Google reCAPTCHA 實作（use **[laravel-google-recaptcha-v3](https://github.com/RyanDaDeng/laravel-google-recaptcha-v3)**)

--- tags: Laravel, recaptcha, google --- # Google reCAPTCHA 實作（use **[laravel-google-recaptcha-v3](https://github.com/RyanDaDeng/laravel-google-recaptcha-v3)**) Facade Usage ------------ ### 手動操作範例 --- ```php= GoogleReCaptchaV3::setAction($action)->verifyResponse($value,$ip = null); ``` ```php= GoogleReCaptchaV3::verifyResponse($value,$ip)->getMessage(); GoogleReCaptchaV3::verifyResponse($value)->isSuccess(); GoogleReCaptchaV3::verifyResponse($value)->toArray(); ``` ```php= GoogleReCaptchaV3::verifyResponse( $request->input('g-recaptcha-response'), $request->getClientIp() ) ->getMessage() ``` ```php= GoogleReCaptchaV3::setAction($action)->verifyResponse($value)->isSuccess(); ``` ### 完整的範例，手動設定權重分數、動作等（忽略config設定檔設定） --- ```php= GoogleReCaptchaV3::setScore($score) ->setAction($action) ->verifyResponse( $request->input('g-recaptcha-response'), $request->getClientIp() ) ->getMessage() ``` ### 使用驗證(Validation) (Only support Laravel >= 5.5) --- ```php= use TimeHunter\LaravelGoogleReCaptchaV3\Validations\GoogleReCaptchaV3ValidationRule; $rule = [ 'g-recaptcha-response' => [new GoogleReCaptchaV3ValidationRule('action_name')] ]; ``` > $actionName: if its NULL, the package won't verify action with google response. --- Blade Usage ----------- ### Display reCAPTCHA v3 #### Add Google API script Include the API script at the bottom of your layout page ```php= {!! GoogleReCaptchaV3::init() !!} ``` ##### Consent Security Policy - Nonce To add a nonce for content security, pass a params array with your pages nonce. ```php= {!! GoogleReCaptchaV3::init([ 'nonce' => nonce(), ]) !!} ``` #### Running script on every page (optional) It's recommended to include reCAPTCHA v3 on every page which can help you get the most context about interactions for analytics. You just need to enable the config: ```php= ... 'background_badge_display' => true, // if false, the badge will be invisible, if true the badge shows at bottom right. 'background_mode' => false, // if true, the script will run on every page (ensure that GoogleReCaptchaV3::init() is placed on layout or homepage) ... ``` If the page has not detected any Action or duplicate google script, the background mode will be enabled. #### Form & Action There are three methods to populate the reCAPTCHA within the form. - render() and renderOne() can be placed in anywhere but before init() - renderField() needs always to be placed within your form. Method one - render(): ```php= [ $id=>$action , $id=>$action ... ] {!! GoogleReCaptchaV3::render(['contact_us_id'=>'contact_us', 'signup_id'=>'signup']) !!} ``` ```php= <form method="POST" action="/verify"> <div id="contact_us_id"></div> // add div with id <input type="submit" value="submit"> </form> <form method="POST" action="/verify"> <div id="signup_id"></div> <input type="submit" value="submit"> </form> {!! GoogleReCaptchaV3::render(['contact_us_id'=>'contact_us', 'signup_id'=>'signup']) !!} ``` Method two - renderOne(): ```php= GoogleReCaptchaV3::renderOne($id,$action); {!! GoogleReCaptchaV3::renderOne('contact_us_id','contact_us') !!} ``` ```php= <form method="POST" action="/verify"> <div id="contact_us_id"></div> // add div with id <input type="submit" value="submit"> </form> {!! GoogleReCaptchaV3::renderOne('contact_us_id','contact_us') !!} ``` Method three - renderField(): ```php= GoogleReCaptchaV3::renderField($id,$action,$class,$style) {!! GoogleReCaptchaV3::renderField('contact_us_id','contact_us_action') !!} ``` ```php= <form method="POST" action="/verify"> {!! GoogleReCaptchaV3::renderField('contact_us_id','contact_us_action') !!} <input type="submit" value="submit"> </form> ``` ### Badge Display for Form & Action If your settings were not reflected, please run php artisan config:cache to clear cache. Inline 1. Go to config file, and set ```php= [ ... 'inline' => true ... ] ``` 2. Badge will be displayed as inline format within the form. Invisible - Set inline as true as well - Modify your div with style display:none2. Refer to Google official site: [https://developers.google.com/recaptcha/docs/faq](https://developers.google.com/recaptcha/docs/faq) , you need to include the following text: ```php= This site is protected by reCAPTCHA and the Google <a href="https://policies.google.com/privacy">Privacy Policy</a> and <a href="https://policies.google.com/terms">Terms of Service</a> apply. ``` Corner > 1. Set inline as false > 2. Your badge will be shown in the bottom right side. Custom > 1. Set inline as true > 2. Do Styling/CSS on its div element ### Ajax Usage - Refresh reCAPTCHA Response The package provides two handy Javascript functions for you to get recaptcha response and refresh recaptcha as needed. - refreshReCaptchaV3(fieldId,actionName) - this function will reset the response whenever your ajax response is returned. - getReCaptchaV3Response - this function helps you to get recaptcha response by id For example: ```php= <script> $("#test").click(function (e) { e.preventDefault(); $.ajax({ type: 'POST', url: '/verify', data: { 'g-recaptcha-response':getReCaptchaV3Response('contact_id') }, success: function (data) { refreshReCaptchaV3('contact_id','contact'); }, error: function(err){ refreshReCaptchaV3('contact_id','contact'); } }); }); </script> ```