PHPackages radiergummi/recaptcha-verify - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. radiergummi/recaptcha-verify ActiveCraft-plugin[Security](/categories/security) radiergummi/recaptcha-verify ============================ Verifies Recaptcha with Google's API 0.2.7(8y ago)0252MITPHP Since Dec 13Pushed 8y ago1 watchersCompare [ Source](https://github.com/Radiergummi/craft-recaptcha-verify)[ Packagist](https://packagist.org/packages/radiergummi/recaptcha-verify)[ RSS](/packages/radiergummi-recaptcha-verify/feed)WikiDiscussions master Synced 3d ago READMEChangelog (9)Dependencies (2)Versions (7)Used By (0) Recaptcha Verify plugin for Craft CMS 3.x ========================================= [](#recaptcha-verify-plugin-for-craft-cms-3x) Verifies Recaptcha with Google's API. [![Latest Stable Version](https://camo.githubusercontent.com/4d3bd6ef1daa18cced3b9ede199a71f907ca57cb9be5940e4d63ed79f76f15d0/68747470733a2f2f706f7365722e707567782e6f72672f72616469657267756d6d692f7265636170746368612d7665726966792f762f737461626c65)](https://packagist.org/packages/radiergummi/recaptcha-verify)[![Latest Unstable Version](https://camo.githubusercontent.com/c8155bbb2572a810076a259bea3059937c541f503066d40da27fdfdf8a41b7f2/68747470733a2f2f706f7365722e707567782e6f72672f72616469657267756d6d692f7265636170746368612d7665726966792f762f756e737461626c65)](https://packagist.org/packages/radiergummi/recaptcha-verify)[![License](https://camo.githubusercontent.com/52cf2a3a7a9cc393e71452877cf0dc4cbf91264694da1b681b9fb636ab3f642d/68747470733a2f2f706f7365722e707567782e6f72672f72616469657267756d6d692f7265636170746368612d7665726966792f6c6963656e7365)](https://packagist.org/packages/radiergummi/recaptcha-verify)[![Total Downloads](https://camo.githubusercontent.com/54e968e82ce7dcf3032e61cf2295c2cd60ac659c442e5aea5f5c4683ae75ed3d/68747470733a2f2f706f7365722e707567782e6f72672f72616469657267756d6d692f7265636170746368612d7665726966792f646f776e6c6f616473)](https://packagist.org/packages/radiergummi/recaptcha-verify) Requirements ------------ [](#requirements) This plugin requires Craft CMS 3.0.0-beta.23 or later. Installation ------------ [](#installation) To install the plugin, follow these instructions. 1. Open your terminal and go to your Craft project: ``` cd /path/to/project ``` 2. Then tell Composer to load the plugin: ``` composer require radiergummi/recaptcha-verify ``` 3. In the Control Panel, go to *Settings* → *Plugins* and click the *“Install”* button for Recaptcha Verify. Recaptcha Verify Overview ------------------------- [](#recaptcha-verify-overview) Recaptcha Verify validates Recaptcha tokens against Google's library. This is most possibly the smallest plugin I've ever written for any CMS (ignoring my `debugTheme` plugin for WordPress, which has an astonishing 3 lines to offer). Using Recaptcha Verify ---------------------- [](#using-recaptcha-verify) Recaptcha Verify provides a new `POST` action to Craft: `recaptcha-verify/verify`, that enables you to verify your responses. It also provides listeners for the contact form plugin, so you can verify your submissions. Details [below](#contactform-integration). The action expects the body content to contain `CRAFT_CSRF_TOKEN` and `token`, where token is the Recaptcha token received from Google. To set up the client side verification process, take a peek at the [Google documentation](https://developers.google.com/recaptcha/docs/display). **The response will be a 400 error if** - you don't have a secret configured in the settings - there is no token in the POST body **The response will be a 200 success if** - the token could be validated (`{status: 'success'}` as response body) - the token could **not** be validated (`{status: 'failed'}` as response body) It might sound strange to not throw an error for a validation issue, but it's actually just the result of the action asked for. How you handle that error on the client side is up to you. *If there is substantial interest in that being changed to throw an error too, I'll update the plugin.* Configuring Recaptcha Verify ---------------------------- [](#configuring-recaptcha-verify) There are two settings fields: Your Recaptcha API *site key* and *secret*. You can acquire them here: Fill the values as they are presented on the Google instructions page. You can also use a (multi-environment aware) configuration file named `recaptcha-verify.php`. ContactForm integration ----------------------- [](#contactform-integration) **This is still a `TODO` scheduled for 0.3.0 😉 Currently I'm not sure on how to make this optional, if anyone would like to help out, I'm open for PRs or issues.** To validate the token within a form submission, include the field `message[token]` in your form submission. [Recaptcha does currently not (and most likely never will) support browsers without JavaScript](https://developers.google.com/recaptcha/docs/faq#does-recaptcha-support-users-that-dont-have-javascript-enabled), so you'll need to submit it via JS anyway. See the following example form for reference: ``` // this will hold our token let recaptchaToken = null;  // callback for Recaptcha. We passed that as a parameter to `onload` in the script URL  const onloadCallback = function() { // render the widget in our container grecaptcha.render('recaptcha-container', { sitekey: 'your_site_key', // that one is passed in the settings callback: verifyCallback, // our verification callback below theme: 'dark' // optional theme }); }; // set recaptchaToken to the response from Google const verifyCallback = function(response) { recaptchaToken = response; }; // capture the submit event from our form document.querySelector('#contact-form').addEventListener('submit', event => { // prevent it from automatically submitting just yet event.preventDefault(); // if we don't have a token at this point, the user did not confirm the Recaptcha yet if (!recaptchaToken) { return alert('Please confirm the Recaptcha first!'); } // using Axios here for less complex code, you're free to use whatever AJAX library of course. // we pass the token (among our other fields, of course) as a parameter axios.post('/', { action: 'contact-form/send' 'message[token]': recaptchaToken }); }); ``` > Brought to you by [Radiergummi](https://github.com/Radiergummi) ### Health Score 26 — LowBetter than 43% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity11 Limited adoption so far Community7 Small or concentrated contributor base Maturity57 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 6 Last Release 3074d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/aa633f25468b1a85e85646d55aa16c39d04e163e92744d0a7c2a694dbcafc3e1?d=identicon)[Radiergummi](/maintainers/Radiergummi) --- Top Contributors [![Radiergummi](https://avatars.githubusercontent.com/u/6115429?v=4)](https://github.com/Radiergummi "Radiergummi (19 commits)") --- Tags googlerecaptchacmsCraftcraftcmscraft-plugin ### Embed Badge ![Health badge](/badges/radiergummi-recaptcha-verify/health.svg) ``` [![Health](https://phpackages.com/badges/radiergummi-recaptcha-verify/health.svg)](https://phpackages.com/packages/radiergummi-recaptcha-verify) ``` ### Alternatives [craftpulse/craft-password-policy Password Policy plugin 2826.0k1](/packages/craftpulse-craft-password-policy)[enupal/backup Fully integrated Backup solution for Craft CMS 1612.5k1](/packages/enupal-backup)[born05/craft-csp Content Security Policy (or CSP) generator using nonces. 1110.2k](/packages/born05-craft-csp) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)