Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
reCAPTCHA2
Easy verifier for Google reCAPTCHA version 2 for Node.js
How to use
Step 1: Setup reCAPTCHA on your site
You need to receive your site key and secret key for your domain from https://www.google.com/recaptcha/intro/.
Follow the steps on this page to include the reCAPTCHA on your website.
Step 2: Initialize verifier
var reCAPTCHA = require('recaptcha2');
var recaptcha = new reCAPTCHA({
siteKey: 'your-site-key', // retrieved during setup
secretKey: 'your-secret-key' // retrieved during setup
ssl: false // optional, defaults to true.
// Disable if you don't want to access
// the Google API via a secure connection
});
Step 3: Verifying the reCAPTCHA response
reCAPTCHA2 uses promises to validate the reCAPTCHA response, you can use one of the following methods:
- please mention on catch, library passes error codes from google which you can translate with translateErrors method
Simple usage:
recaptcha.validate(key)
.then(function(){
// validated and secure
})
.catch(function(errorCodes){
// invalid
console.log(recaptcha.translateErrors(errorCodes)); // translate error codes to human readable text
});
Optional: You can also pass the clients IP address to the validate method after the key. For more information on that, please see the reCAPTCHA documentation.
For use with Express (you need body-parser):
function submitForm(req, res) {
recaptcha.validateRequest(req)
.then(function(){
// validated and secure
res.json({formSubmit:true})
})
.catch(function(errorCodes){
// invalid
res.json({
formSubmit: false,
errors: recaptcha.translateErrors(errorCodes) // translate error codes to human readable text
});
});
}
Generating the reCAPTCHA widget
recaptcha.formElement() returns standard form element for reCAPTCHA which you should include at the end of your html form element.
You can also set CSS classes like this: recaptcha.formElement('custom-class-for-recaptcha').
The default class is g-recaptcha.
<div class="custom-class-for-recaptcha" data-sitekey="your-site-key"></div>
Changelog
Please see the CHANGELOG.md.
FAQs
Easy API for Google reCAPTCHA version 2 for Node.js and Express
The npm package recaptcha2 receives a total of 3,394 weekly downloads. As such, recaptcha2 popularity was classified as popular.
We found that recaptcha2 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 29 Oct 2018
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024