Laravel package for Google's Recaptcha V3.
To get started, use Composer to add the package to your project's dependencies:
composer require josiasmontag/laravel-recaptchav3
Add RECAPTCHAV3_SITEKEY
and RECAPTCHAV3_SECRET
to your .env
file. (You can get them here)
RECAPTCHAV3_SITEKEY=sitekey
RECAPTCHAV3_SECRET=secret
Optionally, you can publish the config file:
php artisan vendor:publish --provider="Lunaweb\RecaptchaV3\Providers\RecaptchaV3ServiceProvider"
Recaptcha v3 works best when it is loaded on every page to get the most context about interactions. Therefore, add to your header or footer template:
{!! RecaptchaV3::initJs() !!}
RecaptchaV3::field($action, $name='g-recaptcha-response')
creates an invisible input field that gets filled with a Recaptcha token on load.
<form method="post" action="/register">
{!! RecaptchaV3::field('register') !!}
<input type="submit" value="Register"></input>
</form>
Add the recaptchav3
validator to the rules array. The rule accepts two parameters: The action
name and the minimum required score
(defaults to 0.5).
$validate = Validator::make(Input::all(), [
'g-recaptcha-response' => 'required|recaptchav3:register,0.5'
]);
Alternatively, you can get the score and take variable action:
// RecaptchaV3::verify($token, $action)
$score = RecaptchaV3::verify($request->get('g-recaptcha-response'), 'register')
if($score > 0.7) {
// go
} elseif($score > 0.3) {
// require additional email verification
} else {
return abort(400, 'You are most likely a bot');
}
Add the following values to the custom
array in the validation
language file:
'custom' => [
'g-recaptcha-response' => [
'recaptchav3' => 'Captcha error message',
],
],
Add to your CSS file:
.grecaptcha-badge { visibility: visible !important; }
To make your forms testable, you can mock the RecaptchaV3
facade:
RecaptchaV3::shouldReceive('verify')
->once()
->andReturn(1.0);