using the [altcha] shortcode with AJAX?

Question

using the [altcha] shortcode with AJAX?

Closed this issue 8 months ago · 1 comments

Hi,

I was not sure where to post this question as this is not really an issue of the plugin but it might be useful for adding this information to the readme.

I'm trying to implement the [altcha] shortcode with AJAX. I do receive $_POST['altcha-token'] on the serverside but I can't seem to get a valid response with wp_remote_post. (I always receive a 404.)

How do I correctly verify the Altcha token generated at the frontend on the serverside with wp_remote_post?

$altcha_token = sanitize_text_field($_POST['altcha-token']);

$altcha_api_url = site_url() . '/wp-json/altcha/v1/challenge';
$secret_key = 'key';

$response = wp_remote_post($altcha_api_url, array(
        'method' => 'POST',
        'body' => json_encode(array(
            'token' => $altcha_token,
            'secret' => $secret_key
        )),
        'headers' => array(
            'Content-Type' => 'application/json'
        )
    ));

edit;

🤔 I just use:

$plugin = AltchaPlugin::$instance;
var_dump($plugin->verify_solution($altcha_token));

I assume true is ok and false is wrong.

Answer 1 · 2024-05-22T23:20:32.000Z

Hi, the endpoint /wp-json/altcha/v1/challenge only implements the GET method (it's used only to fetch a new random challenge). To verify a solution, use the method verify_solution() as you wrote. If the return value is true it means verification is successful. There's also a generic verify() which supports also API and spam filter (see example usage: https://github.com/altcha-org/wordpress-plugin/blob/main/integrations/html-forms.php#L28)