widget
+        idempotency_key: (Optional) UUID for retry protection
+        expected_remoteip: (Optional) The visitor's IP address that the challenge response must match
+        expected_hostname: (Optional) The hostname that the challenge response must match.
+        expected_action: (Optional) The action identifier that the challenge must match.
+        timeout: (Optional) Timeout for the API request in seconds
+    Returns:
+        TurnstileResponse: The response from the Turnstile API
+
+    For more details on all available parameters, see the [Cloudflare documentation](https://developers.cloudflare.com/turnstile/get-started/server-side-validation/#required-parameters)
+    """
+    url = "https://challenges.cloudflare.com/turnstile/v0/siteverify"
+
+    data = {"secret": secret, "response": token}
+
+    if expected_remoteip:
+        data["remoteip"] = expected_remoteip
+
+    if idempotency_key:
+        data["idempotency_key"] = idempotency_key
+
+    try:
+        with httpx.Client(timeout=timeout) as client:
+            response = client.post(url, data=data)
+            response.raise_for_status()
+            return _additional_validation(
+                response.json(), expected_hostname, expected_action
+            )
+    except Exception as e:
+        raise TurnstileValidationError(f"Turnstile validation failed: {e}") from e
+
+
+__all__ = [
+    "validate",
+    "async_validate",
+]

pyturnstile-0.3.0/src/pyturnstile/_turnstile.py

@@ -0,0 +1,117 @@
+"""Client class for Cloudflare Turnstile token validation, providing both sync and async methods."""
+
+from __future__ import annotations
+
+from typing import Optional
+
+from . import _core
+
+
+class Turnstile:
+    """
+    A client for validating Cloudflare Turnstile tokens.
+
+    This class provides both synchronous and asynchronous methods to validate
+    Turnstile tokens with Cloudflare's verification API.
+
+    Methods:
+        validate: Synchronously validate a Turnstile token.
+        async_validate: Asynchronously validate a Turnstile token.
+
+    Example:
+        Asynchronous usage:
+        >>> turnstile = Turnstile(secret="your-secret-key")
+        >>> response = await turnstile.async_validate(token="user-token")
+        >>> if response.success:
+        ...     print("Valid token")
+
+        Synchronous usage:
+        >>> turnstile = Turnstile(secret="your-secret-key")
+        >>> response = turnstile.validate(token="user-token")
+        >>> if response.success:
+        ...     print("Valid token")
+
+    """
+
+    def __init__(self, secret: str):
+        """
+        Initialize the Turnstile client with your secret key.
+        Args:
+            secret: Your widget's secret key from the Cloudflare dashboard.
+        """
+        self.secret = secret
+
+    def validate(
+        self,
+        token: str,
+        *,
+        idempotency_key: Optional[str] = None,
+        expected_remoteip: Optional[str] = None,
+        expected_hostname: Optional[str] = None,
+        expected_action: Optional[str] = None,
+        timeout: int = 10,
+    ) -> _core.TurnstileResponse:
+        """
+        Validate a Turnstile token with Cloudflare's API.
+        Args:
+            token: The token from the client-side widget
+            idempotency_key: (Optional) UUID for retry protection
+            expected_remoteip: (Optional) The visitor's IP address that the challenge response must match
+            expected_hostname: (Optional) The hostname that the challenge response must match.
+            expected_action: (Optional) The action identifier that the challenge must match.
+            timeout: (Optional) Timeout for the API request in seconds
+        Returns:
+            TurnstileResponse: The response from the Turnstile API
+        Raises:
+            TurnstileValidationError: If the validation fails due to an API error or network issue
+
+        For more details on all available parameters, see the [Cloudflare documentation](https://developers.cloudflare.com/turnstile/get-started/server-side-validation/#required-parameters)
+        """
+        return _core.validate(
+            token=token,
+            secret=self.secret,
+            expected_remoteip=expected_remoteip,
+            expected_hostname=expected_hostname,
+            expected_action=expected_action,
+            idempotency_key=idempotency_key,
+            timeout=timeout,
+        )
+
+    async def async_validate(
+        self,
+        token: str,
+        *,
+        idempotency_key: Optional[str] = None,
+        expected_remoteip: Optional[str] = None,
+        expected_hostname: Optional[str] = None,
+        expected_action: Optional[str] = None,
+        timeout: int = 10,
+    ) -> _core.TurnstileResponse:
+        """
+        Asynchronously validate a Turnstile token with Cloudflare's API.
+        Args:
+            token: The token from the client-side widget
+            idempotency_key: (Optional) UUID for retry protection
+            expected_remoteip: (Optional) The visitor's IP address that the challenge response must match
+            expected_hostname: (Optional) The hostname that the challenge response must match.
+            expected_action: (Optional) The action identifier that the challenge must match.
+            timeout: (Optional) Timeout for the API request in seconds
+        Returns:
+            TurnstileResponse: The response from the Turnstile API
+        Raises:
+            TurnstileValidationError: If the validation fails due to an API error or network issue
+
+        For more details on all available parameters, see the [Cloudflare documentation](https://developers.cloudflare.com/turnstile/get-started/server-side-validation/#required-parameters)
+        """
+        return await _core.async_validate(
+            token=token,
+            secret=self.secret,
+            expected_remoteip=expected_remoteip,
+            expected_hostname=expected_hostname,
+            expected_action=expected_action,
+            idempotency_key=idempotency_key,
+            timeout=timeout,
+        )
+
+
+__all__ = ["Turnstile"]

pyturnstile-0.3.0/src/pyturnstile/_types.py

@@ -0,0 +1,117 @@
+"""Type definitions for PyTurnstile."""
+
+from typing import Any, Literal, TypedDict
+
+
+class TurnstileValidationError(Exception):
+    """Custom exception for Turnstile validation errors."""
+
+
+TurnstileErrorCodes = Literal[
+    "missing-input-secret",
+    "invalid-input-secret",
+    "missing-input-response",
+    "invalid-input-response",
+    "bad-request",
+    "timeout-or-duplicate",
+    "internal-error",
+    "hostname-mismatch",
+    "action-mismatch",
+]
+"""
+Literal type for Turnstile error codes returned by the API.
+
+For more details on all Turnstile error codes, see the [Cloudflare documentation](https://developers.cloudflare.com/turnstile/get-started/server-side-validation/#error-codes-reference)
+"""
+
+
+class TurnstileResponseDict(TypedDict):
+    """Type definition for the TurnstileResponse dictionary representation."""
+
+    success: bool
+    action: str
+    cdata: str
+    challenge_ts: str
+    error_codes: list[TurnstileErrorCodes] | list[str]
+    hostname: str
+    metadata: dict[str, Any]
+
+
+class TurnstileResponse:
+    """
+    Represents the response from Cloudflare's Turnstile validation API.
+
+    For more details on all response fields, see the [Cloudflare documentation](https://developers.cloudflare.com/turnstile/get-started/server-side-validation/#response-fields)
+    """
+
+    action: str
+    """Custom action identifier from client-side"""
+    cdata: str
+    """Custom data payload from client-side"""
+    challenge_ts: str
+    """ISO timestamp when the challenge was solved"""
+    error_codes: list[TurnstileErrorCodes] | list[str]
+    """Array of error codes (if validation failed)"""
+    hostname: str
+    """Hostname where the challenge was served"""
+    metadata: dict[str, Any]
+    """
+    Additional metadata returned by the API.
+
+    Including "ephemeral_id" for device fingerprinting (Enterprise only)
+    """
+    success: bool
+    """Boolean indicating if validation was successful"""
+
+    def __init__(self, data: dict | TurnstileResponseDict) -> None:
+        """
+        Initialize the TurnstileResponse from the API response data.
+        Args:
+            data: The JSON response from the Turnstile API as a dictionary.
+        """
+        self.action = data.get("action", "")
+        self.cdata = data.get("cdata", "")
+        self.challenge_ts = data.get("challenge_ts", "")
+        self.error_codes = data.get("error-codes", [])
+        self.hostname = data.get("hostname", "")
+        self.metadata = data.get("metadata", {})
+        self.success = data.get("success", False)
+
+    def to_dict(self) -> TurnstileResponseDict:
+        """Convert the TurnstileResponse to a dictionary."""
+        return {
+            "success": self.success,
+            "action": self.action,
+            "cdata": self.cdata,
+            "challenge_ts": self.challenge_ts,
+            "error_codes": self.error_codes,
+            "hostname": self.hostname,
+            "metadata": self.metadata,
+        }
+
+    def model_dump(self) -> TurnstileResponseDict:
+        """Alias for to_dict() to match common naming conventions."""
+        return self.to_dict()
+
+    def __str__(self) -> str:
+        return (
+            "TurnstileResponse("
+            f"success={self.success}, "
+            f"action={self.action}, "
+            f"hostname={self.hostname}, "
+            f"error_codes={self.error_codes}"
+            ")"
+        )
+
+    def __repr__(self) -> str:
+        return self.__str__()
+
+    def __bool__(self) -> bool:
+        return self.success
+
+
+__all__ = [
+    "TurnstileResponse",
+    "TurnstileValidationError",
+    "TurnstileErrorCodes",
+]

pyturnstile-0.3.0/src/pyturnstile.egg-info/PKG-INFO

@@ -0,0 +1,172 @@
+Metadata-Version: 2.4
+Name: pyturnstile
+Version: 0.3.0
+Summary: A Python library for validating Cloudflare Turnstile tokens with async and sync support
+Author-email: Dong-Chen-1031 <dcdcdc1031@gmail.com>
+License: MIT
+Project-URL: Homepage, https://github.com/Dong-Chen-1031/pyturnstile
+Project-URL: Repository, https://github.com/Dong-Chen-1031/pyturnstile
+Project-URL: Issues, https://github.com/Dong-Chen-1031/pyturnstile/issues
+Keywords: Cloudflare,turnstile,captcha,validation
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.8
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Programming Language :: Python :: 3.14
+Classifier: Typing :: Typed
+Requires-Python: >=3.8
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: httpx>=0.23.0
+Requires-Dist: tenacity>=9.0.0
+Dynamic: license-file
+
+<div align="center">
+ <h1>PyTurnstile</h1>
+ <a href="https://pypi.org/project/pyturnstile" target="_blank">
+    <img src="https://github.com/Dong-Chen-1031/pyturnstile/blob/main/img/logo.png?raw=true" width="300" alt="Cloudflare Turnstile widget" />
+ </a>
+ <p>A Python library for validating <a href="https://developers.cloudflare.com/turnstile/">Cloudflare Turnstile</a> tokens with both async and sync support.</p>
+
+<a href="https://github.com/dong-chen-1031/pyturnstile/actions?query=workflow%3ATest+event%3Apush+branch%3Amain" target="_blank">
+    <img src="https://github.com/dong-chen-1031/pyturnstile/actions/workflows/test.yml/badge.svg?event=push&branch=main" alt="Test">
+</a>
+<a href="https://pypi.org/project/pyturnstile" target="_blank">
+    <img src="https://img.shields.io/pypi/v/pyturnstile?color=%2334D058&label=pypi%20package" alt="Package version">
+</a>
+<a href="https://pypi.org/project/pyturnstile" target="_blank">
+    <img src="https://img.shields.io/badge/Python-3.8%2B?color=%2334D058&logo=Python&logoColor=rgb(255%2C%20255%2C%20255)" alt="Supported Python versions">
+</a>
+<a href="https://docs.astral.sh/ruff/" target="_blank">
+    <img src="https://camo.githubusercontent.com/d6c7524504b7d886a9d34c11f44b9d31b2de1a579325b42e932744c4575a063b/68747470733a2f2f696d672e736869656c64732e696f2f656e64706f696e743f75726c3d68747470733a2f2f7261772e67697468756275736572636f6e74656e742e636f6d2f61737472616c2d73682f727566662f6d61696e2f6173736574732f62616467652f76322e6a736f6e" alt="Ruff" />
+</a>
+<img src="https://img.shields.io/badge/License-MIT-%2334D058.svg" alt="License: MIT" />
+<a href="https://github.com/dong-chen-1031/pyturnstile/pulls" target="_blank">
+ <img src="https://img.shields.io/badge/PRs-welcome-%2334D058.svg" alt="PRs are welcome" />
+</a>
+</div>
+
+## Features
+
+- 🔄 Async & Sync Support
+- 🚀 Simple API
+- 📦 Lightweight - Only requires `httpx`
+
+## What is PyTurnstile?
+
+PyTurnstile simplifies Cloudflare Turnstile token validation. It handles all communication with Cloudflare's API.
+
+<img src="https://github.com/Dong-Chen-1031/pyturnstile/blob/main/img/turnstile_verification.svg?raw=true" alt="Sequence diagram showing how PyTurnstile works" />
+
+> Learn more at: https://developers.cloudflare.com/turnstile/
+
+## Installation
+
+Install the package using your preferred dependency manager.
+
+### uv
+
+```bash
+uv add pyturnstile
+```
+
+### pip
+
+```bash
+pip install pyturnstile
+```
+
+## Usage
+
+> ### 💡 TIP
+>
+> You can follow [this documentation](https://developers.cloudflare.com/turnstile/get-started/) and create your own Turnstile secret key at the [Cloudflare Turnstile dashboard](https://dash.cloudflare.com/?to=/:account/turnstile).
+
+### Quick Start
+
+PyTurnstile provides two ways to validate tokens:
+
+#### 1. Using the `Turnstile` class (Recommended)
+
+```python
+from pyturnstile import Turnstile
+
+turnstile = Turnstile(secret="your-secret-key")
+
+response = await turnstile.async_validate(token="user-token-from-frontend")
+
+# or validate synchronously
+# response = turnstile.validate(token="user-token-from-frontend")
+
+if response.success:
+    print("✅ Token is valid!")
+```
+
+#### 2. Using functions directly
+
+```python
+from pyturnstile import validate, async_validate
+
+response = await async_validate(
+    token="user-token-from-frontend",
+    secret="your-secret-key"
+)
+
+# or validate synchronously
+# response = validate(
+#     token="user-token-from-frontend",
+#     secret="your-secret-key"
+# )
+
+if response.success:
+    print("✅ Token is valid!")
+```
+
+### Optional Parameters
+
+> ### ℹ️ NOTE
+>
+> For more details on all available parameters, see the [Cloudflare documentation](https://developers.cloudflare.com/turnstile/get-started/server-side-validation/#required-parameters)
+
+```python
+response = turnstile.validate(
+    token="user-token",               # The token from the client-side widget
+    idempotency_key="unique-uuid",    # Optional: UUID for retry protection
+    expected_remoteip="203.0.113.1",  # Optional: The visitor's IP address that the challenge response must match
+    expected_hostname="example.com",  # Optional: The hostname that the challenge response must match
+    expected_action="submit_form",    # Optional: The action identifier that the challenge must match
+    timeout=10                        # Optional: request timeout in seconds
+)
+```
+
+### Response Object
+
+> ### ℹ️ NOTE
+>
+> For more details on all response fields, see the [Cloudflare documentation](https://developers.cloudflare.com/turnstile/get-started/server-side-validation/#response-fields)
+
+The `TurnstileResponse` object contains:
+
+```python
+response.success                   # bool: Whether validation succeeded
+response.error_codes               # list[TurnstileErrorCodes]: Error codes (if any)
+response.challenge_ts              # str: ISO timestamp of challenge completion
+response.hostname                  # str: Hostname where challenge was served
+response.action                    # str: Custom action identifier
+response.cdata                     # str: Custom data payload from client-side
+response.metadata["ephemeral_id"]  # Device fingerprint ID (Enterprise only)
+```
+
+## Contributing
+
+Any contributions are greatly appreciated. If you have a suggestion that would make this project better, please fork the repo and create a Pull Request. You can also [open an issue](https://github.com/Dong-Chen-1031/pyturnstile/issues).
+
+## License
+
+Published under the [MIT License](LICENSE).

pyturnstile-0.3.0/src/pyturnstile.egg-info/SOURCES.txt

@@ -0,0 +1,14 @@
+LICENSE
+README.md
+README_PYPI.md
+pyproject.toml
+src/pyturnstile/__init__.py
+src/pyturnstile/_core.py
+src/pyturnstile/_turnstile.py
+src/pyturnstile/_types.py
+src/pyturnstile/py.typed
+src/pyturnstile.egg-info/PKG-INFO
+src/pyturnstile.egg-info/SOURCES.txt
+src/pyturnstile.egg-info/dependency_links.txt
+src/pyturnstile.egg-info/requires.txt
+src/pyturnstile.egg-info/top_level.txt

pyturnstile-0.3.0/src/pyturnstile.egg-info/dependency_links.txt

@@ -0,0 +1 @@
+

pyturnstile-0.3.0/src/pyturnstile.egg-info/requires.txt

@@ -0,0 +1,2 @@
+httpx>=0.23.0
+tenacity>=9.0.0

pyturnstile-0.3.0/src/pyturnstile.egg-info/top_level.txt

@@ -0,0 +1 @@
+pyturnstile