Easy verifier for Google reCAPTCHA version 2 for Node.js
You need to receive your site key and secret key for your domain from https://www.google.com/recaptcha/intro/.
Follow the steps on this page to include the reCAPTCHA on your website.
var reCAPTCHA = require('recaptcha2');
var recaptcha = new reCAPTCHA({
siteKey: 'your-site-key', // retrieved during setup
secretKey: 'your-secret-key' // retrieved during setup
ssl: false // optional, defaults to true.
// Disable if you don't want to access
// the Google API via a secure connection
});
reCAPTCHA2 uses promises to validate the reCAPTCHA response, you can use one of the following methods:
recaptcha.validate(key)
.then(function(){
// validated and secure
})
.catch(function(errorCodes){
// invalid
console.log(recaptcha.translateErrors(errorCodes)); // translate error codes to human readable text
});
Optional: You can also pass the clients IP address to the validate method after the key. For more information on that, please see the reCAPTCHA documentation.
function submitForm(req, res) {
recaptcha.validateRequest(req)
.then(function(){
// validated and secure
res.json({formSubmit:true})
})
.catch(function(errorCodes){
// invalid
res.json({
formSubmit: false,
errors: recaptcha.translateErrors(errorCodes) // translate error codes to human readable text
});
});
}
recaptcha.formElement() returns standard form element for reCAPTCHA which you should include at the end of your html form element.
You can also set CSS classes like this: recaptcha.formElement('custom-class-for-recaptcha').
The default class is g-recaptcha.
<div class="custom-class-for-recaptcha" data-sitekey="your-site-key"></div>
Please see the CHANGELOG.md.
FAQs
Easy API for Google reCAPTCHA version 2 for Node.js and Express
The npm package recaptcha2 receives a total of 8,539 weekly downloads. As such, recaptcha2 popularity was classified as popular.
We found that recaptcha2 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A look at the top trends in how threat actors are weaponizing open source packages to deliver malware and persist across the software supply chain.
Security News
ESLint now supports HTML linting with 48 new rules, expanding its language plugin system to cover more of the modern web development stack.
Security News
CISA is discontinuing official RSS support for KEV and cybersecurity alerts, shifting updates to email and social media, disrupting automation workflows.