biscolab / laravel-recaptcha Goto Github PK
View Code? Open in Web Editor NEWGoogle ReCaptcha package for Laravel
Home Page: https://github.com/biscolab/laravel-recaptcha#readme
License: MIT License
Google ReCaptcha package for Laravel
Home Page: https://github.com/biscolab/laravel-recaptcha#readme
License: MIT License
Hello!
I couldn't find anything in your documentation about how to test recaptcha with phpunit. I have a complete set of feature tests for my authentication flow, and recently added recaptcha support with your package. And meanwhile I can disable recaptcha validation for testing via the CreatesApplication class, I'm not sure that is good solution and looking after a real way to test this.
Did I miss any guide or docs on this?
Would you mind adding it? Thanks!
As you wrote $configuration argument can have following keys:
{!! htmlScriptTagJsApi(['lang' => 'en' !!}
, but it does not work. As I checked you need to pass {!! htmlScriptTagJsApi(['resources' => 'en' !!}
instead. Please check if I am right.
Describe the bug
A clear and concise description of what the bug is.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
A clear and concise description of what you expected to happen.
Screenshots
If applicable, add screenshots to help explain your problem.
Environment:
Additional context
Add any other context about the problem here, like code snippets.
There is a semicolon there, where a comma should be. It is causing an error when doing the vendor:publish for your config file.
do it work with php 7 ?
Describe the bug
A clear and concise description of what the bug is.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
A clear and concise description of what you expected to happen.
Screenshots
If applicable, add screenshots to help explain your problem.
Environment:
Additional context
Add any other context about the problem here, like code snippets.
hi , everttime i try to submit the form i get Hey!!! Recaptcha is wrong!
i am using laravel 5.6
i also added this:
--
| function biscolabLaravelReCaptcha(token) {
| document.getElementById("login-form").submit();
| }
| </script>
{!! htmlFormButton() !!}
Describe the bug
I am getting the same error from issue#22. I am already using v4.12 but still getting Call to undefined function htmlScriptTagJsApiV3() error on my blade file.
When de laravel is installed on subfolder the default_validation_route generate 404.
To Reproduce
Steps to reproduce the behavior:
Hi,
I'm trying to defer rendering because recaptcha isn't visible at first on my page,
I did set "explicit" to true in the config as mentioned in the doc,
but I can't find where to add the name for my onload callback,
could you please provide an example for this (and add it in the doc) ?
Best regards,
Olivier
I have implemented the example that you have in the documentation page of V3, and I understand that using the callback_then and callback_catch you will make a request for a specific library endpoint that returns the score of the user, but even if the user have a really bad score how this will prevent the form to be submitted.
I think you should create a real example of a simple contact form protected with the recapctha v2, invisible and V3.
In the V2 example you append the g-recaptcha-response on the form that will be submitted and this make sense, but in V3 example I think you can always submit.
Can you explaining me if I'm seeing it wrong?
How this code will protect the form (in v3 example) if for example it is submitted for a bot that don't even run javascript?
Error Exception Call to undefined function htmlScriptTagJsApiV3()
Steps to reproduce the behavior:
composer require airbrake/phpbrake
This usage example details how to create a notifier instance, set a global notifier instance, register the error handler, and includes a snippet of some code that would report an exception to Airbrake (You can find your project ID and API KEY with your project's settings):
// Create new Notifier instance.
$notifier = new Airbrake\Notifier(array(
'projectId' => <Your project ID>,
'projectKey' => '<Your project API KEY>',
));
// Set global notifier instance.
Airbrake\Instance::set($notifier);
// Register error and exception handlers.
$handler = new Airbrake\ErrorHandler($notifier);
$handler->register();
// Somewhere in the app...
try {
throw new Exception('hello from phpbrake');
} catch(Exception $e) {
Airbrake\Instance::notify($e);
}
Check out our official GitHub repo for info on additional features like:
Describe the bug
This error does not happen all the time. It has been less than 1% in all page load. Sometime, when a recaptcha v3 enabled page is loaded, there is an error reported in sentry.io and the error is Return value of Biscolab\ReCaptcha\Controllers\ReCaptchaController::validateV3() must be of the type array, boolean returned.
The error stack is below:
Symfony\Component\Debug\Exception\FatalThrowableError: Return value of Biscolab\ReCaptcha\Controllers\ReCaptchaController::validateV3() must be of the type array, boolean returned
#54 vendor/biscolab/laravel-recaptcha/src/Controllers/ReCaptchaController.php(27): validateV3
#53 vendor/biscolab/laravel-recaptcha/src/Controllers/ReCaptchaController.php(0): call_user_func_array
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Error should not happen
Screenshots
If applicable, add screenshots to help explain your problem.
Environment:
Homestead
Laravel 5.7.20
Additional context
n/a
Could the inline script be added with a nonce? Maybe optional integration with spatie/laravel-csp
or some means for me to insert a nonce to the inline script. The markup is pretty hard-coded. If the view were moved out of inline blade markup into an actual blade.view, then I'd have some more flexibility.
Hi!
I'm trying to get the documentation at https://laravel-recaptcha-docs.biscolab.com/docs/intro but page is not working.
The response is:
Error 526 Invalid SSL Certificate
Thank you for your amazing job!
Problem 2
- Root composer.json requires biscolab/laravel-recaptcha ^4.4 -> satisfiable by biscolab/laravel-recaptcha[4.4.0].
- biscolab/laravel-recaptcha 4.4.0 requires php ^7.1 -> your php version (8.0.2) does not satisfy that requirement.
Hi, thanks for this project. Can you add Laravel 8 compatibility?
Describe the bug
When I'm using ReCaptcha::htmlScriptTagJsApi()
before my It display {}
at the top of my page. But the package work well.
To Reproduce
Steps to reproduce the behavior:
{{!! ReCaptcha::htmlScriptTagJsApi() !!}}
before your .Expected behavior
To not have this {}
at the top of page.
Environment:
I am using Laravel v5.6 and Laravel Recaptcha version 3.6.
I have a customer login page and an admin login page. I added the recaptcha to both and it works on the customer login page but when I click the checkbox on the admin login page I keep getting this "Uncaught (in promise) Timeout" error where the widget spins and then it goes back to the default unchecked state and therefore I am unable to log in.
laravel-recaptcha/src/ReCaptchaBuilder.php
Line 354 in 21018b2
Hi
When array returns the validation Rule will pass!
even the array with error:
array (
'success' => false,
'error-codes' =>
array (
0 => 'invalid-keys',
),
)
Hi mighty all,
Trying to inject the usual ReCaptcha (your packet) functionality into JetstreamServiceProvider.
If the captcha is empty — everything is OK and I get an error, but if captcha is passed/checked I also get an error saying "You have to pass ReCaptcha check". Deep night now, please point me in the right direction.
P.S. All the same works for Jetstream while creating a new user (updated validator inside Fortify/CreateNewUser.php).
Describe the bug
I have an installation of Laravel Nova in the same app that I'm using this package and I noticed that Laravel Nova started to be in English after installing this package. I have the translations for Laravel Nova to Brazilian Portuguese.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
See Laravel Nova in configured language.
Screenshots
When this package is installed:
If I comment this line in ReCaptchaServiceProvider
:
Then I have it in the correct language:
Environment:
if the input field is empty, the submit event handler doesn't run. It will be triggered only if the HTML5 validation (the required attribute, in this case) has passed.
I'd expect a captcha to run after the HTML5 validation too; why do I have to annoy the user compiling a captcha if later on I'd warn him there are missing fields ? First I should force the user to do everything in the right way, then ensure it's a human and not a bot, IMHO.
Appearently, reCaptcha does something on the form it attaches on, removing the HTML5 validation feature.
The form will be submitted with the empty field, without notifying the user about its obligatoriness.
Any clue on why it acts like this ? Is there a way I can instruct reCaptcha to let HTML5 form validation run before taking control ?
Please Allow Install On Laravel 6
Hi,
is it possible to add localization to googles recaptcha ?
My steps in ReCaptchaBuilder
class were:
Add Facade:
use Illuminate\Support\Facades\App;
Add propery
protected $locale;
property.
Updated constructor
public function __construct(...) { ... $this->locale = App::getLocale(); }
and then make some changes in this method (showing changes just in version v2)
htmlScriptTagJsApi() {
<script src=\"https://www.google.com/recaptcha/api.js?hl={$this->locale}\" async defer></script>
}
Valid code languages can be found here:
https://developers.google.com/recaptcha/docs/language
best regards
Greg
I used this code
<form action="" method="post">
@csrf
{!! htmlFormSnippet() !!}
<input type="submit" value="Click here to continue" id="submit_form" disabled>
</form>
and
htmlScriptTagJsApi()
I want to add javascript call back function to valid form and enable that button.
But I could not find any solution
I think this is new sugesstion. Thanks
is there any solution for this error ? can i set header cookie on htmlFormSnippet() ?
as described in the documentation I installed the package and add the keys to the config then inserted the helper into the view.
I'm using recaptcha on the login form so the form is submitted to /login
, I don't know if I have to add anything to the controller but that is not mentioned in the documentation so I assume it's handled by the package.
the recaptcha logo appear on the bottom right of the page and i can see requests going to https://www.google.com/recaptcha/api2/
Screenshots of the request and response
Environment:
Additional context
the code inserted in the view head
{!! htmlScriptTagJsApi([
'action' => 'homepage',
]) !!}
config file:
<?php
/**
* Copyright (c) 2017 - present
* LaravelGoogleRecaptcha - recaptcha.php
* author: Roberto Belotti - [email protected]
* web : robertobelotti.com, github.com/biscolab
* Initial version created on: 12/9/2018
* MIT license: https://github.com/biscolab/laravel-recaptcha/blob/master/LICENSE
*/
/**
* To configure correctly please visit https://developers.google.com/recaptcha/docs/start
*/
return [
/**
*
* The site key
* get site key @ www.google.com/recaptcha/admin
*
*/
'api_site_key' => env('RECAPTCHA_SITE_KEY', ''),
/**
*
* The secret key
* get secret key @ www.google.com/recaptcha/admin
*
*/
'api_secret_key' => env('RECAPTCHA_SECRET_KEY', ''),
/**
*
* ReCATCHA version
* Supported: "v2", "invisible", "v3",
*
* get more info @ https://developers.google.com/recaptcha/docs/versions
*
*/
'version' => 'v3',
/**
*
* The curl timout in seconds to validate a recaptcha token
* @since v3.5.0
*
*/
'curl_timeout' => 10,
/**
*
* IP addresses for which validation will be skipped
*
*/
'skip_ip' => [],
/**
*
* Default route called to check the Google reCAPTCHA token
* @since v3.2.0
*
*/
'default_validation_route' => 'biscolab-recaptcha/validate',
/**
*
* The name of the parameter used to send Google reCAPTCHA token to verify route
* @since v3.2.0
*
*/
'default_token_parameter_name' => 'token',
/**
*
* The default Google reCAPTCHA language code
* It has no effect with v3
* @see https://developers.google.com/recaptcha/docs/language
* @since v3.6.0
*
*/
'default_language' => null,
/**
*
* The default form ID. Only for "invisible" reCAPTCHA
* @since v4.0.0
*
*/
'default_form_id' => 'biscolab-recaptcha-invisible-form',
/**
*
* Deferring the render can be achieved by specifying your onload callback function and adding parameters to the JavaScript resource.
* It has no effect with v3 and invisible
* @see https://developers.google.com/recaptcha/docs/display#explicit_render
* @since v4.0.0
* Supported true, false
*
*/
'explicit' => false,
/**
*
* Set API domain. You can use "www.recaptcha.net" in case "www.google.com" is not accessible.
* (no check will be made on the entered value)
* @see https://developers.google.com/recaptcha/docs/faq#can-i-use-recaptcha-globally
* @since v4.3.0
* Default 'www.google.com' (ReCaptchaBuilder::DEFAULT_RECAPTCHA_API_DOMAIN)
*
*/
'api_domain' => 'www.google.com',
/**
*
* g-recaptcha tag attributes and grecaptcha.render parameters (v2 only)
* @see https://developers.google.com/recaptcha/docs/display#render_param
* @since v4.0.0
*/
'tag_attributes' => [
/**
* The color theme of the widget.
* Supported "light", "dark"
*/
'theme' => 'light',
/**
* The size of the widget.
* Supported "normal", "compact"
*/
'size' => 'normal',
/**
* The tabindex of the widget and challenge.
* If other elements in your page use tabindex, it should be set to make user navigation easier.
*/
'tabindex' => 0,
/**
* The name of your callback function, executed when the user submits a successful response.
* The g-recaptcha-response token is passed to your callback.
* DO NOT SET "biscolabOnloadCallback"
*/
'callback' => null,
/**
* The name of your callback function, executed when the reCAPTCHA response expires and the user needs to re-verify.
* DO NOT SET "biscolabOnloadCallback"
*/
'expired-callback' => null,
/**
* The name of your callback function, executed when reCAPTCHA encounters an error (usually network connectivity) and cannot continue until connectivity is restored.
* If you specify a function here, you are responsible for informing the user that they should retry.
* DO NOT SET "biscolabOnloadCallback"
*/
'error-callback' => null,
]
];
When I try to validate recaptcha with language sk
pt
hu
then validation failed.
Head example:
{!! htmlScriptTagJsApi(['lang' => 'sk']) !!}
Response from server:
{"message":"Server Error","country_status":"active"}
For other languages validation works.
Is there any fix for that?
Hello, this is not a bug.
I have implemented this package on a study project. I'm able to get keys from google, but how do I make the laravel login to validate de reCaptcha without messing with files in vendor folder?
I'm posting this because if I don't configure the proper domain, the login is successfull anyway.
Regards
Describe the bug
Hi, thanks for the package, unfortunately I get the following error:
Call to undefined method Biscolab\ReCaptcha\ReCaptchaBuilderV2::htmlFormButton()
When I remove {!! htmlFormButton() !!}
the captcha appears correctly (without the submit button obviously).
Configs are set too, both in .env and recaptcha.php file.
I also tried {!! ReCaptcha::htmlFormButton() !!}
and still the same, I'm using v2 but even if I change it to invisible in config, then I get this error instead: Call to undefined method Biscolab\ReCaptcha\ReCaptchaBuilderInvisible::htmlFormSnippet()
Environment:
thank you brother for this package
that is my code
@error('g-recaptcha-respons')
{{ $message }}
@enderror
Describe the bug
Using this command: php artisan vendor:publish --provider="Biscolab\ReCaptcha\ReCaptchaServiceProvider"
does not publish any files.
To Reproduce
Follow the install instructions and execute php artisan vendor:publish --provider="Biscolab\ReCaptcha\ReCaptchaServiceProvider"
. Returned message is: Publishing complete.
but nothing is published in config or anywhere else.
Expected behavior
At least the config file to be published.
Environment:
Additional context
Running locally under XAMPP v 3.2.2 using PHP 7.3.
How to use in the laravel 6 Backend to validate user login?
Any form that not send the token in a hidden input?
Unable to upgrade to Laravel 7.x
Problem 1
- Conclusion: remove biscolab/laravel-recaptcha 4.0.1
- Conclusion: don't install biscolab/laravel-recaptcha 4.0.1
- Conclusion: don't install laravel/framework v7.0.2
Environment:
Environment:
Every time a request is sent using ajax, and there is an error, just let it do it once, you have to reload the page to be able to use it again, because it returns the catpcha error. It should have a function to refresh the captcha.
I made a login where it returns if the person has active, double authentication, so if it returns yes, it should ask for the code on the same page, but it doesn't stop because if it sends the code at once, it should refresh.
Environment:
Greetings,
I use Recaptcha v2 or Recaptcha v3 in my project, depending on the choice of admin.
I have no problem running it on any page.
However, I am having problems when my login screen is added to the page later. My scenario is as follows:
If the user is not logged in, I send an ajax request and get the login view in response to the ajax request. I show the login view to the user in Bootstrap-modal. During the display process (in Login View) for V2
{!! ReCaptcha::htmlScriptTagJsApi() !!}
and {!! ReCaptcha::htmlFormSnippet () !!}
or for V3
{!! htmlScriptTagJsApi ([
'action' => 'submit',
'callback_then' => 'callbackThen',
'callback_catch' => 'callbackCatch'
]) !!}
If I use it, V2 Recaptcha comes, but when the form is submitted, the default_validation_route is not requested.
I have the same problem in V3 as well. There is no request to default_validation_route.
let wID=grecaptcha.render('recaptcha-element');
grecaptcha.reset(wID);
Describe Missing Feature
Not possible to disable the button after it is clicked.
To Reproduce
I want to disable the button after it is clicked, since some users click many times the button, currentlly the button remains enabled after the click.
Expected behavior
After click the button is disabled.
Environment:
Not browser dependent.
Possible Solution
On htmlScriptTagJsApi, add an additional propertie like :
'disable' => true, so the button is disabled after click or false if the button should remain enabled.
Currently we have to set the size
for v2 checkbox to 'normal'
or 'compact'
in the config, and it applies everywhere. However, for my use case I would like to be able to override this on certain pages. You already allow passing configuration in the JS tag, like this:
{!! htmlScriptTagJsApi(['lang' => 'de']) !!}
Can you make it so
{!! htmlFormSnippet() !!}
can also accept configuration, at least for size
?
Describe the bug
When I use invisible captcha, it's not possible to overwrite data-callback
{!! htmlFormButton(trans('contact.send_button'), ['class' => 'btn submit', 'data-badge' => 'bottomleft', 'data-callback' => 'myCustomFunction']) !!}
Expected behavior
data-callback
attribute must be overwritten to myCustomFunction
Environment:
Hello everyone my domain is . dev.stabit.com
I am install package and configration is still work 127.0.0.1 and not work server . İf empty chapca not error message ı dont understand . PHP version 7.4 . Server laravel . versiyon 7
Site login
stabit
Stabit!!20
my config file
https://paste.laravel.io/b5541309-de64-439e-9b4e-228a6f7b3d6c
my html file
https://paste.laravel.io/94b9b17c-c716-4c0b-88c2-db6b5896d45c
and my recapcha config
please help me.
I was just wondering if it is possible to configure where the badge shows up on the page. We are using the Invisible captcha, and it shows the small Google badge in the bottom right corner. We also have another JS tool that displays a badge in the same corner.
Looks like it is possible to adjust the badge location in the Google docs, but I'm not sure if it is possible to use these settings in the Laravel configuration.
See data-badge on this page...
https://developers.google.com/recaptcha/docs/invisible
Thanks in advance!
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.