init: function(component, event, helper){ | |
const vfOrigin = component.get('v.approvedHost'); | |
/* | |
* Registering an event to listen for messages from the VisualForce recaptcha page. | |
* This event will tell us if the recaptcha has been completed or not. | |
*/ | |
window.addEventListener("message", function(event) { | |
/* | |
* Checking the captcha state so we can toggle the error message off if it's been completed. | |
*/ | |
if (event.data.action == 'checkCAPTCHAState') { | |
if (event.data.isValid) { | |
component.set('v.formMessage', ''); | |
} | |
} | |
if (event.origin !== vfOrigin) { | |
/* | |
* A message was received but not from the expected origin so let's bail. | |
*/ | |
return; | |
} | |
if (event.data.action == 'alohaCallingCAPTCHA' && event.data.alohaResponseCAPTCHA == 'NOK'){ | |
/* | |
* The user tried to submit the form but we don't have a recaptcha token yet. | |
*/ | |
component.set('v.formMessage', component.get('v.reCaptchaErrorMessage')); | |
} else if (event.data.action == 'alohaCallingCAPTCHA' && event.data.alohaResponseCAPTCHA == 'OK') { | |
/* | |
* We have a token but we still need to verify it's authentic with a server side call. | |
* This is to safeguard against HTTP client request forgery. | |
*/ | |
const token = event.data.response; | |
helper.doRecaptchaVerification(component, event, helper, token); | |
} | |
}, false); | |
}, | |
submitForm: function (component, event, helper) { | |
event.preventDefault(); | |
const isValid = helper.checkValidity(component, event, helper); | |
if (isValid) { | |
/* | |
* When the submit button is clicked and all fields valid, we send a message to the Visualforce page | |
* asking if the recaptcha has been completed yet. | |
*/ | |
const message = 'alohaCallingCAPTCHA'; | |
const vfOrigin = component.get('v.approvedHost'); | |
const vfWindow = component.find("vfFrame").getElement().contentWindow; | |
vfWindow.postMessage({ action: "alohaCallingCAPTCHA" }, vfOrigin); | |
} else { | |
component.set('v.formMessage', 'Sorry, the form is not valid.')); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment