CODEWITHSUNDEEP
javascriptcallbackrecaptcha
MrDjToto
MrDjToto

Reputation: 129

invisible recaptcha "We detected that your site is not verifying reCAPTCHA solutions"

I'm implementing the invisible recaptcha on rhe login page on my website, following the official guide about how to "Automatically bind the challenge to a button": https://developers.google.com/recaptcha/docs/invisible#auto_render

My html page is made in this way:

    <head>
[...]
        <script src="js/login.js"></script>
        <script src="https://www.google.com/recaptcha/api.js" async defer></script>
    </head>
    <body>
[...]
            <button type="submit" class="g-recaptcha btn btn-primary" data-sitekey="[...]" data-callback="checkCaptcha" id="loginSubmit">Login <i class="fas fa-sign-in-alt"></i></button>
[...]
    </body>
    </html>

while the javascript file is:

    function checkCaptcha(token) {
        console.log("re-captcha callback invoked.");
        login();
    }


    function login() {
[...]
}

But on the panel page of Google I keep having the message "We detected that your site is not verifying reCAPTCHA solutions. This is required for the proper use of reCAPTCHA on your site. Please see our developer site for more information."

Could some one help me to understand what a I wrong?

Thank you so much in advice.

Upvotes: 1

Views: 4217

Answers (1)

Roshana Pitigala
Roshana Pitigala

Reputation: 8806

When the user solves the captcha puzzle(or clicks on the submit button) at your html page Google recaptcha adds another hidden input value to your <form> named g-recaptcha-response or parse to the given data-callback function. It contains a string value, which you should send back to Google in order to verify the response from the server side.

Without the server-side verification part recaptcha is useless. API request details are as follow,

URL: https://www.google.com/recaptcha/api/siteverify
METHOD: GET / POST(Recommended)

PARAMETERS:

  • secret (Required. The shared key between your site and reCAPTCHA.)
  • response (Required. The user response token provided by reCAPTCHA, verifying the user on your site.)
  • remoteip (Optional. The user's IP address.)

Read the Google's documentation on Verifying the user's response to know more.

Upvotes: 3

Related Questions