s00d / no-captcha
No CAPTCHA reCAPTCHA For Laravel.
Requires
- php: >=5.5.5
- guzzlehttp/guzzle: ^6.2|^7.0
- illuminate/support: ^5.0|^6.0|^7.0|^8.0|^9.0|^10.0|^11.0
Requires (Dev)
- phpunit/phpunit: ~4.8
README
For Laravel 4 use v1 branch.
Installation
composer require s00d/no-captcha
Laravel 5 and above
Setup
NOTE This package supports the auto-discovery feature of Laravel 5.5 and above, So skip these Setup
instructions if you're using Laravel 5.5 and above.
In app/config/app.php
add the following :
1- The ServiceProvider to the providers array :
s00d\NoCaptcha\NoCaptchaServiceProvider::class,
2- The class alias to the aliases array :
'NoCaptcha' => s00d\NoCaptcha\Facades\NoCaptcha::class,
3- Publish the config file
php artisan vendor:publish --provider="s00d\NoCaptcha\NoCaptchaServiceProvider"
Configuration
Add NOCAPTCHA_SECRET
and NOCAPTCHA_SITEKEY
in .env file :
NOCAPTCHA_SECRET=secret-key
NOCAPTCHA_SITEKEY=site-key
(You can obtain them from here)
Usage
Init js source
With default options :
{!! NoCaptcha::renderJs() !!}
With language support or onloadCallback option :
{!! NoCaptcha::renderJs('fr', true, 'recaptchaCallback') !!}
Display reCAPTCHA
Default widget :
{!! NoCaptcha::display() !!}
With custom attributes (theme, size, callback ...) :
{!! NoCaptcha::display(['data-theme' => 'dark']) !!}
Invisible reCAPTCHA using a submit button:
{!! NoCaptcha::displaySubmit('my-form-id', 'submit now!', ['data-theme' => 'dark']) !!}
Notice that the id of the form is required in this method to let the autogenerated callback submit the form on a successful captcha verification.
Validation
Add 'g-recaptcha-response' => 'required|captcha'
to rules array :
$validate = Validator::make(Input::all(), [ 'g-recaptcha-response' => 'required|captcha' ]);
Custom Validation Message
Add the following values to the custom
array in the validation
language file :
'custom' => [ 'g-recaptcha-response' => [ 'required' => 'Please verify that you are not a robot.', 'captcha' => 'Captcha error! try again later or contact site admin.', ], ],
Then check for captcha errors in the Form
:
@if ($errors->has('g-recaptcha-response')) <span class="help-block"> <strong>{{ $errors->first('g-recaptcha-response') }}</strong> </span> @endif
Testing
When using the Laravel Testing functionality, you will need to mock out the response for the captcha form element.
So for any form tests involving the captcha, you can do this by mocking the facade behavior:
// prevent validation error on captcha NoCaptcha::shouldReceive('verifyResponse') ->once() ->andReturn(true); // provide hidden input for your 'required' validation NoCaptcha::shouldReceive('display') ->zeroOrMoreTimes() ->andReturn('<input type="hidden" name="g-recaptcha-response" value="1" />');
You can then test the remainder of your form as normal.
When using HTTP tests you can add the g-recaptcha-response
to the request body for the 'required' validation:
// prevent validation error on captcha NoCaptcha::shouldReceive('verifyResponse') ->once() ->andReturn(true); // POST request, with request body including g-recaptcha-response $response = $this->json('POST', '/register', [ 'g-recaptcha-response' => '1', 'name' => 'John', 'email' => 'john@example.com', 'password' => '123456', 'password_confirmation' => '123456', ]);
Without Laravel
Checkout example below:
<?php require_once "vendor/autoload.php"; $secret = 'CAPTCHA-SECRET'; $sitekey = 'CAPTCHA-SITEKEY'; $captcha = new \s00d\NoCaptcha\NoCaptcha($secret, $sitekey); if (! empty($_POST)) { var_dump($captcha->verifyResponse($_POST['g-recaptcha-response'])); exit(); } ?> <form action="?" method="POST"> <?php echo $captcha->display(); ?> <button type="submit">Submit</button> </form> <?php echo $captcha->renderJs(); ?>