Allow custom score thresholds for reCAPTCHA #3

kodumbeats · 2021-03-17T18:33:16Z

With reCAPTCHA v3, each the server-side check has the following response model:

{
  "success": true|false,      // whether this request was a valid reCAPTCHA token for your site
  "score": number             // the score for this request (0.0 - 1.0)
  "action": string            // the action name for this request (important to verify)
  "challenge_ts": timestamp,  // timestamp of the challenge load (ISO format yyyy-MM-dd'T'HH:mm:ssZZ)
  "hostname": string,         // the hostname of the site where the reCAPTCHA was solved
  "error-codes": [...]        // optional
}

Since v3 implements a scoring system of 0.0 < x < 1.0, the success field no longer represents the bot check, but only if the provided token is valid.

This PR allows the check() method to accept a $score float parameter and will return the success bool as expected. The Google-suggested default is x=0.5.

Allow custom score thresholds for reCAPTCHA

f4e25c8

kodumbeats marked this pull request as draft March 17, 2021 18:55

kodumbeats added 2 commits March 17, 2021 15:13

Make $score an optional

68e1894

Update docblock

66eb894

kodumbeats marked this pull request as ready for review March 17, 2021 19:41

eldadfux merged commit 2b8cc40 into utopia-php:master Mar 17, 2021

kodumbeats mentioned this pull request Mar 18, 2021

Upgrade utopia-php/abuse to version 0.4.0 appwrite/appwrite#999

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Allow custom score thresholds for reCAPTCHA #3

Allow custom score thresholds for reCAPTCHA #3

kodumbeats commented Mar 17, 2021

Allow custom score thresholds for reCAPTCHA #3

Allow custom score thresholds for reCAPTCHA #3

Conversation

kodumbeats commented Mar 17, 2021