PHPackages                             redeyed/sentinel-laravel - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. redeyed/sentinel-laravel

ActiveLibrary[Security](/categories/security)

redeyed/sentinel-laravel
========================

Redeyed Sentinel CAPTCHA + IP-reputation integration for Laravel. Free to install, inert until keys are set.

v1.0.0(yesterday)00MITPHPPHP &gt;=8.1

Since Jun 30Pushed yesterdayCompare

[ Source](https://github.com/Bruted/sentinel-laravel)[ Packagist](https://packagist.org/packages/redeyed/sentinel-laravel)[ Docs](https://redeyed.com)[ RSS](/packages/redeyed-sentinel-laravel/feed)WikiDiscussions main Synced today

READMEChangelog (1)Dependencies (1)Versions (2)Used By (0)

Redeyed Sentinel for Laravel
============================

[](#redeyed-sentinel-for-laravel)

Add **Redeyed Sentinel** — a self-hosted CAPTCHA + IP-reputation service — to any Laravel app in a couple of minutes.

Sentinel is **free to install** and completely **inert until you set your keys**. Before keys are configured the package fails *open* (verification passes and a warning is logged) so your forms never break. Once your keys are in place, every protected form is verified server-side.

Requirements
------------

[](#requirements)

- PHP &gt;= 8.1
- Laravel 10 or 11

Installation
------------

[](#installation)

```
composer require redeyed/sentinel-laravel
```

The service provider is auto-discovered — there is nothing to register manually.

Optionally publish the config:

```
php artisan vendor:publish --tag=sentinel-config
```

Configuration
-------------

[](#configuration)

Grab your keys from the **Redeyed Lab** panel:

- **Site key** (public): *Developer → Sentinel Sites*
- **API key** (secret): *Developer → API Keys*

Add them to your `.env`:

```
SENTINEL_SITE_KEY=your-public-site-key
SENTINEL_API_KEY=your-secret-api-key

# Optional — only change if you self-host Sentinel elsewhere
# SENTINEL_BASE_URL=https://redeyed.com
```

The `SENTINEL_API_KEY` is **secret** and stays server-side — it is only ever sent as the `X-Api-Key` header during verification and is never exposed to the browser.

Usage
-----

[](#usage)

### 1. Render the widget in your form

[](#1-render-the-widget-in-your-form)

Drop the component anywhere inside your ``:

```

    @csrf

    {{-- ...your fields... --}}

    Submit

```

Prefer a directive? `@sentinel` does exactly the same thing:

```

    @csrf
    @sentinel
    Submit

```

The widget loads the Sentinel script once per page and injects a hidden input named `sentinel-token` into your form.

### 2. Verify on the server

[](#2-verify-on-the-server)

Add the rule to your validation. Either use the rule class:

```
use Redeyed\LaravelSentinel\Rules\Sentinel;

$request->validate([
    // ...your other rules...
    'sentinel-token' => ['required', new Sentinel],
]);
```

…or the string alias:

```
$request->validate([
    'sentinel-token' => ['required', 'sentinel'],
]);
```

If verification fails the user sees:

> Human verification failed — please try again.

How verification works
----------------------

[](#how-verification-works)

On submit, the package POSTs to `{BASE_URL}/api/v1/verify` with the `X-Api-Key` header and a JSON body of `{"site_key": "...", "token": "..."}`. The submission passes only when the response reports `success === true`(both the `{ "data": { "success": true }, "meta": {} }` envelope and a flat `{ "success": true }` shape are supported).

If keys are not configured, verification fails **open** and logs a warning so forms keep working until you finish setup.

License
-------

[](#license)

MIT © 2026 Redeyed Corporation

###  Health Score

39

—

LowBetter than 85% of packages

Maintenance100

Actively maintained with recent releases

Popularity0

Limited adoption so far

Community6

Small or concentrated contributor base

Maturity42

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Unknown

Total

1

Last Release

1d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/5244208523531156be8603e3bb5a526fdc7857cf27610cbbfddcd9cf8fe51d68?d=identicon)[Bruted](/maintainers/Bruted)

---

Top Contributors

[![Bruted](https://avatars.githubusercontent.com/u/73144421?v=4)](https://github.com/Bruted "Bruted (1 commits)")

---

Tags

laravelcaptchasentinelbot-protectionip reputationredeyed

### Embed Badge

![Health badge](/badges/redeyed-sentinel-laravel/health.svg)

```
[![Health](https://phpackages.com/badges/redeyed-sentinel-laravel/health.svg)](https://phpackages.com/packages/redeyed-sentinel-laravel)
```

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
