Copyright | (c) Mike Ledger 2014 (c) Lars Petersen 2012 |
---|---|
License | BSD-style |
Maintainer | mike@quasimal.com, info@lars-petersen.net |
Stability | experimental |
Portability | portable |
Safe Haskell | None |
Language | Haskell2010 |
This is a snaplet for google's ReCaptcha verification api. This library uses `http-conduit` and keeps connections alive (a maximum of 10). This is an important point in order to avoid denial of service attacks.
See Snap.Snaplet.ReCaptcha.Example and the docs provided here for example usage.
- data ReCaptcha
- class HasReCaptcha b where
- captchaLens :: SnapletLens (Snaplet b) ReCaptcha
- initReCaptcha :: Maybe (Snaplet (Heist b)) -> SnapletInit b ReCaptcha
- initReCaptcha' :: Maybe (Snaplet (Heist b)) -> (SiteKey, PrivateKey) -> SnapletInit b ReCaptcha
- checkCaptcha :: HasReCaptcha b => Handler b c ()
- withCaptcha :: HasReCaptcha b => Handler b c () -> Handler b c () -> Handler b c ()
- getCaptcha :: HasReCaptcha b => Handler b c Captcha
- getCaptchaDiv :: HasReCaptcha b => Handler b c Builder
- getCaptchaSiteKey :: HasReCaptcha b => Handler b c SiteKey
- data Captcha
- type PrivateKey = ByteString
- type SiteKey = ByteString
- cstate :: Lens' ReCaptcha Captcha
- recaptchaScript :: Builder
- recaptchaDiv :: ByteString -> Builder
Snaplet and Initialization
class HasReCaptcha b where Source
captchaLens :: SnapletLens (Snaplet b) ReCaptcha Source
initReCaptcha :: Maybe (Snaplet (Heist b)) -> SnapletInit b ReCaptcha Source
Initialise the ReCaptcha
snaplet. You are required to have "site_key" and
"secret_key" set in the snaplet's configuration file. See 'initReCaptcha\''
if you don't want to use Snap's snaplet configuration mechanism.
This provides optional Heist support, which is implemented using
recaptchaScript
and recaptchaDiv
.
initReCaptcha' :: Maybe (Snaplet (Heist b)) -> (SiteKey, PrivateKey) -> SnapletInit b ReCaptcha Source
Same as initReCaptcha
, but passing the site key and private key
explicitly - no configuration on the filesystem is required.
Handlers
checkCaptcha :: HasReCaptcha b => Handler b c () Source
pass
if the cstate failed. Logs errors (not incorrect captchas) with
logError
.
checkCaptcha
<|>
writeText
"Captcha failed!"
See getCaptcha
:: HasReCaptcha b | |
=> Handler b c () | Ran on failure |
-> Handler b c () | Ran on success |
-> Handler b c () |
Run one of two handlers on either failing or succeeding a captcha.
withCaptcha
banForever $ do postId <-getParam
"id" thing <-getPostParam
thing addCommentToDB postId thing
See getCaptcha
getCaptcha :: HasReCaptcha b => Handler b c Captcha Source
Get the ReCaptcha result by querying Google's API.
This requires a "g-recaptcha-response" (POST) parameter to be set in the current request.
See ReCaptchaResult
for possible failure types.
cstate <- getCaptcha case cstate of Success -> writeText "Congratulations! You won." Failure -> writeText "Incorrect cstate answer." MissingResponseParam -> writeText "No g-recaptcha-response in POST" InvalidServerResponse -> writeText "Did Google change their API?" Errors errs -> writeText ("Errors: " <>pack
(show
errs))
This may throw a HttpException
if there is a connection-related error.
getCaptchaDiv :: HasReCaptcha b => Handler b c Builder Source
Get the recaptchaDiv
for this ReCaptcha
. Useful inside a Handler
.
This is computed when the snaplet is first initialised.
getCaptchaSiteKey :: HasReCaptcha b => Handler b c SiteKey Source
Types
Success | |
Failure | |
Errors [Text] | Errors returned by the Captcha. See https://developers.google.com/recaptcha/docs/verify
for possible error codes. Note that |
InvalidServerResponse | The server didn't respond with the JSON object required as per https://developers.google.com/recaptcha/docs/verify |
MissingResponseParam | There was no "recaptcha_response_field" parameter set in the user request. |
type PrivateKey = ByteString Source
type SiteKey = ByteString Source
Extra
recaptchaScript :: Builder Source
<script src='https://www.google.com/recaptcha/api.js' async defer></script>
recaptchaDiv :: ByteString -> Builder Source
For use in a HTML form.