How to verify Google reCAPTCHA v3 response
Today weāll show you how to verify Google reCAPTCHA v3 response using Node.js. In the previous article, we explained to you how to implement reCAPTCHA v3 in React.
Here, we will verify the google reCAPTCHA response using Node.js but you can use any backend technology to verify the response.
Google reCAPTCHA v3
- Part 1 - Implement reCAPTCHA v3 in React
- Part 2 - Verify Google reCAPTCHA v3 using Node.js (You are hereā¦)
Verify Google reCAPTCHA v3 using Node.js
1. Create REST API
In the first step, we will create a simple REST API with basic configuration. I would recommend you to check the article: Create REST API in Node.js.
Additionally, we will install npm dependencies in the application. Run the following command to install the packages.
npm i body-parser cors node-fetch
After implementing the package, your server code should look like below.
server.js
var express = require('express'),
bodyParser = require('body-parser'),
app = express(),
port = process.env.PORT || 4000;
// parse application/json
app.use(bodyParser.json());
// parse application/x-www-form-urlencoded
app.use(bodyParser.urlencoded({ extended: true }));
// request handlers
app.get('/', (req, res) => {
res.status(200).json({ message: 'Clue Mediator' });
});
app.listen(port, () => {
console.log('Server started on: ' + port);
});
Weāll use the other plugins for further use.
2. Enable CORS
To enable the CORS, we will use the `cors` npm package. Refer the following article for more information.
3. Create an API to verify reCAPTCHA v3 response
Now, we have to create an API to verify reCAPTCHA v3 response. We will use the `node-fetch` npm package to call an external API. Refer the document for the API request.
var fetch = require('node-fetch');
var SECRET_KEY = "<your_secret_key>";
// verify reCAPTCHA response
app.post('/verify', (req, res) => {
var VERIFY_URL = `https://www.google.com/recaptcha/api/siteverify?secret=${SECRET_KEY}&response=${req.body['g-recaptcha-response']}`;
return fetch(VERIFY_URL, { method: 'POST' })
.then(res => res.json())
.then(json => res.send(json));
});
</your_secret_key>
We have used the SECRET KEY to verify reCAPTCHA response. Check out the following link to generate keys.
Generate google reCAPTCHA v3 keys
Letās combine all code together and see how it looks.
server.js
var express = require('express'),
bodyParser = require('body-parser'),
app = express(),
port = process.env.PORT || 4000;
var fetch = require('node-fetch');
var SECRET_KEY = "<your_secret_key>";
// enable CORS using npm package
var cors = require('cors');
app.use(cors());
// parse application/json
app.use(bodyParser.json());
// parse application/x-www-form-urlencoded
app.use(bodyParser.urlencoded({ extended: true }));
// verify reCAPTCHA response
app.post('/verify', (req, res) => {
var VERIFY_URL = `https://www.google.com/recaptcha/api/siteverify?secret=${SECRET_KEY}&response=${req.body['g-recaptcha-response']}`;
return fetch(VERIFY_URL, { method: 'POST' })
.then(res => res.json())
.then(json => res.send(json));
});
// request handlers
app.get('/', (req, res) => {
res.status(200).json({ message: 'Clue Mediator' });
});
app.listen(port, () => {
console.log('Server started on: ' + port);
});
</your_secret_key>
4. Output
To test this API, we recommend you to use the previous article and call `\verify` API and pass the `g-recaptcha-response` to verify with google reCAPTCHA backend API.
Output - How to verify Google reCAPTCHA v3 response - Clue Mediator
Thatās it for today.
Thank you for reading. Happy Coding..!!