Google ReCaptcha Configuration

[dfirence]

Hello Team

Does anyone have a solid tutorial to implement Google ReCaptcha v2 for :

1. Login Form
2. Registration Form

I would like secure Bookstack a bit more

[samtuke]

This, or some other spam prevention system like it, is critical for installations which are publicly accessible. We are getting tens of spam sign ups per week, which take a lot of management time to check and remove. Thanks.

[ssddanbrown]

I still need to decide if this is something I'd support in core or if I'd prefer to just provide extensibility for, But if you're urgent for something I've pushed a crude example implementation at this commit:
c49454d (Patch)

Tested with reCaptcha v2.
Is taken from the current stable codebase so patch could be applied to a release BookStack instance, You just need to change the two keys (Shown surrounded by %%, Replace % signs also).

[samtuke]

Thanks!

[tcatlas]

I'd also like this functionality.

[10935336]

I also need this feature, and recently my instance has received a lot of spam registrations.
In addition, if reCAPTCHA is added, please replace www.google.com with www.recaptcha.net to improve accessibility in certain regions, such as China, which is officially provided by Google: https://developers.google.com/recaptcha/docs/faq#can-i-use-recaptcha-globally

[nderambure]

I'm also interested in this functionnality, tons of spams every day, we have closed the sign up for now.

[JaggedJax]

This would be nice as an optional on/off for those who want it. Another place it would be optionally helpful is when allowing guest comments.

[Jack-Vaughn]

Late to the party, but for anyone else who gets here by Googling the issue, this Laravel package allowed for CloudFlare Turnstile to tie into the login page pretty easily. Just had to add CloudFlare to the Content Security Policy as well.

https://github.com/romanzipp/Laravel-Turnstile

[hregis]

I opened the registration and in 2 days I had dozens of fake accounts, can you add a captcha system or others, it's essential these days! thanks !

[hregis]

the first request is in 2018 ! today... 2024 !

[hregis]

working on features is good, but security is just as important!
I'm also a developer, on the Dolibarr project and if we don't look at security it's hell!
And another note, please add a mass deletion of users, because deleting fake accounts means opening each account to delete them, and it takes a long time! ;-)
I thank you for your work!
good job and have a good day...