Laravel package for Google's Recaptcha V3.
To get started, use Composer to add the package to your project's dependencies:
composer require josiasmontag/laravel-recaptchav3
Add RECAPTCHAV3_SITEKEY and RECAPTCHAV3_SECRET to your .env file. (You can get them here)
RECAPTCHAV3_SITEKEY=sitekey
RECAPTCHAV3_SECRET=secret
Optionally, you can publish the config file:
php artisan vendor:publish --provider="Lunaweb\RecaptchaV3\RecaptchaV3ServiceProvider"
Recaptcha v3 works best when it is loaded on every page to get the most context about interactions. Therefore, add to your header or footer template:
{!! RecaptchaV3::initJs() !!}RecaptchaV3::field($action, $name='g-recaptcha-response') creates an invisible input field that gets filled with a Recaptcha token on load.
<form method="post" action="/register">
{!! RecaptchaV3::field('register') !!}
<input type="submit" value="Register"></input>
</form>Add the recaptchav3 validator to the rules array. The rule accepts two parameters: The action name and the minimum required score (defaults to 0.5).
$validate = Validator::make(Input::all(), [
'g-recaptcha-response' => 'required|recaptchav3:register,0.5'
]);Alternatively, you can get the score and take variable action:
// RecaptchaV3::verify($token, $action)
$score = RecaptchaV3::verify($request->get('g-recaptcha-response'), 'register')
if($score > 0.7) {
// go
} elseif($score > 0.3) {
// require additional email verification
} else {
return abort(400, 'You are most likely a bot');
}To make your forms testable, you can mock the RecaptchaV3 facade:
RecaptchaV3::shouldReceive('verify')
->once()
->andReturn(1.0);