{"id":28438087,"url":"https://github.com/zanysoft/laravel-recaptcha","last_synced_at":"2025-07-24T14:34:30.375Z","repository":{"id":57800607,"uuid":"528004925","full_name":"zanysoft/laravel-recaptcha","owner":"zanysoft","description":null,"archived":false,"fork":false,"pushed_at":"2023-06-05T04:44:47.000Z","size":18,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-07-07T09:19:33.871Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/zanysoft.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2022-08-23T13:31:56.000Z","updated_at":"2024-03-28T04:30:28.000Z","dependencies_parsed_at":"2025-06-28T15:32:04.352Z","dependency_job_id":"a13362f1-a9ad-4f2a-ae18-22ee7f1e17f8","html_url":"https://github.com/zanysoft/laravel-recaptcha","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/zanysoft/laravel-recaptcha","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zanysoft%2Flaravel-recaptcha","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zanysoft%2Flaravel-recaptcha/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zanysoft%2Flaravel-recaptcha/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zanysoft%2Flaravel-recaptcha/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/zanysoft","download_url":"https://codeload.github.com/zanysoft/laravel-recaptcha/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zanysoft%2Flaravel-recaptcha/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266856206,"owners_count":23995653,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-24T02:00:09.469Z","response_time":99,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-06-06T00:39:11.984Z","updated_at":"2025-07-24T14:34:30.354Z","avatar_url":"https://github.com/zanysoft.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Laravel reCAPTCHA v2 and v3\n\nAdvanced and painless Google reCAPTCHA package for Laravel\n\nAvailable reCAPTCHA versions:\n\n* v2 Invisible\n* v2 Checkbox\n* v3\n\n## System requirements\n\n\n| PHP version    | Laravel version |\n| ---------------- | ----------------- |\n| 7.0 or greater | 6.0 or greater  |\n\n## Composer\n\nYou can install the package via composer:\n\n```\n$ composer require zanysoft/laravel-recaptcha\n```\n\nLaravel 6.0 or greater uses package auto-discovery, so doesn't require you to manually add the Service Provider, but if you don't use auto-discovery ReCaptchaServiceProvider must be registered in `config/app.php`:\n\n```\n'providers' =\u003e [\n...\nZanySoft\\ReCaptcha\\ReCaptchaServiceProvider::class,\n];\n```\n\nYou can use the facade for shorter code. Add ReCaptcha to your aliases:\n\n```\n'aliases' =\u003e [\n...\n'ReCaptcha' =\u003e ZanySoft\\ReCaptcha\\Facades\\ReCaptcha::class,\n];\n```\n\n## Configuration\n\nPublish package\nCreate `config/recaptcha.php` configuration file using the following artisan command:\n\n$ php artisan vendor:publish --provider=\"ZanySoft\\ReCaptcha\\ReCaptchaServiceProvider\"\nSet the environment\nAdd your API Keys\nOpen `.env` file and set `RECAPTCHA_SITE_KEY` and `RECAPTCHA_SECRET_KEY`:\n\n# In your .env file\n\n```\nRECAPTCHA_SITE_KEY=YOUR_API_SITE_KEY\nRECAPTCHA_SECRET_KEY=YOUR_API_SECRET_KEY\n```\n\nComplete configuration\nOpen `config/recaptcha.php` configuration file and set version:\n\n```\nreturn [\n    'site_key' =\u003e env('RECAPTCHA_SITE_KEY', ''),\n    'secret_key' =\u003e env('RECAPTCHA_SECRET_KEY', ''),\n    'version' =\u003e 'v2', // supported: v3|v2|invisible\n    'skip_ip' =\u003e [], // array of IP addresses - String: dotted quad format e.g.: 127.0.0.1\n    'validation_route' =\u003e env('RECAPTCHA_VALIDATION_ROUTE', 'laravel-recaptcha/validate'),\n    'token_parameter_name' =\u003e env('RECAPTCHA_TOKEN_PARAMETER_NAME', 'token')\n];\n```\n\n`site_key` and `secret_key` are reCAPTCHA keys you have to create in order to perform Google API authentication. For more information about Site Key and Secret Key please visit Google reCAPTCHA developer documentation\n\n`version` indicates the reCAPTCHA version (supported: v3|v2|invisible). Get more info about reCAPTCHA version at https://developers.google.com/recaptcha/docs/versions.\n\n`skip_ip` is a whitelist of IP addresses that, if recognized, disable the reCAPTCHA validation (return always true) and if you embed JS code in blade (view) file NO validation call will be performed.\n\n`validation_route` is the route called via javascript built-in validation script (v3 only)\n\n`token_parameter_name` is the name of \"token\" GET parameter sent to `validation_route` to be validated (v3 only)\n\nReload config cache file\n!!! IMPORTANT !!! Every time you change some configuration run the following shell command:\n\n```\n$ php artisan config:cache\n```\n\nHave you updated?\nIf you are migrating from an older version add `skip_ip` array in `recaptcha.php` configuration file.\n\nCustomize error message\nJust for _v2_ and _invisible_ users.\n\nBefore starting please add the validation message to resources/lang/[LANG]/validation.php file\n\n```\nreturn [\n...\n'recaptcha' =\u003e 'The :attribute is wrong!',\n];\n```\n\n# How to use v2\n\n## Embed in Blade\n\nInsert  `recaptchaApiJsScriptTag($formId)`  helper before closing  `\u003c/head\u003e`  tag.\n\nYou can also use  `ReCaptcha::recaptchaApiJsScriptTag($formId)`.  `$formId`  is required only if you are using  **ReCAPTCHA INVISIBLE**\n\n```blade\n\u003c!DOCTYPE html\u003e\n\u003chtml\u003e\n    \u003chead\u003e\n        ...\n        {!! recaptchaApiJsScriptTag(/* $formId - INVISIBLE version only */) !!}\n    \u003c/head\u003e\n\n```\n\n### ReCAPTCHA v2 Checkbox\n\nAfter you have to insert  `recaptchaHtmlFormSnippet()`  helper inside the form where you want to use the field  `g-recaptcha-response`.\n\nYou can also use  `ReCaptcha::htmlFormSnippet()`  .\n\n```blade\n\u003cform\u003e\n    ...\n    {!! recaptchaHtmlFormSnippet() !!}\n    \u003cinput type=\"submit\"\u003e\n\u003c/form\u003e\n\n```\n\n### ReCAPTCHA v2 Invisible\n\nAfter you have to insert  `recaptchaHtmlFormButton($buttonInnerHTML)`  helper inside the form where you want to use reCAPTCHA.\n\nThis function creates submit button therefore you don't have to insert  `\u003cinput type=\"submit\"\u003e`  or similar.\n\nYou can also use  `ReCaptcha::htmlFormButton($buttonInnerHTML)`  .\n\n`$buttonInnerHTML`  is what you want to write on the submit button\n\n```html\n\u003cform id=\"{{ formId }}\"\u003e\n    ...\n    {!! recaptchaHtmlFormButton(/* $buttonInnerHTML - Optional */) !!}\n\u003c/form\u003e\n\n```\n\n**!!!IMPORTANT!!!**  Use as  `$formId`  the same value you previously set in  `recaptchaApiJsScriptTag`  function.\n\n## Verify submitted data\n\nAdd  **recaptcha**  to your rules\n\n```php\n$v = Validator::make(request()-\u003eall(), [\n    ...\n    'g-recaptcha-response' =\u003e 'recaptcha',\n]);\n\n```\n\nPrint form errors\n\n```php\n$errors = $v-\u003eerrors();\n```\n\n# How to use v3\n\n## Embed in Blade\n\nInsert  `recaptchaApiV3JsScriptTag($config)`  helper before closing  `\u003c/head\u003e`  tag.\n\n```html\n\u003c!DOCTYPE html\u003e\n\u003chtml\u003e\n    \u003chead\u003e\n        ...\n        {!! recaptchaApiV3JsScriptTag([\n            'action' =\u003e 'homepage',\n            'callback_then' =\u003e 'callbackThen',\n            'callback_catch' =\u003e 'callbackCatch'\n        ]) !!}\n\n        \u003c!-- OR! --\u003e\n  \n        {!! recaptchaApiV3JsScriptTag([\n            'action' =\u003e 'homepage',\n            'custom_validation' =\u003e 'myCustomValidation'\n        ]) !!}\n    \u003c/head\u003e\n\n```\n\n`$config`  is required and is an associative array containing configuration parameters required for the JavaScript validation handling.\n\nThe keys are:\n\n\n| Key                 | Required | Description                                                                                                                                                                                      | Default value |\n| --------------------- | ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------- |\n| `action`            | no       | is the`action`  parameter required by reCAPTCHA v3 API ([further info](https://developers.google.com/recaptcha/docs/v3))                                                                         | `homepage`    |\n| `custom_validation` | no       | is the name of your custom callback javascript function who will override the built-in javascript validation system of this package                                                              | empty string  |\n| `callback_then`     | no       | (overlooked if`custom_validation`is set) is the name of your custom callback javascript function called by the built-in javascript validation system of this package in case of response success | empty string  |\n| `callback_catch`    | no       | (overlooked if`custom_validation`is set) is the name of your custom callback javascript function called by the built-in javascript validation system in this package in case of response fault   | empty string  |\n\n## Built-in javascript validation system\n\nAs callback of  `grecaptcha.execute`  an AJAX call to  `config('recaptcha.validation_route')`  will be performed using  `fetch`  function. In case of successful response a Promise object will be received and passed as parameter to the  `callback_then`  function you have set. In not set, no actions will be performed.\n\nSame will happen with  `callback_catch`.  `callback_catch`  will be called in event of response errors and errors will pass as parameter et that function. If not set, no actions will be performed.\n\nPlease, go to  [Using Fetch](https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API/Using_Fetch)  for further information on  `fetch`  javascript function.\n\n\u003e **Warning: Check browser compatibility**  `fetch`  function has compatibility issues with some browser like IE. Please create a custom validation function and set  `custom_validation`  with its name. That function has to accept as argument the  `token`received from Google reCAPTCHA API.\n\u003e\n\u003e [Fetch browser compatibility](https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API/Using_Fetch#Browser_compatibility)\n\n### Validation Laravel route\n\nDefault validation route is  `config('recaptcha.validation_route', 'laravel-recaptcha/validate')`.\nRoute and relative Controller are built-in in the package. The route if filtered and protected by Laravel  `web`  Middleware, that's why is important you embed  `csrf-token`  HTML meta tag and send  `X-Requested-Wit`  and  `X-CSRF-TOKEN`  headers.\n\nYou can also change the validation end-point changing  `validation_route`  value in  `recaptcha.php`  config file.\n\n```html\n\u003chead\u003e\n    ...\n    \u003c!-- IMPORTANT!!! remember CSRF token --\u003e\n    \u003cmeta name=\"csrf-token\" content=\"{{ csrf_token() }}\"\u003e\n\u003c/head\u003e\n\n```\n\n### Validation response object\n\nThe output will be a JSON containing following data:\n\n- **Default output without errors**\n\n```json\n{\n    \"action\":\"homepage\",\n    \"challenge_ts\":\"2019-01-29T00:42:08Z\",\n    \"hostname\":\"www.yourdomain.tld\",\n    \"score\":0.9,\n    \"success\":true\n}\n\n```\n\n- **Output when calling IP is included in \"skip_ip\" config whitelist**\n\n```json\n{\n    \"skip_by_ip\":true,\n    \"score\":0.9,\n    \"success\":true\n}\n\n```\n\n\u003e If you embed code in your blade file using  `recaptchaApiV3JsScriptTag`  helper no validation call will be performed!\n\n- **Output with an empty response from Google reCAPTCHA API**\n\n```json\n{\n    \"error\":\"cURL response empty\",\n    \"score\":0.1,\n    \"success\":false\n}\n\n```\n\nIn the next paragraph you can learn how handle Validation promise object\n\n### \"callback_then\" and \"callback_catch\"\n\nAfter built-in validation you should do something. How? Using  `callback_then`  and  `callback_catch`  functions.\n\nWhat you have to do is just create functions and set parameters with their names.\n\n- `callback_then`  must receive one argument of type  `Promise`.\n- `callback_catch`  must receive one argument of type  `string`\n\nThe result should be something like that:\n\n```html\n\u003chead\u003e\n    ...\n    \u003c!-- IMPORTANT!!! remember CSRF token --\u003e\n    \u003cmeta name=\"csrf-token\" content=\"{{ csrf_token() }}\"\u003e\n    ...\n    \u003cscript type=\"text/javascript\"\u003e\n        function callbackThen(response){\n            // read HTTP status\n            console.log(response.status);\n    \n            // read Promise object\n            response.json().then(function(data){\n                console.log(data);\n            });\n        }\n        function callbackCatch(error){\n            console.error('Error:', error)\n        }   \n    \u003c/script\u003e  \n    ...\n    {!! recaptchaApiV3JsScriptTag([\n        'action' =\u003e 'homepage',\n        'callback_then' =\u003e 'callbackThen',\n        'callback_catch' =\u003e 'callbackCatch'\n    ]) !!}  \n\u003c/head\u003e\n\n```\n\n### \"custom_validation\" function\n\nAs just said you can handle validation with your own function. To do that you have to write your function and set  `custom_validation`  parameter with its name.\n\nThe result should be something like that:\n\n```html\n\u003chead\u003e\n    ...\n    \u003c!-- IMPORTANT!!! remember CSRF token --\u003e \n    \u003cmeta name=\"csrf-token\" content=\"{{ csrf_token() }}\"\u003e\n    ...\n    \u003cscript type=\"text/javascript\"\u003e\n        function myCustomValidation(token) {\n            // do something with token \n        }\n    \u003c/script\u003e  \n    ...\n    {!! htmlScriptTagJsApiV3([\n        'action' =\u003e 'homepage',\n        'custom_validation' =\u003e 'myCustomValidation'\n    ]) !!}  \n\u003c/head\u003e\n```\n\n## License\n\nUnder MIT License\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzanysoft%2Flaravel-recaptcha","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fzanysoft%2Flaravel-recaptcha","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzanysoft%2Flaravel-recaptcha/lists"}