Download the PHP package darkghosthunter/captchavel without Composer

On this page you can find all versions of the php package darkghosthunter/captchavel. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package captchavel

Package superseded by Laragear/ReCaptcha


Captchavel

Integrate reCAPTCHA into your Laravel app better than the Big G itself!

It uses your Laravel HTTP Client async HTTP/2, making your app fast. You only need a couple of lines to integrate.

Requirements

If you need support for old versions, consider sponsoring or donating.

Installation

You can install the package via Composer:

Set up

Add the reCAPTCHA keys for your site to the environment file of your project. You can add each of them for reCAPTCHA v2 checkbox, invisible, Android, and score.

If you don't have one, generate it in your reCAPTCHA Admin panel.

This allows you to check different reCAPTCHA mechanisms using the same application, in different environments.

Captchavel already comes with v2 keys for local development. For v3, you will need to create your own set of credentials.

Usage

Usage differs based on if you're using checkbox, invisible, or Android challenges, or the v3 score-driven challenge.

Checkbox, invisible and Android challenges

After you integrate reCAPTCHA into your frontend or Android app, set the Captchavel middleware in the POST routes where a form with reCAPTCHA is submitted. The middleware will catch the g-recaptcha-response input (you can change it later) and check if it's valid.

To declare the middleware, use the ReCaptcha helper to ease your development pain:

Laravel 8.69 or below need to cast the object as a string.

Remembering challenges

To avoid a form asking for challenges over and over again, you can "remember" the challenge for a given set of minutes. This can be enabled globally, but you may prefer to do it in a per-route basis.

Simple use the remember() method to use the config defaults. It accepts the number of minutes to override the global parameter. Alternatively, rememberForever() will remember the challenge forever.

You should use this in conjunction with the @unlesschallenged directive in your Blade templates to render a challenge when the user has not successfully done one before.

Good places to remember a challenge for some minutes are forms which are expected to fail, or when you have multiple forms the user may jump between.

Changing the input name

You can change the input name from g-recaptcha-response, which is the default, to anything using input().

Score-driven challenge

The reCAPTCHA v3 middleware works differently from v2. This response is always a success, but the challenge scores between 0.0 and 1.0. Human-like interaction will be higher, while robots will score lower. The default threshold is 0.5, but this can be changed globally or per-route.

To start using it, simply use the ReCaptcha::score() method to your route.

Once the challenge has been received in your controller, you will have access to two methods from the Request class or instance: isHuman() and isRobot(), which return true or false:

You can also have access to the response from reCAPTCHA using the response() method of the Captchavel facade:

Threshold, action and input name

The middleware accepts three additional parameters using the middleware helper.

  1. threshold(): The value that must be above or equal to be considered human.
  2. action(): The action name to optionally check against.
  3. input(): The name of the reCAPTCHA input to verify.

When checking the action name, ensure your frontend action matches with the expected in the middleware.

Bypassing on authenticated users

Sometimes you may want to bypass reCAPTCHA checks when there is an authenticated user, or automatically receive it as a "human" on score-driven challenges, specially on recurrent actions or when the user already completes a challenge (like on logins).

To exclude authenticated user you can use forGuests(), and specify the guards if necessary.

Then, in your blade files, you can easily skip the challenge with the @guest or @auth directives.

Faking reCAPTCHA scores

You can easily fake a reCAPTCHA response score in your local development by setting CAPTCHAVEL_FAKE to true.

This environment variable changes the reCAPTCHA Factory for a fake one, which will fake successful responses from reCAPTCHA, instead of resolving real challenges.

From there, you can fake a robot response by filling the is_robot input in your form.

Frontend integration

Check the official reCAPTCHA documentation to integrate the reCAPTCHA script in your frontend, or inside your Android application.

You can use the captchavel() helper to output the site key depending on the challenge version you want to render: checkbox, invisible, android or score (v3).

You can also retrieve the key using android for Android apps.

Advanced configuration

Captchavel is intended to work out-of-the-box, but you can publish the configuration file for fine-tuning the reCAPTCHA verification.

You will get a config file with this array:

Enable Switch

By default, Captchavel is disabled, so it doesn't check reCAPTCHA challenges, and on score-driven routes, it will always resolve as human interaction.

You can enable it with the CAPTCHAVEL_ENABLE environment variable.

This can be handy to enable on some local or development environments to check real interaction using the included localhost test keys, which only work on localhost.

When switched off, the reCAPTCHA v2 challenges are not validated in the Request input, so you can safely disregard any frontend script or reCAPTCHA tokens or boxes.

Fake responses

If Captchavel is fake v3-score responses from reCAPTCHA servers. For v2 challenges, setting this to true bypasses the challenge verification.

This is automatically set to true when running unit tests.

Hostname and APK Package Name

If you are not verifying the Hostname or APK Package Name in your reCAPTCHA Admin Panel, may be because you use multiple hostnames or apps, you will have to issue them in the environment file.

When the reCAPTCHA response from the servers is retrieved, it will be checked against these values when present. In case of mismatch, a validation exception will be thrown.

Threshold

The default threshold to check against reCAPTCHA v3 challenges. Values equal or above will be considered "human".

If you're not using reCAPTCHA v3, or you're fine with the default, leave this alone. You can still override the default in a per-route basis.

Remember

Remembering the user once a V2 challenge is successful is disabled by default.

It's recommended to use a per-route basis "remember" if you expect only some routes to remember challenges, instead of the whole application.

This also control how many minutes to set the "remember". When zero, the "remember" will last until the session is destroyed or no longer valid.

Credentials

Here is the full array of reCAPTCHA credentials to use depending on the version. Do not change the array unless you know what you're doing.

Testing Score with Captchavel

On testing, when Captchavel is disabled or enabled but faked, routes set with the v2 middleware won't need to input the challenge in their body as it will be not verified.

reCAPTCHA v3 (score) responses Captchavel is disabled. This guarantees you can always access the response in your controller.

To modify the score in your tests, you should PHPUnit environment section. If you use another testing framework, refer to its documentation.

Alternatively, you can change the configuration before your unit test:

When faking challenges, there is no need to add any reCAPTCHA token or secrets in your tests.

When using reCAPTCHA v3 (score), you can fake a response made by a human or robot by simply using the fakeHuman() and fakeRobot() methods, which will score 1.0 or 0.0 respectively for all subsequent requests.

Fake responses don't come with actions, hostnames or APK package names, so these are not validated.

Faking Scores manually

Alternatively, fakeScore() method will fake responses with any score you set.

Security

If you discover any security related issues, please email [email protected] instead of using the issue tracker.

License

The MIT License (MIT). Please see License File for more information.


All versions of captchavel with dependencies

PHP Build Version
Package Version
Requires php Version ^8.0
ext-json Version *
illuminate/support Version ^8.0
illuminate/http Version ^8.0
illuminate/routing Version ^8.0
illuminate/container Version ^8.0
illuminate/events Version ^8.0
guzzlehttp/guzzle Version ^7.4.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package darkghosthunter/captchavel contains the following files

Loading the files please wait ....