Hello,
I try to verify recaptcha before register but i can’t override users-permissions,
Thanks for any suggestions !
Maybe you can extend users-permissions like this: https://smoothdvd.medium.com/add-a-customize-users-permissions-provider-for-strapi-v4-6aa78c642977
1 Like
Thank you !
I find an easy way to verify captcha:
src/extensions/users-permissions/strapi-server.js
const axios = require("axios");
module.exports = (plugin) => {
const register = plugin.controllers.auth.register;
plugin.controllers.auth.register = async (ctx) => {
ctx.request.body.confirmed = false;
const token = ctx.request.body.token;
const gres = await axios.post(
`https://www.google.com/recaptcha/api/siteverify?secret=${process.env.GOOGLE_SITEKEY}&response=${token}`
);
console.log(gres.data);
if (!gres.data.success) {
return ctx.badRequest(
null,
formatError({
id: "Auth.form.error.token.provide",
message: "Please provide a valid token.",
})
);
}
await register(ctx);
};
return plugin;
};
1 Like
Great work!
1 Like
Thanks so much, I was breaking my head over this!
One detail, it’s obviously the secret you have to pass in to the url , not the sitekey as you have it