| Copyright | (c) Mike Ledger 2014 (c) Lars Petersen 2012 |
|---|---|
| License | BSD-style |
| Maintainer | mike@quasimal.com, info@lars-petersen.net |
| Stability | experimental |
| Portability | portable |
| Safe Haskell | None |
| Language | Haskell2010 |
Snap.Snaplet.ReCaptcha
Description
This is a snaplet for google's ReCaptcha verification api. This library uses `http-conduit` and keeps connections alive (a maximum of 10). This is an important point in order to avoid denial of service attacks.
See Example and the docs provided here for example
usage.
- data ReCaptcha
- class HasReCaptcha b where
- captchaLens :: SnapletLens (Snaplet b) ReCaptcha
- initReCaptcha :: Maybe (Snaplet (Heist b)) -> SnapletInit b ReCaptcha
- initReCaptcha' :: Maybe (Snaplet (Heist b)) -> (SiteKey, PrivateKey) -> SnapletInit b ReCaptcha
- checkCaptcha :: HasReCaptcha b => Handler b c ()
- withCaptcha :: HasReCaptcha b => Handler b c () -> Handler b c () -> Handler b c ()
- getCaptcha :: HasReCaptcha b => Handler b c Captcha
- data Captcha
- type PrivateKey = ByteString
- type SiteKey = ByteString
- cstate :: Lens' ReCaptcha Captcha
- recaptchaScript :: Builder
- recaptchaDiv :: ByteString -> Builder
Snaplet and Initialization
class HasReCaptcha b where Source
Methods
captchaLens :: SnapletLens (Snaplet b) ReCaptcha Source
Instances
initReCaptcha :: Maybe (Snaplet (Heist b)) -> SnapletInit b ReCaptcha Source
Initialise the ReCaptcha snaplet. You are required to have "site_key" and
"secret_key" set in the snaplet's configuration file. See 'initReCaptcha\''
if you don't want to use Snap's snaplet configuration mechanism.
This provides optional Heist support, which is implemented using
recaptchaScript and recaptchaDiv.
initReCaptcha' :: Maybe (Snaplet (Heist b)) -> (SiteKey, PrivateKey) -> SnapletInit b ReCaptcha Source
Same as initReCaptcha, but passing the site key and private key
explicitly - no configuration on the filesystem is required.
Handlers
checkCaptcha :: HasReCaptcha b => Handler b c () Source
pass if the cstate failed. Logs errors (not incorrect captchas) with
logError.
checkCaptcha<|>writeText"Captcha failed!"
See getCaptcha
Arguments
| :: HasReCaptcha b | |
| => Handler b c () | Ran on failure |
| -> Handler b c () | Ran on success |
| -> Handler b c () |
Run one of two handlers on either failing or succeeding a captcha.
withCaptchabanForever $ do postId <-getParam"id" thing <-getPostParamthing addCommentToDB postId thing
See getCaptcha
getCaptcha :: HasReCaptcha b => Handler b c Captcha Source
Get the ReCaptcha result by querying Google's API.
This requires a "g-recaptcha-response" (POST) parameter to be set in the current request.
See ReCaptchaResult for possible failure types.
cstate <- getCaptcha
case cstate of
Success -> writeText "Congratulations! You won."
Failure -> writeText "Incorrect cstate answer."
MissingResponseParam -> writeText "No g-recaptcha-response in POST"
InvalidServerResponse -> writeText "Did Google change their API?"
Errors errs -> writeText ("Errors: " <> pack (show errs))
This may throw a HttpException if there is a connection-related error.
Types
Constructors
| Success | |
| Failure | |
| Errors [Text] | Errors returned by the Captcha. See https://developers.google.com/recaptcha/docs/verify
for possible error codes. Note that |
| InvalidServerResponse | The server didn't respond with the JSON object required as per https://developers.google.com/recaptcha/docs/verify |
| MissingResponseParam | There was no "recaptcha_response_field" parameter set in the user request. |
type PrivateKey = ByteString Source
type SiteKey = ByteString Source
Extra
recaptchaDiv :: ByteString -> Builder Source
For use in a HTML form.