Middleware to use Google reCAPTCHA for spam prevention

v1.1.0 2018-08-04 10:41 UTC


Latest Version on Packagist Software License Build Status Quality Score Total Downloads SensioLabs Insight

Middleware to use google/recaptcha library for spam prevention. Returns a 403 response if the request is not valid. More info about Google reCAPTCHA.



This package is installable and autoloadable via Composer as middlewares/recaptcha.

composer require middlewares/recaptcha


$dispatcher = new Dispatcher([
    new Middlewares\Recaptcha($secretKey),

    //in your view
    function () {
        echo '<div class="g-recaptcha" data-sitekey="XXX"></div>';
        echo '<script type="text/javascript" src="https://www.google.com/recaptcha/api.js"></script>';

$response = $dispatcher->dispatch(new ServerRequest());


__construct(string $secretKey)

The secret API key of your app. You can register it at https://www.google.com/recaptcha/admin

ipAttribute(string $ipAttribute)

By default uses the REMOTE_ADDR server parameter to get the client ip. This option allows to use a request attribute. Useful to combine with a ip detection middleware, for example client-ip:

$dispatcher = new Dispatcher([
    //detect the client ip and save it in client-ip attribute
    new Middlewares\ClientIP(),

    //use that attribute
    (new Middlewares\Recaptcha($secretKey))

responseFactory(Psr\Http\Message\ResponseFactoryInterface $responseFactory)

A PSR-17 factory to create 403 responses.

Please see CHANGELOG for more information about recent changes and CONTRIBUTING for contributing details.

The MIT License (MIT). Please see LICENSE for more information.