A gem to add Cloudflare Turnstile to your Rails app.
gem 'turnstile-captcha', require: 'turnstile'
And then execute:
$ bundle install
Create an initializer and configure Turnstile with your Site Key and Secret Key:
# config/initializers/turnstile.rb
Turnstile.configure do |config|
config.site_key = ...
config.secret_key = ...
end
You now have access to the Turnstile view and controller helpers.
To output the required tags, use captcha_javascript_tag, eg in your <head> tag:
# application.html.erb
<html>
<head>
...
<%= captcha_javascript_tag %>
...
</head>
...
</html>
And in your form, output the placeholder tag. You can provide an action:
<%= form_for @user do |f| %>
..
<%= captcha_placeholder_tag action: "login" %>
..
<% end %>
You can also output both of these tags together, eg. if you only have a single form on the page:
<%= form_for @user do |f| %>
...
<%= captcha_tags action: "login" %>
...
<% end %>
Upon submission, you can now validate the request using valid_captcha?:
class SessionsController < ..
def create
if valid_captcha?
# Perform
end
end
end
Inspired by the recaptcha gem you can provide a model: option.
In case of captcha failure, an :invalid_captcha error will be added to the provided model on the :base,
which can be localized using Rails I18n.
class UsersController < ..
def create
@user = User.new(..)
if valid_captcha?(model: @user)
# Perform
else
# @user.errors.details
# => {:base=>[{error: :invalid_captcha}]}
end
end
end
You can add an on_failure handler to for instance instrument failures.
The proc will be called with the verification result from Cloudflare:
Turnstile.configure do |config|
config.on_failure = ->(verification) { ErrorNotifier.notify("Captcha failure: #{verification.result}") }
end
It is also possible to globally disable/enable Turnstile captcha validation, eg. in CI:
Turnstile.configure do |config|
config.enabled = ENV["ENABLE_TURNSTILE"]
end
After checking out the repo, run bin/setup to install dependencies. Then, run rake spec to run the tests.
To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release, which will create a git tag for the version, push git commits and tags, and push the .gem file to rubygems.org.
Bug reports and pull requests are welcome on GitHub at https://github.com/pfeiffer/turnstile-captcha. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the code of conduct.
The gem is available as open source under the terms of the MIT License.
Everyone interacting in the Turnstile project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the code of conduct.
FAQs
Unknown package
We found that turnstile-captcha demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Rspack launches Rslint, a fast TypeScript-first linter built on typescript-go, joining in on the trend of toolchains creating their own linters.
Security News
Hacker Demonstrates How Easy It Is To Steal Data From Popular Password Managers
Security News
Oxlint’s new preview brings type-aware linting powered by typescript-go, combining advanced TypeScript rules with native-speed performance.