从服务器到siteverify谷歌nocaptchapost说细节丢失
[ { hostname: 'www.google.com', path: '/recaptcha/api/siteverify', method: 'POST', headers: { 'Content-Type': 'application/json', 'Content-Length': 556 } }, '{"secret":"XXXUseThisForCommunicationBetweenYourSiteAndGoogleXXX","response":"03AHJ_VuusXdr5IdGpNzQPRjedGs-Le066Fx9r-Lk1gIfLqlzwxapPx70_LukmcOsw3x-m2DSfpvQVylx060H9IjFP82fy7505_t_rjSivauiwBUyQPrBMp5kTRviq_DD1L2mVMTTrBieUMlQM69AIuG3KwmdOQMyMJS2iJdRuRNnvAmDlPSejkASR4X-7c4IIP3NoMb52Qsl9QPeU6kGaPtxqmf1IpNwbSC3bzLXQD-QV1aI4GgaeqSPfOO8EPfISJMQ5kbCd9wqAwHqDAXMtNSvz10Ty30R71HqmsSk7YHddFQhei1L6y9j7nxnY5QtAxHehhpYwJVNjI96hxeIaG58_CQHGbAufy4aPGAlf-zJ6be_Xtdzd4AnHxiX9OuCKQI8eQlh6DZLGaymxXDmPNu4TijGyyu0VeTPTTKf12zVUg86_0ZmszWZDtALjnNnxBH7bZqrgWXhy","remoteip":"00.00.000.000"}' ] 如果我张贴,谷歌返回这个:
{ success: false, 'error-codes': [ 'missing-input-response', 'missing-input-secret'] }
我不明白发生了什么错
https://www.google.com/recaptcha/admin#site/XXXXXX?setup说:
当你的用户提交你整合了reCAPTCHA的表单时,你将得到一个名为“g-recaptcha-response”的string的一部分。 为了检查Google是否validation了该用户,请使用以下参数发送POST请求:URL: https : //www.google.com/recaptcha/api/siteverify 机密 (必填) – XXXXXX, 回复 (必填) – 值'g-recaptcha-response', remoteip – 最终用户的IP地址。
我已经明确地发送了所有这些东西! 这里会发生什么? 错误并不是说他们错了,而是说他们“失踪”
而从谷歌以上引用的文字清楚地说,POST不GET GET reCAPTCHA:如何获得用户响应和validation在服务器端
但是如果我尝试GET请求,那么响应是[ null, 400, undefined ]
UPDATE
正如@mscdex指出的应用程序/ x-www-form-urlencoded是必需的,但答复仍然表示,它是失踪的秘密,所以我的url编码,而不是我认为可能发生的东西不好的项目在对象的开始。
{'_':'_','secret':'XXXXXX','response':'whateverXXYsgTSG','remoteip':'00.00.000.000'}
最后它工作:
[ { hostname: 'www.google.com', path: '/recaptcha/api/siteverify?', method: 'POST', headers: { 'Content-Type': 'application/x-www-form-urlencoded', 'Content-Length': 548 } }, '"_=_&secret=XXXXXX&response=03AHJ_VuurQFgsftybLlvrdGOwXfNneWp4v7FPJJbOD9CGpiHAkFBaiNy7YWXcHrAkU6SPU5UZpgKCptU3gRX5OPqXEh2qqP3nXJpiBWoxFW_Iv05P2UA23rzzZk0ecScmMSL1PP1uyBCdJ08HpAWEuz2PzL6m6u71k09xQbVbPZ5KT6qnb-mdPNyEkdBxtc9a5oYpnOoHg7ax6q4Ms4Lis4qrNBLCavKmYZ6vAmYitSEI0a0GERnlI3wLSvayhc-Yygv1koKIjg2q8GHXV1UhKLzBa8t8x2ibRBNwXUMBFs3Qj_lfwgiTNtIaU3kEAFPULJulZDOsAcovKpjk5xkyMM2C5YDGYMioeyOMl9ZmyyvkwfrrRe8e9o_tD6SaTTSAcrcxsfYGm-w0_CDbsa2IWSkjiMN-2B9SClOZJGXXVXVIuIYClIK3XuUvTsObCzxJAq2IKwwMTtYX&remoteip=00.00.000.000"' ] [ { success: true }, 200, undefined ]
但是,我想正确地做到这一点不hacky因此,如果任何人都可以回答如何做到这一点,将会是膨胀!
var JSON={ https:require('https') , toquery:require('../node_modules/querystring').stringify , stringify:require('../node_modules/json-stringify-safe') , parse:require('../node_modules/try-json-parse') , get:function(url,callback){process.env.NODE_TLS_REJECT_UNAUTHORIZED="0";var req=JSON.https.request(url,function(res){var buffer='';res.setEncoding('utf8');res.on('data',function(chunk){buffer+=chunk;});res.on('end',function(){try{var data=JSON.parse(buffer);callback(data,res.statusCode);}catch(e){console.log(e);}});});req.end();} , post:function(url,path,data,type,callback){if(!callback){callback=type;type=undefined;}data=JSON.stringify(data);var options={hostname:url,path:path,method:'POST',headers:{'Content-Type':type||'application/json','Content-Length':data.length}};console.dir([options,data]);var req=JSON.https.request(options,function(res){var buffer='';res.setEncoding('utf8');res.on('data',function(chunk){buffer+=chunk;});res.on('end',function(){try{var data=JSON.parse(buffer);callback(data,res.statusCode);}catch(e){console.log(e);}});});req.write(data);req.end();} }; JSON.post( 'www.google.com' , '/recaptcha/api/siteverify?' , JSON.toquery({'_':'_','secret':'XXXX','response':response,'remoteip':remoteip}) , 'application/x-www-form-urlencoded' , function(data,result,statusCode){ console.dir([data,result,statusCode]); if(result.success){} else{} });
下面是我在使用superagent的项目中的一个项目。 这是我的recaptcha-helper.js
var request = require("superagent"); var config = { recaptcha: { secret: "XXXXX", url: "https://www.google.com/recaptcha/api/siteverify", }, }; var ERROR_CODES = { "missing-input-secret": "Unexpected Server Error (1)", "invalid-input-secret": "Unexpected Server Error (2)", "missing-input-response": "Missing reCAPTCHA value", "invalid-input-response": "Invalid reCATPCHA value", }; exports.getErrorCode = function (errorCode) { if (Array.isArray(errorCode)) { var errors = errorCode.map(function (code) { return exports.getErrorCode(code); }); return errors.join("\n"); } return ERROR_CODES[errorCode] || (errorCode ? ("Unexpected reCAPTCHA error: " + errorCode) : "Unexpected reCAPTCHA error"); }; exports.parseResponse = function (err, res) { if (err) { return { success: false, error: err }; } else if (!res.body.success) { var error = new Error(exports.getErrorCode(res.body["error-codes"])); return { success: false, error: error }; } else { return { success: true }; } }; exports.verify = function (response, ip) { if (process.env.NODE_ENV === "test") { return response ? Promise.resolve() : Promise.reject(new Error("Test reCAPTCHA Error")); } return new Promise (function (resolve, reject) { request.post(config.recaptcha.url) .type("form") .accept("json") .send({ secret: config.recaptcha.secret, response: response, remoteip: ip, }) .end(function (err, res) { var parsedRes = exports.parseResponse(err, res); return parsedRes.success ? resolve() : reject(parsedRes.error); }); }); };
你可以用它做
var captchaHelper = require('./recaptcha-helper'); captchaHelper.verify(req.body.captcha, req.ip) .then(function () { // on success }).catch(function (err { // on error });