-
-
Save cfalzone/453fb62314cc9109ce1588393a11f033 to your computer and use it in GitHub Desktop.
dotCMS RECAPTCHA Verify server side
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## Get the user's IP Address -- will vary depending on Load Balancer implementation, here's a couple common ways ... | |
#set($ip = $request.getHeader('x-cluster-client-ip'))## | |
#if(!$UtilMethods.isSet($ip))## | |
#set($ip = $request.getHeader('X-FORWARDED-FOR'))## | |
#end## | |
#if(!$UtilMethods.isSet($ip))## | |
#set($ip = $request.getHeader('REMOTE_ADDR'))## | |
#end## | |
#if(!$UtilMethods.isSet($ip))## | |
#set($ip = $request.getRemoteAddr())## | |
#end## | |
## Change the document's MIME if we're not in the backend | |
#if(!$EDIT_MODE) | |
$!response.setContentType("application/json") | |
#end | |
## Get the captcha verification values | |
#set($captcha = $request.getParameter('captcha')) | |
#set($isValid = true) | |
#set($site = $request.getParameter('hostname')) | |
#set($bypass = $request.getParameter('bypass')) | |
## Your recaptch secret would go here -- we manage this in language variables for each of our websites | |
#set($recaptchaSecret = '...') | |
## Invalid captcha error | |
#if(!$UtilMethods.isSet($captcha) || $captcha.length() < 1) | |
#set($isValid = false) | |
#set($errorCodes = "$!{errorCodes},${esc.q}no-captcha-input${esc.q}") | |
#set($errorMessages = "$!{errorMessages} No captcha provided for verification.") | |
#end | |
#if($isValid) | |
## Fetch the verification response from Google | |
#set($resp = $json.fetch("https://www.google.com/recaptcha/api/siteverify?secret=${recaptchaSecret}&response=${captcha}&remoteip=${ip}")) | |
#set($status = 200) | |
#else | |
## If no captcha, supply our own error | |
#set($resp = $json.generate("{\"message\":\"${errorMessages.trim()}\",\"error-codes\":[${errorCodes.substring(1)}],\"success\":false}")) | |
#set($status = 403) | |
#end | |
## Set response code and content based on results | |
$!response.setStatus($status) | |
$resp.toString() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment