README

Installation

You can install the package via composer:

composer require ntoufoudis/no-captcha

You can publish the config file with:

php artisan vendor:publish --tag="no-captcha-config"

This is the contents of the published config file:

return [
];

Configuration

Add NOCAPTCHA_SECRET and NOCAPTCHA_SITEKEY in .env file:

NOCAPTCHA_SECRET=secret-key
NOCAPTCHA_SITEKEY=site-key

(You can obtain them from here)

Usage

Init js source

With default options:

{!! NoCaptcha::renderJs() !!}

With language_support or onloadCallback options:

{!! NoCaptcha::renderJs('fr', true, 'recaptchaCallback') !!}

Display reCAPTCHA

Default widget:

{!! NoCaptcha::display() !!}

With custom_attributes (theme, size, callback ...):

{!! NoCaptcha::display(['data-theme' => 'dark']) !!}

Invisible reCAPTCHA using a submit_button:

{!! NoCaptcha::displaySubmit('my-form-id', 'submit now!', ['data-theme' => 'dark']) !!}

Notice that the id of the form is required in this method to let the autogenerated callback submit the form on a successful captcha verification.

### Validation

Add `'g-recaptcha-response' => 'required|captcha'` to rules array:
```php
$validate = Validator::make(Input::all(), [
    'g-recaptcha-response' => 'required|captcha'
]);

Custom Validation Message

Add the following values to the custom array in the validation language file:

'custom' => [
    'g-recaptcha-response' => [
        'required' => 'Please verify that you are not a robot.',
        'captcha' => 'Captcha error! Try again later or contact site admin.',
],
],

Then check for captcha errors in the Form:

@if ($errors->has('g-recaptcha-response'))
    <span class="help-block">
        <strong>{{ $errors->first('g-recaptcha-response') }}</strong>
    </span>
@endif

Testing

When using the Laravel Testing functionality, you will need to mock out the response for the captcha form element.

So for any form tests involving the captcha, you can do this by mocking the facade behavior:

// prevent validation error on captcha
NoCaptcha::shouldReceive('verifyResponse')
    ->once()
    ->andReturn(true);

// provide hidden input for your 'required' validation
NoCaptcha::shouldReceive('display')
    ->zeroOrMoreTimes()
    ->andReturn('<input type="hidden" name="g-recaptcha-response" value="1" />');

You can then test the remainder of your form as normal.

When using HTTP tests you can add the g-recaptcha-response to the request body for the 'required' validation:

// prevent validation error on captcha
NoCaptcha::shouldReceive('verifyResponse')
    ->once()
    ->andReturn(true);

// POST request, with request body including g-recaptcha-response
$response = $this->json('POST', '/register', [
    'g-recaptcha-response' => '1',
    'name' => 'John Doe',
    'email' => 'john@doe.com',
    'password' => 'password',
    'password_confirmation' => 'password',
]);

Changelog

Please see CHANGELOG for more information on what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security Vulnerabilities

Please review our security policy on how to report security vulnerabilities.

Credits

• Vasileios Ntoufoudis
• All Contributors

License

The MIT License (MIT). Please see License File for more information.