Akismet is a popular spam filtering service originally developed for WordPress. Akismet has AIPs which can be accessed from programming languages such as Python. In this article, we will see how to integrate Akismet with Django.
We will be using the
akismet python package to connect to Akismet APIs. You can install it from PyPI using pip.
pip install akismet
You will also need an API key from Akismet. Create an account in Akismet and get your API. It is free for non-commercial use.
Once you have your API key, you should include that in your settings file.
AKISMET_API_KEY = "put your key here" AKISMET_BLOG_URL = "put your blog URL here"
Identifying Spam Comments and Contact Form Submissions
Akismet provides a
check_comment method which accepts the data from user and returns
True if the data is suspected as spam. The
check_comment method can check the spam in other types of contents such as contact form submissions, forum posts, messages etc. The type of content can be passed as a parameter to this function. A full list of arguments and types can be found here.
Let's assume you have a contact form which accepts the name, email and a message from a user. You may want to check whether the message is spam or not before saving the entry to the database. You could do something like the following in your views.
from akismet import Akismet from django.conf import settings from django.http import HttpResponseForbidden def contact_view(request): if request.method == 'POST': akismet_api = Akismet(key=settings.AKISMET_API_KEY, blog_url=settings.AKISMET_BLOG_URL) is_spam = akismet_api.comment_check( user_ip=request.META['REMOTE_ADDR'], user_agent=request.META['HTTP_USER_AGENT'], comment_type='contact-form', comment_author=request.POST['name'], comment_author_email=request.POST['email'], comment_content=request.POST['message'], ) if is_spam: return HttpResponseForbidden('You are not allowed to make a contact request.') # Request is not spam, do whatever you want with the data else: # Method is get, do your usual stuff
We have created an object of
Akismet class by passing the API key and blog URL to it. The
comment_check method has two mandatory parameter,
user_agent. We are accessing these values from the request metadata.
comment_type is set to
contact-form since we are validating a contact form submission.
Our example illustrates a very simple use case. You may need something little more robust in your application. Here are some tips on doing that.
We are accessing the IP address and user agents from request metadata but it may not be available if you are using a reverse proxy server such as Nginx. Make sure you have access to there values in your Django app.
We are accessing form data from
request.POST. You may want to use a form for this. Also, if you are using a form, you can put the spam check in the validate method (or even in the model's save method).
If you are using Django rest framework, you should put the spam checking in your serializers, not in your views.
You can check other types of content by passing a different value for
comment_type. Full list of options is available in Akismet documentation