You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

recaptcha2

Package Overview
Dependencies
Maintainers
1
Versions
6
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

recaptcha2

Easy API for Google reCAPTCHA version 2 for Node.js and Express

1.3.3
latest
Source
npmnpm
Version published
Weekly downloads
11K
-38.31%
Maintainers
1
Weekly downloads
 
Created
Source

reCAPTCHA2

Easy verifier for Google reCAPTCHA version 2 for Node.js

How to use

Step 1: Setup reCAPTCHA on your site

You need to receive your site key and secret key for your domain from https://www.google.com/recaptcha/intro/.

Follow the steps on this page to include the reCAPTCHA on your website.

Step 2: Initialize verifier

var reCAPTCHA = require('recaptcha2');

var recaptcha = new reCAPTCHA({
  siteKey: 'your-site-key', // retrieved during setup
  secretKey: 'your-secret-key' // retrieved during setup
  ssl: false // optional, defaults to true.
             // Disable if you don't want to access
             // the Google API via a secure connection
});

Step 3: Verifying the reCAPTCHA response

reCAPTCHA2 uses promises to validate the reCAPTCHA response, you can use one of the following methods:

  • please mention on catch, library passes error codes from google which you can translate with translateErrors method

Simple usage:

recaptcha.validate(key)
  .then(function(){
    // validated and secure
  })
  .catch(function(errorCodes){
    // invalid
    console.log(recaptcha.translateErrors(errorCodes)); // translate error codes to human readable text
  });

Optional: You can also pass the clients IP address to the validate method after the key. For more information on that, please see the reCAPTCHA documentation.

For use with Express (you need body-parser):

function submitForm(req, res) {
  recaptcha.validateRequest(req)
    .then(function(){
      // validated and secure
      res.json({formSubmit:true})
    })
    .catch(function(errorCodes){
      // invalid
      res.json({
        formSubmit: false,
        errors: recaptcha.translateErrors(errorCodes) // translate error codes to human readable text
      });
    });
}

Generating the reCAPTCHA widget

recaptcha.formElement() returns standard form element for reCAPTCHA which you should include at the end of your html form element.

You can also set CSS classes like this: recaptcha.formElement('custom-class-for-recaptcha'). The default class is g-recaptcha.

<div class="custom-class-for-recaptcha" data-sitekey="your-site-key"></div>

Changelog

Please see the CHANGELOG.md.

Keywords

recaptcha
captcha
security
csrf
express

FAQs

Package last updated on 29 Oct 2018

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Critical Vulnerability in NestJS Devtools: Localhost RCE via Sandbox Escape

Research

/

Security News

Critical Vulnerability in NestJS Devtools: Localhost RCE via Sandbox Escape

A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).

By Jonathan Leitschuh  -  Aug 01, 2025
Introducing Rust Support in Socket

Product

Introducing Rust Support in Socket

Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.

By Trevor Norris  -  Jul 31, 2025