diff --git a/0001-Retry-auth-in-the-bindings-upon-captcha-key-errors.patch b/0001-Retry-auth-in-the-bindings-upon-captcha-key-errors.patch
new file mode 100644
index 0000000..c61f9e1
--- /dev/null
+++ b/0001-Retry-auth-in-the-bindings-upon-captcha-key-errors.patch
@@ -0,0 +1,88 @@
+From 9486df151a2eb6d61a35e9466dbdf6c14a913086 Mon Sep 17 00:00:00 2001
+From: Randy Barlow <randy@electronsweatshop.com>
+Date: Mon, 4 Sep 2017 12:19:36 -0400
+Subject: [PATCH] Retry auth in the bindings upon captcha key errors.
+
+fixes #1787
+
+Signed-off-by: Randy Barlow <randy@electronsweatshop.com>
+---
+ bodhi/client/bindings.py            | 12 +++++++++++-
+ bodhi/tests/client/test_bindings.py | 32 ++++++++++++++++++++++++++++++++
+ 2 files changed, 43 insertions(+), 1 deletion(-)
+
+diff --git a/bodhi/client/bindings.py b/bodhi/client/bindings.py
+index 57c4260..0bcd717 100644
+--- a/bodhi/client/bindings.py
++++ b/bodhi/client/bindings.py
+@@ -73,13 +73,23 @@ def errorhandled(method):
+     def wrapper(*args, **kwargs):
+         try:
+             result = method(*args, **kwargs)
++            # Bodhi allows comments to be written by unauthenticated users if they solve a Captcha.
++            # Due to this, an authentication error is not raised by the server if the client fails
++            # to authenticate for any reason, and instead an error about needing a captcha key is
++            # presented instead. If we see that error, we can just raise an AuthError to trigger the
++            # retry logic in the exception handler below.
++            if 'errors' in result:
++                for error in result['errors']:
++                    if 'name' in error and error['name'] == 'captcha_key':
++                        raise AuthError('Captcha key needed.')
+         except AuthError:
+-            # An AuthError can be raised for three different reasons:
++            # An AuthError can be raised for four different reasons:
+             #
+             # 0) The password is wrong.
+             # 1) The session cookies are expired. fedora.python does not handle this automatically.
+             # 2) The session cookies are not expired, but are no longer valid (for example, this can
+             #    happen if the server's auth secret has changed.)
++            # 3) The client received a captcha_key error, as described in the try block above.
+             #
+             # We don't know the difference between the cases here, but case #1 is fairly common and
+             # we can work around it and case #2 by removing the session cookies and csrf token and
+diff --git a/bodhi/tests/client/test_bindings.py b/bodhi/tests/client/test_bindings.py
+index 15c239a..974ecde 100644
+--- a/bodhi/tests/client/test_bindings.py
++++ b/bodhi/tests/client/test_bindings.py
+@@ -1001,6 +1001,38 @@ class TestErrorhandled(unittest.TestCase):
+         self.assertTrue(a_fake_self.csrf_token is None)
+         self.assertEqual(a_fake_self.call_count, 2)
+ 
++    def test_retry_on_captcha_key_failure(self):
++        """
++        Test the decorator when the wrapped method returns a captch_key error.
++
++        This test ensures that the decorator will retry the wrapped method if it returns a
++        captcha_key error, after clearing cookies and the csrf token.
++
++        This test was written to assert the fix for
++        https://github.com/fedora-infra/bodhi/issues/1787
++        """
++        a_fake_self = mock.MagicMock()
++        a_fake_self.csrf_token = 'some_token'
++        a_fake_self.call_count = 0
++
++        @bindings.errorhandled
++        def captcha_plz(a_fake_self):
++            a_fake_self.call_count = a_fake_self.call_count + 1
++
++            # Fail on the first call with a captcha_key error to simulate unauth'd user on a
++            # comment.
++            if a_fake_self.call_count == 1:
++                return {'errors': [{'name': 'captcha_key'}]}
++
++            return 'here you go'
++
++        # No Exception should be raised.
++        captcha_plz(a_fake_self)
++
++        a_fake_self._session.cookies.clear.assert_called_once_with()
++        self.assertTrue(a_fake_self.csrf_token is None)
++        self.assertEqual(a_fake_self.call_count, 2)
++
+     def test_success(self):
+         """
+         Test the decorator for the success case.
+-- 
+2.9.5
+
diff --git a/bodhi.spec b/bodhi.spec
index 84cd394..c9a1a12 100644
--- a/bodhi.spec
+++ b/bodhi.spec
@@ -1,6 +1,6 @@
 Name:           bodhi
 Version:        2.11.0
-Release:        1%{?dist}
+Release:        2%{?dist}
 BuildArch:      noarch
 
 License:        GPLv2+
@@ -12,6 +12,7 @@ Source0:        %{url}/archive/%{version}/%{name}-%{version}.tar.gz
 # Needed until https://github.com/fedora-infra/bodhi/issues/1756 is fixed.
 Patch0:         0000-Patch-the-tests-for-CVE-2017-1002152-to-pass-with-bl.patch
 %endif
+Patch1:         0001-Retry-auth-in-the-bindings-upon-captcha-key-errors.patch
 
 BuildRequires:   createrepo_c
 BuildRequires:   fedmsg
@@ -365,6 +366,9 @@ virtualenv --system-site-packages --no-pip --never-download .test-virtualenv
 
 
 %changelog
+* Fri Sep 22 2017 Randy Barlow <bowlofeggs@fedoraproject.org> - 2.11.0-2
+- Retry auth upon captcha failures (#1494644).
+
 * Tue Sep 19 2017 Randy Barlow <bowlofeggs@fedoraproject.org> - 2.11.0-1
 - Update to 2.11.0 (#1493587).
 - https://github.com/fedora-infra/bodhi/releases/tag/2.11.0