Created
June 29, 2017 05:11
-
-
Save akirattii/a10815096c75505e8132756170722138 to your computer and use it in GitHub Desktop.
reCAPTCHA middleware of express.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* reCAPTCHA checking middleware | |
* | |
* Usage: | |
* ``` | |
* var checkReCAPTCHA = require("../middleware/CheckReCAPTCHA.js").checkReCAPTCHA; | |
* router.post('/hoge', | |
* checkReCAPTCHA(), | |
* function(req, res, next) { | |
* // | |
* }); | |
* ``` | |
*/ | |
const MODULENAME = "CheckReCAPTCHA"; | |
var request = require('request'); | |
/** | |
* Returns the middleware for reCAPTCHA checking | |
* Assuming that `g-recaptcha-response` in querystring (contained in `req.query`) is passed by previous middleware. | |
*/ | |
exports.checkReCAPTCHA = function() { | |
return function(req, res, next) { | |
const fnname = "check"; | |
const url = "https://www.google.com/recaptcha/api/siteverify"; | |
const method = "POST"; | |
/* | |
* POST Parameter to the reCAPTCHA API of Google: | |
* secret - Required. The shared key between your site and reCAPTCHA. | |
* response - Required. The user response token provided by reCAPTCHA, verifying the user on your site. | |
* remoteip - Optional. The user's IP address. | |
*/ | |
const form = { | |
secret: config.recaptcha.secretKey, // secret key provided by Google | |
response: req.query["g-recaptcha-response"], // generated data by reCAPTCHA lib on client-side | |
}; | |
request({ url, method, form, json: true, }, (err, response) => { | |
const success = response.body.success; | |
if (success === true) return next(); | |
const errors = createErrors(); | |
return res.status(403).json(errors); | |
}); | |
}; | |
}; | |
function createErrors() { | |
let errors = [ | |
{ param: 'g-recaptcha-response', msg: 'bot-access-forbidden', value: null }, | |
]; | |
return errors; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
... | |
<!-- reCAPTCHA --> | |
<div class="row mb-3"> | |
<script src='https://www.google.com/recaptcha/api.js'></script> | |
<div class="g-recaptcha mx-auto" data-sitekey="<YOUR_SITE_KEY_HERE>"></div> | |
</div> | |
<!-- SNS Sign-in buttons --> | |
<span data-url="/auth/twitter" class="btn btn-lg btn-block btn-social btn-twitter"> | |
<span class="fa fa-twitter"></span> Twitter Sign-in | |
</span> | |
<span data-url="/auth/facebook" class="btn btn-lg btn-block btn-social btn-facebook"> | |
<span class="fa fa-facebook"></span> FB Sign-in | |
</span> | |
<span data-url="/auth/google" class="btn btn-lg btn-block btn-social btn-google"> | |
<span class="fa fa-google"></span> Google Sign-in | |
</span> | |
... | |
<script type="text/javascript"> | |
;(function($){ | |
$(".btn-social").on("click",function(){ | |
const $self = $(this); | |
const url = $self.data("url"); | |
const recaptchaResponse = document.querySelector("#g-recaptcha-response").value; | |
//console.log("g-recaptcha-response", recaptchaResponse); | |
window.location.href = url + "?g-recaptcha-response=" + recaptchaResponse; | |
}); | |
})(jQuery); | |
</script> | |
... |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment