Back to Kodaris
Home SDK

reCAPTCHA

Overview

The reCaptcha module provides built-in support for verifying Google reCAPTCHA tokens in your server-side code. It enables secure validation of user interactions to help prevent bots and abuse across your forms, sign-ups, and other public-facing endpoints.

This module is designed to work with reCAPTCHA v2 and v3 tokens, verifying them directly against Google's reCAPTCHA API. It handles token validation and response parsing, allowing you to easily incorporate bot protection into your pserver-side logic.

Note: The Recaptcha module is globally available in the SDK environment via kd.recaptcha.

Key Features

  1. Token Verification: Validate reCAPTCHA
  2. Support for v2 & v3: Compatible with both reCAPTCHA v2 (checkbox) and v3 (score-based) implementations.
  3. Simple API: Submit a token and receive a structured response with success status, score, and action (for v3).

Example Use Cases

  1. Securing sign-up or login forms
  2. Protecting public APIs from automated requests
  3. Preventing spam submissions on contact or feedback forms

By using kd.recaptcha, you ensure that only verified human users can proceed through public forms and pages of your application.

Methods

siteVerify(value)

  1. Parameters
    1. value (String, required): The reCAPTCHA token generated by the client-side reCAPTCHA widget. This token is typically obtained when a user completes a reCAPTCHA challenge.
  2. Returns (Boolean): Returns a boolean:
    1. true: The token is valid, indicating a genuine user interaction.
    2. false: The token is invalid or expired, suggesting potential automated or suspicious activity.
  3. Usage Notes
    1. The reCAPTCHA token is typically generated on the client side when a user completes a reCAPTCHA challenge.
    2. Tokens have a limited lifetime and should be verified promptly after generation.
    3. The verification process checks with Google's reCAPTCHA service to confirm the token's validity.
    4. This method should be called server-side to protect your reCAPTCHA secret key.
  4. Example:
// Verify a reCAPTCHA token
var token = "03AGdBq26_HZ7j9C5WzSC-hv9d-9HSNW..."; // Token from client-side
var isValid = kd.recaptcha.siteVerify(token);

/* Sample Response:
true  // Token is valid
*/

// Using the verification in form submission handling
function handleFormSubmission(formData, recaptchaToken) {
  // First verify the reCAPTCHA
  var isHuman = kd.recaptcha.siteVerify(recaptchaToken);
  
  if (!isHuman) {
    return {
      success: false,
      error: "CAPTCHA verification failed. Please try again."
    };
  }
  
  // Proceed with form processing if verification passed
  // ...process form data...
  
  return {
    success: true,
    message: "Form submitted successfully"
  };
}
In this article