Last active
March 13, 2023 06:53
-
-
Save DanRibbens/cd41848597c852969a10c12528f891f4 to your computer and use it in GitHub Desktop.
Laravel Recaptcha V3 with V2 Fallback
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <form role="form" method="POST" action="{{route('register')}}" class="inverted full"> | |
| <input type="hidden" name="_token" value="{{ csrf_token() }}"> | |
| <input type="hidden" name="register" value="true"> | |
| <div class="interact"> | |
| <label for="register-email">Email Address</label> | |
| <input id="register-email" class="email" type="email" class="form-control" name="email" | |
| value="{{ old('email') }}"> | |
| </div> | |
| <div class="row"> | |
| <div class="interact col6"> | |
| <label for="register-password">Password</label> | |
| <input id="register-password" class="password" type="password" class="form-control" name="password"> | |
| </div> | |
| <div class="interact col6"> | |
| <label for="register-confirm-password">Confirm Password</label> | |
| <input id="register-confirm-password" class="confirm-password" type="password" class="form-control" | |
| name="password_confirmation"> | |
| </div> | |
| </div> | |
| <div class="row"> | |
| <div class="interact col6"> | |
| <label for="register-first-name">First Name</label> | |
| <input id="register-first-name" class="first-name" type="text" class="form-control" name="first_name" | |
| value="{{ old('first_name') }}"> | |
| </div> | |
| <div class="interact col6"> | |
| <label for="register-last-name">Last Name</label> | |
| <input id="register-last-name" class="last-name" type="text" class="form-control" name="last_name" | |
| value="{{ old('last_name') }}"> | |
| </div> | |
| </div> | |
| <input type="hidden" id="recaptcha" name="recaptcha" value=""> | |
| @if(old('recaptcha-v2')) | |
| <div class="g-recaptcha" data-sitekey="{{config('services.recaptcha_v2.site_key')}}"></div> | |
| @endif | |
| <button type="submit" id="register-submit"> | |
| Register | |
| </button> | |
| </form> | |
| </section> | |
| @section('scripts') | |
| @if(old('recaptcha-v2')) | |
| <script type="text/javascript"> | |
| var onloadCallback = function() { | |
| alert("grecaptcha is ready!"); | |
| }; | |
| </script> | |
| <script src="https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit" | |
| async defer> | |
| </script> | |
| @endif | |
| <script src='https://www.google.com/recaptcha/api.js'></script> | |
| <script type="text/javascript"> | |
| $('[data-modal="#register-modal"]').click(function () { | |
| grecaptcha.execute( | |
| '{{config('services.recaptcha.site_key')}}', | |
| {action: 'profileModal'} | |
| ).then(function (token) { | |
| {{-- set the local token on the hidden recaptcha input to be sent with form submission --}} | |
| $('#recaptcha').val(token); | |
| }, function(error) { | |
| }); | |
| }); | |
| </script> | |
| @append |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php namespace App\Http; | |
| use App\Http\Middleware\VerifyRecaptcha; | |
| use Illuminate\Foundation\Http\Kernel as HttpKernel; | |
| class Kernel extends HttpKernel | |
| { | |
| /** | |
| * The application's route middleware. | |
| * | |
| * @var array | |
| */ | |
| protected $routeMiddleware = [ | |
| 'recaptcha' => VerifyRecaptcha::class, | |
| ]; | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| namespace App\Http\Middleware; | |
| use Closure; | |
| use GuzzleHttp\Client; | |
| class VerifyRecaptcha | |
| { | |
| /** | |
| * Handle an incoming request. | |
| * | |
| * @param \Illuminate\Http\Request $request | |
| * @param \Closure $next | |
| * @return mixed | |
| */ | |
| public function handle($request, Closure $next) | |
| { | |
| $client = new Client(); | |
| // Recaptcha v2 | |
| if ($request['g-recaptcha-response']) { | |
| $response = $client->post( | |
| 'https://www.google.com/recaptcha/api/siteverify', | |
| ['form_params' => [ | |
| 'secret' => config('services.recaptcha_v2.secret_key'), | |
| 'response' => $request['g-recaptcha-response'], | |
| 'remoteip' => $_SERVER['REMOTE_ADDR'], | |
| ]] | |
| ); | |
| $body = json_decode((string)$response->getBody()); | |
| if ($body->success) { | |
| return $next($request); | |
| } | |
| } | |
| // recaptcha v3 | |
| if ($request->recaptcha) { | |
| $response = $client->post( | |
| 'https://www.google.com/recaptcha/api/siteverify', | |
| ['form_params' => [ | |
| 'secret' => config('services.recaptcha.secret_key'), | |
| 'response' => $request->recaptcha, | |
| 'remoteip' => $_SERVER['REMOTE_ADDR'], | |
| ]] | |
| ); | |
| $body = json_decode((string)$response->getBody()); | |
| if (!$body->success || ($body->score && $body->score < 0.3)) { | |
| return redirect()->back() | |
| ->withErrors('We cannot tell if you are a real person. Try again and if you still are having trouble, please contact us.') | |
| ->withInput(['register' => true]); | |
| } | |
| return $next($request); | |
| } | |
| // no valid recaptcha, try recaptcha-v2 | |
| return redirect()->back() | |
| ->withErrors('We cannot tell if you are a real person. Try again and if you still are having trouble, please contact us.') | |
| ->withInput(array_merge(['register' => true, 'recaptcha-v2' => true], $request->all())); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment