From ec9afd8c19e5b966d5d4a26e798398645928c5ec Mon Sep 17 00:00:00 2001 From: Stephen Hamilton Date: Fri, 19 Jun 2020 13:05:33 +0100 Subject: [PATCH 1/2] Added ability to proxy verification requests via a plugin controller, before passing them to their intended action. --- README.md | 12 +++++++ src/controllers/RecaptchaController.php | 43 +++++++++++++++++++++++++ 2 files changed, 55 insertions(+) create mode 100644 src/controllers/RecaptchaController.php diff --git a/README.md b/README.md index dc14451..ff5f429 100644 --- a/README.md +++ b/README.md @@ -50,6 +50,18 @@ if ($validates) { } ``` +Or alternatively, use the in-built verification controller action to verify the request before forwarding it on to the intended action. + +For example, the following fields would verify the reCAPTCHA and then pass the request to the login controller action: + +```twig + + +{{ craft.recaptcha.render() }} +``` + +Set the `action` field to be `recaptcha/recaptcha/verify-submission` and the `verified-action` field to be the intended controller action you want to trigger. This will forward all other fields and parameters to the intended controller action. + ### Automated testing and reCAPTCHA If you need to run automated tests against your forms use the following keys. Verification requests using these credentials will always pass. diff --git a/src/controllers/RecaptchaController.php b/src/controllers/RecaptchaController.php new file mode 100644 index 0000000..2b8bda4 --- /dev/null +++ b/src/controllers/RecaptchaController.php @@ -0,0 +1,43 @@ +requirePostRequest(); + + // grab the request object + $request = Craft::$app->getRequest(); + + // grab the intended action (required) + $action = $request->getRequiredParam('verified-action'); + + // grab the recaptcha response (required) + $captcha = $request->getRequiredParam('g-recaptcha-response'); + + // run these past the verify() function + $verified = CraftRecaptcha::$plugin->craftRecaptchaService->verify($captcha); + + // if it's verified, then pass it on to the intended action, otherwise set a session error and return null + if ($verified) { + return Controller::run('/' . $action, func_get_args()); // run the intended action (add / to force it's scope to be outside the plugin) with all the params passed to this controller action + } else { + Craft::$app->getSession()->setError('Unable to verify your submission.'); + return null; + } + } +} From 141d49887bc1fd2bd2ceb484aa87c92df137594b Mon Sep 17 00:00:00 2001 From: Stephen Hamilton Date: Fri, 19 Jun 2020 13:08:01 +0100 Subject: [PATCH 2/2] Whitespace formatting. --- src/controllers/RecaptchaController.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/src/controllers/RecaptchaController.php b/src/controllers/RecaptchaController.php index 2b8bda4..f99be4a 100644 --- a/src/controllers/RecaptchaController.php +++ b/src/controllers/RecaptchaController.php @@ -18,12 +18,12 @@ class RecaptchaController extends Controller public function actionVerifySubmission() { // ensure the request is a post - $this->requirePostRequest(); - - // grab the request object - $request = Craft::$app->getRequest(); - - // grab the intended action (required) + $this->requirePostRequest(); + + // grab the request object + $request = Craft::$app->getRequest(); + + // grab the intended action (required) $action = $request->getRequiredParam('verified-action'); // grab the recaptcha response (required) @@ -36,8 +36,8 @@ public function actionVerifySubmission() if ($verified) { return Controller::run('/' . $action, func_get_args()); // run the intended action (add / to force it's scope to be outside the plugin) with all the params passed to this controller action } else { - Craft::$app->getSession()->setError('Unable to verify your submission.'); - return null; + Craft::$app->getSession()->setError('Unable to verify your submission.'); + return null; } } }