- Notifications
You must be signed in to change notification settings - Fork9
A package to help you implement the Cloudflare turnstile "CAPTCHA Alternative" into your laravel applications
License
coderflexx/laravel-turnstile
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Laravel Turnstile, is a package to help you implementcloudflare turnstile easily, and with no time.
You can install the package via composer:
composer require coderflex/laravel-turnstile
You can publish the config file with:
php artisan vendor:publish --tag="turnstile-config"This is the contents of the published config file:
return [/* |-------------------------------------------------------------------------- | Turnstile Keys |-------------------------------------------------------------------------- | | This value is the site, and the secret key of your application, after creating an application | with Cloudflare turnstile, copy the site key, and use it here, or in the .env | file. | Note that the secret key should not be publicly accessible. | | @see: https://developers.cloudflare.com/turnstile/get-started/#get-a-sitekey-and-secret-key | */'turnstile_site_key' =>env('TURNSTILE_SITE_KEY',null),'turnstile_secret_key' =>env('TURNSTILE_SECRET_KEY',null),/* |-------------------------------------------------------------------------- | Error Messages |-------------------------------------------------------------------------- | | Here you can find the error messages for the application. You can modify | or translate the error message as you like. | | Note that you can translate the error message directly, without wrapping | them in translate helper. | */'error_messages' => ['turnstile_check_message' =>'The CAPTCHA thinks you are a robot! Please refresh and try again.', ],];
Optionally, you can publish the views using:
php artisan vendor:publish --tag="turnstile-views"To be able to useCloudflare Turnstile, you need to get theSiteKey, and theSecretKey from yourCloudflare dashboard
After Generating thekeys, useTURNSTILE_SITE_KEY, andTURNSTILE_SECRET_KEY in your.env file
TURNSTILE_SITE_KEY=2x00000000000000000000ABTURNSTILE_SECRET_KEY=2x0000000000000000000000000000000AA
If you want to test the widget, you can use theDummy site keys and secret keys that Cloudflare provides.
Once you require this package, you can use the turnstile widget in your form, like the following
<x-turnstile-widgettheme="dark"language="en-US"size="normal"callback="callbackFunction"errorCallback="errorCallbackFunction"/>
As you can see, the widget has few options to use. You can know more about them in theconfiguration section
Once you used the widget component, in the frontend. You can validateCloudflare Response, by using thevalidate method.
Here's an example:
useCoderflex\LaravelTurnstile\Facades\LaravelTurnstile;publicfunctionstore(Request$request){// maybe you want to validate your form first$response = LaravelTurnstile::validate();if (!$response['success']) {// will return boolean// do your logic }}
You may, optionally, send theCloudflare response with the validation method. Something like the following:
publicfunctionstore(Request$request){...$response = LaravelTurnstile::validate($request->get('cf-turnstile-response');// this will be created from the cloudflare widget. );...}
If you want clean validation, you can use theTurnstileCheck custom rule, along with your form validation. Here's an example:
useCoderflex\LaravelTurnstile\Rules\TurnstileCheck;publicfunctionstore(Request$request){$request->validate(['cf-turnstile-response' => [newTurnstileCheck()] ]);}
The custom rule, will use the same logic, as thebackend validation, but instead will check for the response, and return a validation message, if the captcha fails.
You can change the content of the validation message, inconfig/turnstile.php file
return [ ...'error_messages' => ['turnstile_check_message' =>'The CAPTCHA thinks you are a robot! Please refresh and try again.', ],];
PS: If you want to translate the message, just copy the message and translate it, because it uses the translator method behind the scene.
In your blade file
<formaction=""method="post">@csrf <div> <inputtype="text"name="name" />@error('name') <pclass="error">{{$message}}</p>@enderror </div> <div> <x-turnstile-widgettheme="auto"language="fr"/>@error('cf-turnstile-response') <pclass="error">{{$message}}</p>@enderror </div> <button>Submit</button></form>
In your controller:
useCoderflex\LaravelTurnstile\Rules\TurnstileCheck;useCoderflex\LaravelTurnstile\Facades\LaravelTurnstile;...publicfunctionstore(Request$request){$request->validate(['name' => ['required','string','max:250'],'cf-turnstile-response' => ['required',newTurnstileCheck()], ]);// or$response = LaravelTurnstile::validate();if (!$response['success']) {// do your thing. }// do your things.}
composertestPlease seeCHANGELOG for more information on what has changed recently.
Please seeCONTRIBUTING for details.
Please reviewour security policy on how to report security vulnerabilities.
The MIT License (MIT). Please seethe License File for more information.
About
A package to help you implement the Cloudflare turnstile "CAPTCHA Alternative" into your laravel applications
Topics
Resources
License
Uh oh!
There was an error while loading.Please reload this page.
Stars
Watchers
Forks
Uh oh!
There was an error while loading.Please reload this page.
Contributors5
Uh oh!
There was an error while loading.Please reload this page.