233sec / laravel-recaptchav3
Recaptcha V3 for Laravel package
Requires
- php: >=7.0.0
- illuminate/framework: >=5.0
Requires (Dev)
- mockery/mockery: ^1.2
- orchestra/testbench: ~3.7.0
- phpunit/phpunit: 6.2|^7.0
README
Laravel package for Google's Recaptcha V3.
Installation
To get started, use Composer to add the package to your project's dependencies:
composer require josiasmontag/laravel-recaptchav3
Add RECAPTCHAV3_SITEKEY
and RECAPTCHAV3_SECRET
to your .env
file. (You can get them here)
RECAPTCHAV3_SITEKEY=sitekey
RECAPTCHAV3_SECRET=secret
Optionally, you can publish the config file:
php artisan vendor:publish --provider="Lunaweb\RecaptchaV3\RecaptchaV3ServiceProvider"
Usage
Init Recaptcha Javascript
Recaptcha v3 works best when it is loaded on every page to get the most context about interactions. Therefore, add to your header or footer template:
{!! RecaptchaV3::initJs() !!}
Forms
RecaptchaV3::field($action, $name='g-recaptcha-response')
creates an invisible input field that gets filled with a Recaptcha token on load.
<form method="post" action="/register"> {!! RecaptchaV3::field('register') !!} <input type="submit" value="Register"></input> </form>
Validation
Add the recaptchav3
validator to the rules array. The rule accepts two parameters: The action
name and the minimum required score
(defaults to 0.5).
$validate = Validator::make(Input::all(), [ 'g-recaptcha-response' => 'required|recaptchav3:register,0.5' ]);
Getting the score
Alternatively, you can get the score and take variable action:
// RecaptchaV3::verify($token, $action) $score = RecaptchaV3::verify($request->get('g-recaptcha-response'), 'register') if($score > 0.7) { // go } elseif($score > 0.3) { // require additional email verification } else { return abort(400, 'You are most likely a bot'); }
Testing
To make your forms testable, you can mock the RecaptchaV3
facade:
RecaptchaV3::shouldReceive('verify') ->once() ->andReturn(1.0);