我的书签
添加书签
移除书签recaptcha
The recaptcha middleware provides Google reCAPTCHA
open in new window integration for Flame instances.
You can read source code of this middleware on GitHubopen in new window and API documentation on pkg.go.devopen in new window.
Installation
The minimum requirement of Go is 1.16.
go get github.com/flamego/recaptcha
Usage examples
WARNING
Examples included in this section is to demonstrate the usage of the recaptcha middleware, by no means illustrates the idiomatic or even correct way of doing user authentication.
reCAPTCHA v3
The recaptcha.V3open in new window is used in combination with recaptcha.Optionsopen in new window for reCAPTCHA v3open in new window integration, and the recaptcha.RecaptchaV3.Verify should be used to verify response tokens:
- main.go
- templates/home.tmpl
package mainimport ("fmt""net/http""github.com/flamego/flamego""github.com/flamego/recaptcha""github.com/flamego/template")func main() {f := flamego.Classic()f.Use(template.Templater())f.Use(recaptcha.V3(recaptcha.Options{Secret: "<SECRET>",VerifyURL: recaptcha.VerifyURLGoogle,},))f.Get("/", func(t template.Template, data template.Data) {data["SiteKey"] = "<SITE KEY>"t.HTML(http.StatusOK, "home")})f.Post("/", func(w http.ResponseWriter, r *http.Request, re recaptcha.RecaptchaV3) {token := r.PostFormValue("g-recaptcha-response")resp, err := re.Verify(token)if err != nil {w.WriteHeader(http.StatusBadRequest)_, _ = w.Write([]byte(err.Error()))return} else if !resp.Success {w.WriteHeader(http.StatusBadRequest)_, _ = w.Write([]byte(fmt.Sprintf("Verification failed, error codes %v", resp.ErrorCodes)))return}w.WriteHeader(http.StatusOK)_, _ = w.Write([]byte("Verified!"))})f.Run()}
<html><head><script src="https://www.google.com/recaptcha/api.js"></script></head><body><script>function onSubmit(token) {document.getElementById("demo-form").submit();}</script><form id="demo-form" method="POST"><button class="g-recaptcha"data-sitekey="{{.SiteKey}}"data-callback='onSubmit'data-action='submit'>Submit</button></form></body></html>
Because reCAPTCHA v3 is non-interruptive, you will not see any captcha image in the browser.
reCAPTCHA v2
The recaptcha.V2open in new window is used in combination with recaptcha.Optionsopen in new window for reCAPTCHA v2open in new window integration, and the recaptcha.RecaptchaV2.Verify should be used to verify response tokens.
The following example is using the “I’m not a robot” Checkbox type of challenge:
- main.go
- templates/home.tmpl
package mainimport ("fmt""net/http""github.com/flamego/flamego""github.com/flamego/recaptcha""github.com/flamego/template")func main() {f := flamego.Classic()f.Use(template.Templater())f.Use(recaptcha.V2(recaptcha.Options{Secret: "<SECRET>",VerifyURL: recaptcha.VerifyURLGoogle,},))f.Get("/", func(t template.Template, data template.Data) {data["SiteKey"] = "<SITE KEY>"t.HTML(http.StatusOK, "home")})f.Post("/", func(w http.ResponseWriter, r *http.Request, re recaptcha.RecaptchaV2) {token := r.PostFormValue("g-recaptcha-response")resp, err := re.Verify(token)if err != nil {w.WriteHeader(http.StatusBadRequest)_, _ = w.Write([]byte(err.Error()))return} else if !resp.Success {w.WriteHeader(http.StatusBadRequest)_, _ = w.Write([]byte(fmt.Sprintf("Verification failed, error codes %v", resp.ErrorCodes)))return}w.WriteHeader(http.StatusOK)_, _ = w.Write([]byte("Verified!"))})f.Run()}
<html><head><script src="https://www.google.com/recaptcha/api.js"></script></head><body><form method="POST"><div class="g-recaptcha" data-sitekey="{{.SiteKey}}"></div><input type="submit" name="button" value="Submit"></form></body></html>
Below is how it would look like in your browser for the above example:
