File: README.md

package info (click to toggle)
libcaptcha-recaptcha-v3-perl 0.06-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 156 kB
  • sloc: perl: 167; makefile: 2
file content (144 lines) | stat: -rw-r--r-- 4,680 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
 
[![Build Status](https://travis-ci.com/worthmine/Captcha-reCAPTCHA-V3.svg?branch=master)](https://travis-ci.com/worthmine/Captcha-reCAPTCHA-V3)
# NAME

Captcha::reCAPTCHA::V3 - A Perl implementation of reCAPTCHA API version v3

# SYNOPSIS

Captcha::reCAPTCHA::V3 provides you to integrate Google reCAPTCHA v3 for your web applications.

    use Captcha::reCAPTCHA::V3;
    my $rc = Captcha::reCAPTCHA::V3->new(
        sitekey => '__YOUR_SITEKEY__', # Optional
        secret  => '__YOUR_SECRET__',  # Required
    );
    
    ...
    
    my $content = $rc->verify($param{$rc});
    unless ( $content->{'success'} ) {
       # code for failing like below
       die 'fail to verify reCAPTCHA: ', @{ $content->{'error-codes'} }, "\n";
    }
    

# DESCRIPTION

Captcha::reCAPTCHA::V3 is inspired from [Captcha::reCAPTCHA::V2](https://metacpan.org/pod/Captcha%3A%3AreCAPTCHA%3A%3AV2)

This one is especially for Google reCAPTCHA v3, not for v2 because APIs are so defferent.

## Basic Usage

### new( secret => _secret_, \[ sitekey => _sitekey_, query\_name => _query\_name_ \] )

Requires only secret when constructing.

Now you can omit sitekey (from version 0.0.4).

You have to get them before running from [here](https://www.google.com/recaptcha/intro/v3.html).

    my $rc = Captcha::reCAPTCHA::V3->new(
       sitekey => '__YOUR_SITEKEY__', # Optional
       secret  => '__YOUR_SECRET__',
       query_name => '__YOUR_QUERY_NAME__', # Optional
    );

According to the official document, query\_name defaults to 'g-recaptcha-response'
so if you changed it another, you have to set _query\_name_ as same.

### name(\[_name_\])

You can get/set _query\_name_ after constuct the object from version 0.0.4

    my $query_name = $rc->name();  # defaults to 'g-recaptcha-response'
    $rc->name('captcha');          # the I<query_name> is now 'captcha' 

and with overlording, you can get _query\_name_ with just like below:

    my $query_name = "$rc";        # means same with $rc->name();

### verify( _response_ )

Requires just only response key being got from Google reCAPTCHA API.

**DO NOT** add remote address. there is no function for remote address within reCAPTCHA v3.

    my $content = $rc->verify($param{$rc});

The default _query\_name_ is 'g-recaptcha-response' and it is stocked in constructor.

But now string-context provides you to get _query\_name_ so we don't have to care about it.

The response contains JSON so it returns decoded value from JSON.

    unless ( $content->{'success'} ) {
       # code for failing like below
       die 'fail to verify reCAPTCHA: ', @{ $content->{'error-codes'} }, "\n";
    }

### deny\_by\_score( response => _response_, \[ score => _expected_ \] )

reCAPTCHA v3 responses have score whether the request was by bot.

So this method provides evaluation by scores that 0.0~1.0(defaults to 0.5)

If the score was lower than what you expected, the verifying is fail
with inserting 'too-low-score' into top of the error-codes.

`verify()` requires just only one argument because of compatibility for version 0.01. 

In this method, the response pair SHOULD be set as a hash argument(score pair is optional).

## Additional method for lazy(not sudgested)

### verify\_or\_die( response => _response_, \[ score => _score_ \] )

This method is a wrapper of `deny_by_score()`, the differense is dying imidiately when fail to verify.

### scripts( id => _ID_, \[ debug => _Boolen_, action => _action_ \] )

You can insert this somewhere in your &lt;body> tag.

In ordinal HTMLs, you can set this like below:

    print <<"EOL", scripts( id => 'MailForm' );
    <form action="./" method="POST" id="MailForm">
       <input type="hidden" name="name" value="value">
       <button type="submit">send</button>
    </form>
    EOL

Then you might write less javascript lines.

From 0.0.4 you can set _debug_ flag in this method.
this is just comment-out the below but powerful.

    //console.log(token);

# NOTES

To test this module strictly,
there is a necessary to run javascript in test environment.

I have not prepared it yet.

So any [PRs](https://github.com/worthmine/Captcha-reCAPTCHA-V3/pulls)
and [Issues](https://github.com/worthmine/Captcha-reCAPTCHA-V3/issues) are welcome.

# SEE ALSO

- [Captcha::reCAPTCHA::V2](https://metacpan.org/pod/Captcha%3A%3AreCAPTCHA%3A%3AV2)
- [Google reCAPTCHA v3](https://www.google.com/recaptcha/intro/v3.html)
- [Google reCAPTCHA v3 API document](https://developers.google.com/recaptcha/docs/v3)

# LICENSE

Copyright (C) worthmine.

This library is free software; you can redistribute it and/or modify
it under the same terms as Perl itself.

# AUTHOR

worthmine <worthmine@gmail.com>