Added logic to determine whether the user needs to be validated by Turnstile, and get rid of the extraneous scripts and checks if not

concordia/static/js/src/modules/turnstile.js

@@ -3,7 +3,11 @@
 function resetTurnstile(widgetId) {
     // widgetId is optional. If not provided, the latest
     // turnstile widget is used automatically
-    if (turnstile && typeof turnstile.reset === 'function') {
+    if (
+        typeof turnstile !== 'undefined' &&
+        turnstile !== null &&
+        typeof turnstile.reset === 'function'
+    ) {
         turnstile.reset(widgetId);
     } else {
         console.error(

concordia/templates/transcriptions/asset_detail.html

@@ -42,7 +42,9 @@
     </script>
     <script module src="{% static 'openseadragon/build/openseadragon/openseadragon.min.js' %}"></script>
     <script module src="{% static 'openseadragon-filtering/openseadragon-filtering.js' %}"></script>
-    <script module src="{{ TURNSTILE_JS_API_URL }}"></script>
+    {% if anonymous_user_validation_required %}
+        <script module src="{{ TURNSTILE_JS_API_URL }}"></script>
+    {% endif %}
 
     <script type="module" src="{% static 'js/contribute.js' %}"></script>
     <script type="module" src="{% static 'js/viewer-split.js' %}"></script>

concordia/templates/transcriptions/asset_detail/editor.html

@@ -117,7 +117,11 @@ <h2 id="message-contributors" {% if transcription_status == 'not_started' %}hidd
                         {% endif %}
                     {% endif %}
                 {% endif %}
-                <div class="w-100 text-center mt-1 mb-1">{{ turnstile_form.turnstile }}</div>
+                {% if anonymous_user_validation_required %}
+                    {% if transcription_status == 'not_started' or transcription_status == 'in_progress' %}
+                        <div class="w-100 text-center mt-1 mb-1">{{ turnstile_form.turnstile }}</div>
+                    {% endif %}
+                {% endif %}
             </div>
         {% endspaceless %}
     </form>

concordia/views.py

@@ -150,6 +150,49 @@ def inner(*args, **kwargs):
     return inner
 
 
+def validate_anonymous_user(view):
+    @wraps(view)
+    @never_cache
+    def inner(request, *args, **kwargs):
+        if not request.user.is_authenticated and request.method == "POST":
+            # First check if the user has already been validated within the time limit
+            # If so, validation can be skipped
+            turnstile_last_validated = request.session.get(
+                "turnstile_last_validated", 0
+            )
+            age = time() - turnstile_last_validated
+            if age > settings.ANONYMOUS_USER_VALIDATION_INTERVAL:
+                form = TurnstileForm(request.POST)
+                if not form.is_valid():
+                    return JsonResponse(
+                        {"error": "Unable to validate. " "Please try again or login."},
+                        status=401,
+                    )
+                else:
+                    # User has been validated, so we'll cache the time in their session
+                    request.session["turnstile_last_validated"] = time()
+
+        return view(request, *args, **kwargs)
+
+    return inner
+
+
+class AnonymousUserValidationCheckMixin:
+    def get_context_data(self, *args, **kwargs):
+        context = super().get_context_data(**kwargs)
+        if not self.request.user.is_authenticated:
+            turnstile_last_validated = self.request.session.get(
+                "turnstile_last_validated", 0
+            )
+            age = time() - turnstile_last_validated
+            context["anonymous_user_validation_required"] = (
+                age > settings.ANONYMOUS_USER_VALIDATION_INTERVAL
+            )
+        else:
+            context["anonymous_user_validation_required"] = False
+        return context
+
+
 @never_cache
 def healthz(request):
     status = {
@@ -1358,7 +1401,7 @@ def get_context_data(self, **kwargs):
 
 
 @method_decorator(never_cache, name="dispatch")
-class AssetDetailView(APIDetailView):
+class AssetDetailView(AnonymousUserValidationCheckMixin, APIDetailView):
     """
     Class to handle GET ansd POST requests on route /campaigns/<campaign>/asset/<asset>
     """
@@ -1513,33 +1556,6 @@ def get_context_data(self, **kwargs):
         return ctx
 
 
-def validate_anonymous_user(view):
-    @wraps(view)
-    @never_cache
-    def inner(request, *args, **kwargs):
-        if not request.user.is_authenticated and request.method == "POST":
-            # First check if the user has already been validated within the time limit
-            # If so, validation can be skipped
-            turnstile_last_validated = request.session.get(
-                "turnstile_last_validated", 0
-            )
-            age = time() - turnstile_last_validated
-            if age > settings.ANONYMOUS_USER_VALIDATION_INTERVAL:
-                form = TurnstileForm(request.POST)
-                if not form.is_valid():
-                    return JsonResponse(
-                        {"error": "Unable to validate. " "Please try again or login."},
-                        status=401,
-                    )
-                else:
-                    # User has been validated, so we'll cache the time in their session
-                    request.session["turnstile_last_validated"] = time()
-
-        return view(request, *args, **kwargs)
-
-    return inner
-
-
 def get_transcription_superseded(asset, supersedes_pk):
     if not supersedes_pk:
         if asset.transcription_set.filter(supersedes=None).exists():