Anti-bot CAPTCHA
reCAPTCHA protects your website from fraud and abuse. reCAPTCHA uses an advanced risk analysis engine and adaptive challenges to keep malicious software from engaging in abusive activities on your website. Meanwhile, legitimate users will be able to login, make purchases, view pages, or create accounts and fake users will be blocked.
Read more at: https://www.google.com/recaptcha/about/
The reCAPTCHA is a builtin middleware, you don't have to install it.
Import
"github.com/kataras/iris/v12/middleware/recaptcha"Get your public and secret keys from: https://www.google.com/recaptcha/admin
Initialize with
recaptcha.New(recaptchaSecret)Create an HTML form which you want to protect from bots and add the script tag:
<script src="https://www.google.com/recaptcha/api.js"></script>.Add a hidden element or a div with class of
g-recaptchaand set thedata-sitekeyattribute to your public key.Use the middleware to protect the routes.
Example Code:
package mainimport ("fmt""github.com/kataras/iris/v12""github.com/kataras/iris/v12/middleware/recaptcha")// keys should be obtained by https://www.google.com/recaptcha/adminconst (recaptchaPublic = "6Lf3WywUAAAAAKNfAm5DP2J5ahqedtZdHTYaKkJ6"recaptchaSecret = "6Lf3WywUAAAAAJpArb8nW_LCL_PuPuokmEABFfgw")func main() {app := iris.New()r := recaptcha.New(recaptchaSecret)app.Get("/comment", showRecaptchaForm)// pass the middleware before the main handler// or use the `recaptcha.SiteVerify`.app.Post("/comment", r, postComment)app.Listen(":8080")}// You can use view templates instead.var htmlForm = `<form action="/comment" method="POST"><script src="https://www.google.com/recaptcha/api.js"></script><div class="g-recaptcha" data-sitekey="%s"></div><input type="submit" name="button" value="Verify"></form>`func showRecaptchaForm(ctx iris.Context) {contents := fmt.Sprintf(htmlForm, recaptchaPublic)ctx.HTML(contents)}// This handler is protected by the recaptcha middleware.func postComment(ctx iris.Context) {// [...]ctx.JSON(iris.Map{"success": true})}
Navigate to http://localhost:8080/comment.
Stop more bots. Start protecting user privacy. Do you use a captcha to keep out bots? hCaptcha protects user privacy, rewards websites, and helps companies get their data labeled. It is a drop-in replacement for reCAPTCHA: you can switch within minutes.
Read more at: https://www.hcaptcha.com/
The hCaptcha is a builtin middleware, you don't have to install it.
Import
"github.com/kataras/iris/v12/middleware/hcaptcha"Get your public and secret keys from: https://dashboard.hcaptcha.com.
Initialize with
hcaptcha.New(secretKey)Create an HTML form which you want to protect from bots and add the script tag:
<script src="https://hcaptcha.com/1/api.js" async defer></script>.Add a hidden element or a div with class of
h-captchaand set thedata-sitekeyattribute to your public key.Use the middleware to protect the routes.
Example Code:
For local development you have to setup your HOSTS file:
# https://docs.hcaptcha.com/#localdev# Add to the end of your hosts file,# e.g. on windows: C:/windows/system32/drivers/etc/hosts127.0.0.1 yourdomain.com
Let's start by creating our HTML view template form:
<!-- ./templates/register_form.html --><html><head><title>hCaptcha Demo</title><script src="https://hcaptcha.com/1/api.js" async defer></script></head><body><form action="/register" method="POST"><input type="text" name="email" placeholder="Email" /><input type="password" name="password" placeholder="Password" /><div class="h-captcha" data-sitekey="{{ .SiteKey }}"></div><br /><input type="submit" value="Submit" /></form></body></html>
The web server should look like this:
// ./main.gopackage mainimport ("os""github.com/kataras/iris/v12""github.com/kataras/iris/v12/middleware/hcaptcha")// Get the following values from: https://dashboard.hcaptcha.com// Also, check: https://docs.hcaptcha.com/#localdev to test on local environment.var (siteKey = os.Getenv("HCAPTCHA-SITE-KEY")secretKey = os.Getenv("HCAPTCHA-SECRET-KEY"))func main() {app := iris.New()app.RegisterView(iris.HTML("./templates", ".html"))hCaptcha := hcaptcha.New(secretKey)app.Get("/register", registerForm)// See `hcaptcha.SiteVerify` for manual validation too.app.Post("/register", hCaptcha, register)app.Logger().Infof("SiteKey = %s\tSecretKey = %s",siteKey, secretKey)// GET: http://yourdomain.com/registerapp.Listen(":80")}// This handler is protected by the hcaptcha middleware.func register(ctx iris.Context) {// [Some action here...]}func registerForm(ctx iris.Context) {ctx.ViewData("SiteKey", siteKey)ctx.View("register_form.html")}
Navigate to http://yourdomain.com/register.
Optionally, to get the hCaptcha original response you need to call hcaptcha.Get(ctx). Example:
hcaptchaResp, ok := hcaptcha.Get(ctx)if !ok {ctx.StatusCode(iris.StatusUnauthorized)ctx.WriteString("Are you a bot?")return}ctx.Writef("Register action here...action was asked by a Human.\nResponse value is: %#+v", hcaptchaResp)
That's all!
