josiasmontag / laravel-recaptchav3 by josiasmontag

Recaptcha V3 for Laravel package
860,723
217
4
Package Data
Maintainer Username: josiasmontag
Maintainer Contact: josias@montag.info (Josias Montag)
Package Create Date: 2018-10-30
Package Last Update: 2024-03-06
Language: PHP
License: MIT
Last Refreshed: 2024-11-24 15:07:54
Package Statistics
Total Downloads: 860,723
Monthly Downloads: 33,805
Daily Downloads: 287
Total Stars: 217
Total Watchers: 4
Total Forks: 38
Total Open Issues: 24

Laravel Recaptcha V3

Laravel package for Google's Recaptcha V3. This is a lightweight package which focuses on the backend validation of Recaptcha V3 captchas.

Installation

To get started, use Composer to add the package to your project's dependencies:

composer require josiasmontag/laravel-recaptchav3

Add RECAPTCHAV3_SITEKEY and RECAPTCHAV3_SECRET to your .env file. (You can get them here)

RECAPTCHAV3_SITEKEY=sitekey
RECAPTCHAV3_SECRET=secret

Optionally, you can publish the config file:

php artisan vendor:publish --provider="Lunaweb\RecaptchaV3\Providers\RecaptchaV3ServiceProvider"

Usage

Init Recaptcha Javascript

Recaptcha v3 works best when it is loaded on every page to get the most context about interactions. Therefore, add to your header or footer template:

{!! RecaptchaV3::initJs() !!}

Forms

RecaptchaV3::field($action, $name='g-recaptcha-response') creates an invisible input field that gets filled with a Recaptcha token on load.

<form method="post" action="/register">
    {!! RecaptchaV3::field('register') !!}
    <input type="submit" value="Register"></input>
</form>

Validation

Add the recaptchav3 validator to the rules array. The rule accepts two parameters: The action name and the minimum required score (defaults to 0.5).

$validate = Validator::make(Input::all(), [
	'g-recaptcha-response' => 'required|recaptchav3:register,0.5'
]);

Getting the score

Alternatively, you can get the score and take variable action:

//  RecaptchaV3::verify($token, $action)
$score = RecaptchaV3::verify($request->get('g-recaptcha-response'), 'register')
if($score > 0.7) {
    // go
} elseif($score > 0.3) {
    // require additional email verification
} else {
    return abort(400, 'You are most likely a bot');
}

Custom validation error message

Add the following values to the custom array in the validation language file:

'custom' => [
    'g-recaptcha-response' => [
        'recaptchav3' => 'Captcha error message',
    ],
],

Hiding the ReCAPTCHA Badge

Add to your CSS file:

.grecaptcha-badge { visibility: hidden !important; }

Testing

To make your forms testable, you can mock the RecaptchaV3 facade:

RecaptchaV3::shouldReceive('verify')
    ->once()
    ->andReturn(1.0);