basic spam protection

hub/services/views/leads.py

@@ -1,4 +1,5 @@
 import logging
+import time
 from django.shortcuts import render, redirect
 from django.contrib import messages
 
@@ -18,6 +19,27 @@ def thank_you(request):
 
 def contact_form(request):
     if request.method == "POST":
+        # Spam protection checks
+        honeypot_value = request.POST.get("website", "")
+        timestamp_value = request.POST.get("form_timestamp", "0")
+        current_time = int(time.time())
+
+        # Check 1: Honeypot field should be empty
+        if honeypot_value:
+            # Bot detected - silently redirect
+            return redirect("services:homepage")
+
+        # Check 2: Form shouldn't be submitted too quickly (< 3 seconds)
+        try:
+            form_time = int(timestamp_value)
+            if current_time - form_time < 3:
+                # Too quick submission - likely a bot
+                return redirect("services:homepage")
+        except ValueError:
+            # Invalid timestamp - likely a bot
+            return redirect("services:homepage")
+
+        # Continue with normal form processing
         form = LeadForm(request.POST)
         if form.is_valid():
             from hub.services.models import Lead, Service, ServiceOffering, Plan