node.js - 如何验证谷歌验证码

Question

客户端代码

<script src='https://www.google.com/recaptcha/api.js'></script>
<script>
   var verified = function() {
       document.getElementById("loginform").submit();
   };
</script>    

<form action="www.example.com/" method="POST" id="loginform" onsubmit=" return validation()">
   <input  id="email" maxlength="80" name="email" size="20" type="text"  placeholder="Enter Your Email" style="margin-bottom: 30px;"/><br>
   <div id="captchadiv">
        <div class="g-recaptcha" data-sitekey="site key" data-callback="verified"></div>
   </div>
   <button type="submit" value="Submit" id="reg_submit" style=" display:block;margin: 0 auto;"><img src="/favicon.png" style="width: 20px;float: left;" />Sign in</button>                  
 </form>

服务器端代码

reCAPTCHA=require('recaptcha2')

        recaptcha=new reCAPTCHA({
            siteKey:'site key',
            secretKey:'secretKey'
        })

我正在研究 node js。我正在使用谷歌 recaptcha2，当我看到很多示例和所有示例时，都使用表单验证 recaptcha提交。他们定义了 Action ，但我的 Action 方法在其他导航中使用，所以我可以使用 get, post 请求。我不知道如何使用 get, post 请求 recaptcha。我想在服务器端使用 验证 recaptcha >get,post 请求。

我需要有关后端验证工作的帮助。 提前致谢!

Answer 1

请试试这段代码

客户端代码不安全，所以请使用双方代码

客户端

function validateform(){
    var captcha_response = grecaptcha.getResponse();
        if(captcha_response.length == 0 || grecaptcha != undefined )
        {
            // Captcha is not Passed
            return '  Please verify you are not a robot.';
        }else{
            $.get('/captchaTest',{'response':captcha_response},function(response){
                if(response == undefined && response.responseCode == undefined && response.responseDesc == undefined  && response.responseCode !== 0 && response.responseDesc !== 'Sucess' ){
                    return ' You are a robot.';
                }
                grecaptcha.reset();
            });
        }
}

服务器端

app.get('/captchaTest',function(req,res){
    var requestQuery = req.query;
    if( requestQuery != undefined && requestQuery != '' && requestQuery != null && requestQuery.response != undefined && requestQuery.response != '' && requestQuery.response != null ){
        var response = requestQuery.response;
            var verificationUrl = "https://www.google.com/recaptcha/api/siteverify?secret="+ secret_key +"&response=" +response;
            // Hitting GET request to the URL, Google will respond with success or error scenario.
            request(verificationUrl,function(error,response,body) {
            body = JSON.parse(body);
            // Success will be true or false depending upon captcha validation.
                if(body.success !== undefined && !body.success) {
                    res.send({"responseCode" : 1,"responseDesc" : "Failed captcha verification"});
                }else{
                    res.send({"responseCode" : 0,"responseDesc" : "Sucess"});
                }
            });
    }else{
        res.send({"responseCode" : 1,"responseDesc" : "Failed captcha verification"});
    }
});