DanRibbens · March 13, 2023 06:53
diff --git a/form.blade.php b/form.blade.php
    <form role="form" method="POST" action="{{route('register')}}" class="inverted full">
        <input type="hidden" name="_token" value="{{ csrf_token() }}">
        <input type="hidden" name="register" value="true">

        <div class="interact">
            <label for="register-email">Email Address</label>
            <input id="register-email" class="email" type="email" class="form-control" name="email"
                   value="{{ old('email') }}">
        </div>

        <div class="row">
            <div class="interact col6">
                <label for="register-password">Password</label>
                <input id="register-password" class="password" type="password" class="form-control" name="password">
            </div>

            <div class="interact col6">
                <label for="register-confirm-password">Confirm Password</label>
                <input id="register-confirm-password" class="confirm-password" type="password" class="form-control"
                       name="password_confirmation">
            </div>
        </div>

        <div class="row">
            <div class="interact col6">
                <label for="register-first-name">First Name</label>
                <input id="register-first-name" class="first-name" type="text" class="form-control" name="first_name"
                       value="{{ old('first_name') }}">
            </div>

            <div class="interact col6">
                <label for="register-last-name">Last Name</label>
                <input id="register-last-name" class="last-name" type="text" class="form-control" name="last_name"
                       value="{{ old('last_name') }}">
            </div>
        </div>
        
        <input type="hidden" id="recaptcha" name="recaptcha" value="">
        @if(old('recaptcha-v2'))
            <div class="g-recaptcha" data-sitekey="{{config('services.recaptcha_v2.site_key')}}"></div>
        @endif

        <button type="submit" id="register-submit">
            Register
        </button>
    </form>
 </section>

 @section('scripts')
    @if(old('recaptcha-v2'))
    <script type="text/javascript">
      var onloadCallback = function() {
        alert("grecaptcha is ready!");
      };
    </script>
    <script src="https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit"
            async defer>
    </script>
    @endif

    <script src='https://www.google.com/recaptcha/api.js'></script>
    <script type="text/javascript">

        $('[data-modal="#register-modal"]').click(function () {
            grecaptcha.execute(
                '{{config('services.recaptcha.site_key')}}',
                {action: 'profileModal'}
            ).then(function (token) {
                {{-- set the local token on the hidden recaptcha input to be sent with form submission --}}
                $('#recaptcha').val(token);
            }, function(error) {
            });
        });
    </script>
 @append
diff --git a/Kernal.php b/Kernal.php
 <?php namespace App\Http;

 use App\Http\Middleware\VerifyRecaptcha;
 use Illuminate\Foundation\Http\Kernel as HttpKernel;

 class Kernel extends HttpKernel
 {
    /**
     * The application's route middleware.
     *
     * @var array
     */
    protected $routeMiddleware = [
        'recaptcha' => VerifyRecaptcha::class,
    ];

 }
diff --git a/VerifyRecaptcha.php b/VerifyRecaptcha.php
 <?php

 namespace App\Http\Middleware;

 use Closure;
 use GuzzleHttp\Client;

 class VerifyRecaptcha
 {

    /**
     * Handle an incoming request.
     *
     * @param \Illuminate\Http\Request $request
     * @param \Closure $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {

        $client = new Client();

        // Recaptcha v2
        if ($request['g-recaptcha-response']) {
            $response = $client->post(
                'https://www.google.com/recaptcha/api/siteverify',
                ['form_params' => [
                    'secret' => config('services.recaptcha_v2.secret_key'),
                    'response' => $request['g-recaptcha-response'],
                    'remoteip' => $_SERVER['REMOTE_ADDR'],
                ]]
            );

            $body = json_decode((string)$response->getBody());

            if ($body->success) {
                return $next($request);
            }
        }

        // recaptcha v3
        if ($request->recaptcha) {
            $response = $client->post(
                'https://www.google.com/recaptcha/api/siteverify',
                ['form_params' => [
                    'secret' => config('services.recaptcha.secret_key'),
                    'response' => $request->recaptcha,
                    'remoteip' => $_SERVER['REMOTE_ADDR'],
                ]]
            );

            $body = json_decode((string)$response->getBody());

            if (!$body->success || ($body->score && $body->score < 0.3)) {
                return redirect()->back()
                    ->withErrors('We cannot tell if you are a real person. Try again and if you still are having trouble, please contact us.')
                    ->withInput(['register' => true]);
            }

            return $next($request);
        }

        // no valid recaptcha, try recaptcha-v2
        return redirect()->back()
            ->withErrors('We cannot tell if you are a real person. Try again and if you still are having trouble, please contact us.')
            ->withInput(array_merge(['register' => true, 'recaptcha-v2' => true], $request->all()));
    }

 }
	<form role="form" method="POST" action="{{route('register')}}" class="inverted full">
	<input type="hidden" name="_token" value="{{ csrf_token() }}">
	<input type="hidden" name="register" value="true">

	<div class="interact">
	<label for="register-email">Email Address</label>
	<input id="register-email" class="email" type="email" class="form-control" name="email"
	value="{{ old('email') }}">
	</div>

	<div class="row">
	<div class="interact col6">
	<label for="register-password">Password</label>
	<input id="register-password" class="password" type="password" class="form-control" name="password">
	</div>

	<div class="interact col6">
	<label for="register-confirm-password">Confirm Password</label>
	<input id="register-confirm-password" class="confirm-password" type="password" class="form-control"
	name="password_confirmation">
	</div>
	</div>

	<div class="row">
	<div class="interact col6">
	<label for="register-first-name">First Name</label>
	<input id="register-first-name" class="first-name" type="text" class="form-control" name="first_name"
	value="{{ old('first_name') }}">
	</div>

	<div class="interact col6">
	<label for="register-last-name">Last Name</label>
	<input id="register-last-name" class="last-name" type="text" class="form-control" name="last_name"
	value="{{ old('last_name') }}">
	</div>
	</div>

	<input type="hidden" id="recaptcha" name="recaptcha" value="">
	@if(old('recaptcha-v2'))
	<div class="g-recaptcha" data-sitekey="{{config('services.recaptcha_v2.site_key')}}"></div>
	@endif

	<button type="submit" id="register-submit">
	Register
	</button>
	</form>
	</section>

	@section('scripts')
	@if(old('recaptcha-v2'))
	<script type="text/javascript">
	var onloadCallback = function() {
	alert("grecaptcha is ready!");
	};
	</script>
	<script src="https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit"
	async defer>
	</script>
	@endif

	<script src='https://www.google.com/recaptcha/api.js'></script>
	<script type="text/javascript">

	$('[data-modal="#register-modal"]').click(function () {
	grecaptcha.execute(
	'{{config('services.recaptcha.site_key')}}',
	{action: 'profileModal'}
	).then(function (token) {
	{{-- set the local token on the hidden recaptcha input to be sent with form submission --}}
	$('#recaptcha').val(token);
	}, function(error) {
	});
	});
	</script>
	@append
	<?php namespace App\Http;

	use App\Http\Middleware\VerifyRecaptcha;
	use Illuminate\Foundation\Http\Kernel as HttpKernel;

	class Kernel extends HttpKernel
	{
	/**
	* The application's route middleware.
	*
	* @var array
	*/
	protected $routeMiddleware = [
	'recaptcha' => VerifyRecaptcha::class,
	];

	}
	<?php

	namespace App\Http\Middleware;

	use Closure;
	use GuzzleHttp\Client;

	class VerifyRecaptcha
	{

	/**
	* Handle an incoming request.
	*
	* @param \Illuminate\Http\Request $request
	* @param \Closure $next
	* @return mixed
	*/
	public function handle($request, Closure $next)
	{

	$client = new Client();

	// Recaptcha v2
	if ($request['g-recaptcha-response']) {
	$response = $client->post(
	'https://www.google.com/recaptcha/api/siteverify',
	['form_params' => [
	'secret' => config('services.recaptcha_v2.secret_key'),
	'response' => $request['g-recaptcha-response'],
	'remoteip' => $_SERVER['REMOTE_ADDR'],
	]]
	);

	$body = json_decode((string)$response->getBody());

	if ($body->success) {
	return $next($request);
	}
	}

	// recaptcha v3
	if ($request->recaptcha) {
	$response = $client->post(
	'https://www.google.com/recaptcha/api/siteverify',
	['form_params' => [
	'secret' => config('services.recaptcha.secret_key'),
	'response' => $request->recaptcha,
	'remoteip' => $_SERVER['REMOTE_ADDR'],
	]]
	);

	$body = json_decode((string)$response->getBody());

	if (!$body->success \|\| ($body->score && $body->score < 0.3)) {
	return redirect()->back()
	->withErrors('We cannot tell if you are a real person. Try again and if you still are having trouble, please contact us.')
	->withInput(['register' => true]);
	}

	return $next($request);
	}

	// no valid recaptcha, try recaptcha-v2
	return redirect()->back()
	->withErrors('We cannot tell if you are a real person. Try again and if you still are having trouble, please contact us.')
	->withInput(array_merge(['register' => true, 'recaptcha-v2' => true], $request->all()));
	}

	}