Current section
Files
Jump to
Current section
Files
README.md
# Recaptcha[](https://travis-ci.org/samueljseay/recaptcha)[](https://coveralls.io/github/samueljseay/recaptcha)[](https://hex.pm/packages/recaptcha)[](https://hexdocs.pm/recaptcha/)[](https://hex.pm/packages/recaptcha)[](https://github.com/samueljseay/recaptcha/blob/master/LICENSE)[](https://github.com/samueljseay/recaptcha/commits/master)A simple Elixir package for implementing [reCAPTCHA] in Elixir applications.[reCAPTCHA]: http://www.google.com/recaptcha## Migration from 1.x### Breaking Changes1. Template functionality is now in a separate module: `Recaptcha.Template`. Please note: in future templating may move to a Phoenix specific package.2. `verify` API has changed, see the code for documentation of the new API.Most other questions about 2.x should be answered by looking over the documentation and the code. Please raise an issueif you have any problems with migrating.## InstallationAdd `:recaptcha` to your `mix.exs` dependencies:```elixir defp deps do [ {:recaptcha, "~> 3.0"}, ] end```List `:recaptcha` as an application dependency:```elixir def application do [ extra_applications: [:recaptcha] ] end```Run `mix do deps.get, compile`## ConfigBy default the public and private keys are loaded via the `RECAPTCHA_PUBLIC_KEY` and `RECAPTCHA_PRIVATE_KEY` environment variables.```elixirconfig :recaptcha, public_key: {:system, "RECAPTCHA_PUBLIC_KEY"}, secret: {:system, "RECAPTCHA_PRIVATE_KEY"}```### JSON DecodingBy default `reCaptcha` will use `Jason` to decode JSON responses, this can be changed as such:```elixirconfig :recaptcha, :json_library, Poison```## Usage### Render the WidgetUse `raw` (if you're using Phoenix.HTML) and `Recaptcha.Template.display/1` methods to render the captcha widget.For recaptcha with checkbox:```html<form name="someform" method="post" action="/somewhere"> ... <%= raw Recaptcha.Template.display %> ...</form>```For invisible recaptcha:```html<form name="someform" method="post" action="/somewhere"> ... <%= raw Recaptcha.Template.display(size: "invisible") %></form> ...```To change the position of the invisible recaptcha, use an option badge. See https://developers.google.com/recaptcha/docs/invisible on the date-badge.Since recaptcha loads JavaScript code asynchronously, you cannot immediately submit the captcha form.If you have logic that needs to know if the captcha code has already been loaded (for example disabling submit button until fully loaded), it is possible to pass in a JS-callback that will be called once the captcha has finished loading.This can be done as follows:```html<form name="someform" method="post" action="/somewhere"> ... <%= raw Recaptcha.Template.display(onload: "myOnLoadCallback") %></form> ...```And then in your JS code:```javascriptfunction myOnLoadCallback() { // perform extra actions here}````display` method accepts additional options as a keyword list, the options are:Option | Action | Default:---------------------- | :----------------------------------------------------- | :------------------------`noscript` | Renders default noscript code provided by google | `false``public_key` | Sets key to the `data-sitekey` reCaptcha div attribute | Public key from the config file`hl` | Sets the language of the reCaptcha | en### Verify APIRecaptcha provides the `verify/2` method. Below is an example using a Phoenix controller action:```elixirdef create(conn, params) do case Recaptcha.verify(params["g-recaptcha-response"]) do {:ok, response} -> do_something {:error, errors} -> handle_error endend````verify` method sends a `POST` request to the reCAPTCHA API and returns 2 possible values:`{:ok, %Recaptcha.Response{challenge_ts: timestamp, hostname: host}}` -> The captcha is valid, see the [documentation](https://developers.google.com/recaptcha/docs/verify#api-response) for more details.`{:error, errors}` -> `errors` contains atomised versions of the errors returned by the API, See the [error documentation](https://developers.google.com/recaptcha/docs/verify#error-code-reference) for more details. Errors caused by timeouts in HTTPoison or Jason encoding are also returned as atoms. If the recaptcha request succeeds but the challenge is failed, a `:challenge_failed` error is returned.`verify` method also accepts a keyword list as the third parameter with the following options:Option | Action | Default:---------------------- | :----------------------------------------------------- | :------------------------`timeout` | Time to wait before timeout | 5000 (ms)`secret` | Private key to send as a parameter of the API request | Private key from the config file`remote_ip` | Optional. The user's IP address, used by reCaptcha | no default## TestingIn order to test your endpoints you should set the secret key to the following value in order to receive a positive result from all queries to the Recaptcha engine.```elixirconfig :recaptcha, secret: "6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe"```Setting up tests without network access can be done also. When configured as such a positive or negative result can be generated locally.```elixirconfig :recaptcha, http_client: Recaptcha.Http.MockClient, secret: "6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe" {:ok, _details} = Recaptcha.verify("valid_response") {:error, _details} = Recaptcha.verify("invalid_response")```## ContributingCheck out [CONTRIBUTING.md](/CONTRIBUTING.md) if you want to help.## Copyright and LicenseCopyright (c) 2016 Samuel SeayThis library is released under the MIT License. See the [LICENSE.md](./LICENSE.md) filefor further details.