Skip to content

grantholle/laravel-altcha

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits

.github

.github

 
 

config

config

 
 

src

src

 
 

tests

tests

 
 

workbench/app/Providers

workbench/app/Providers

 
 

.editorconfig

.editorconfig

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

CHANGELOG.md

CHANGELOG.md

 
 

LICENSE.md

LICENSE.md

 
 

README.md

README.md

 
 

composer.json

composer.json

 
 

phpunit.xml.dist

phpunit.xml.dist

 
 

Repository files navigation

Laravel Altcha

Latest Version on Packagist GitHub Tests Action Status GitHub Code Style Action Status Total Downloads

This is a Laravel implementation for the server-side of Altcha, a proof-of-work captcha that does not require any third-party service.

Installation

You can install the package via composer:

composer require grantholle/laravel-altcha

Optionally, publish the config file with:

php artisan vendor:publish --tag="laravel-altcha-config"

Usage

In .env (or published config file), set the following variables:

# Required, sort of like a password
ALTCHA_HMAC_KEY=
# Optional, defaults to SHA-256. Can be SHA-384 or SHA-512
# ALTCHA_ALGORITHM="SHA-256"

Out of the box, the package registers a /altcha-challenge endpoint to use you on your frontend.

Frontend

Following the frontend integration, use the following snippet to get a challenge:

<altcha-widget challengeurl="/altcha-challenge"></altcha-widget>

Implementation will be different given your frontend, but here's an example Vue component to use:

<template>
  <altcha-widget challengeurl="/altcha-challenge" @statechange="stateChanged"></altcha-widget>
</template>

<script setup>
import 'altcha'

const emit = defineEmits(['update:modelValue'])
const stateChanged = ev => {
  if (ev.detail.state === 'verified') {
    emit('update:modelValue', ev.detail.payload)
  }
}
</script>

In an Inertja.js form, you could use this component like so:

<template>
  <form @submit.prevent="form.post('/login')">
    <label for="email">Email</label>
    <input type="email" name="email" v-model="form.email">
    
    <label for="password">Password</label>
    <input type="password" name="password" v-model="form.password">
    
    <Altcha v-model="form.token" />
    
    <button type="submit">Submit</button>
  </form>
</template>

<script setup>
import { useForm } from '@inertiajs/inertia-vue3'
// This is the component we made above
import Altcha from '@/components/forms/Altcha.vue'

const form = useForm({
  email: null,
  password: null,
  token: null,
})
</script>

Backend validation

To validate the frontend-generated token/payload, there's a ValidAltchaToken rule you can use, assuming the token is passed as token in the request:

use Grantholle\LaravelAltcha\Rules\ValidAltchaToken;

$request->validate([
    'email' => ['required', 'email'],
    'password' => ['required'],
    'token' => [new ValidAltcha()],
]);

Testing

composer test

Changelog

Please see CHANGELOG for more information on what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security Vulnerabilities

Please review our security policy on how to report security vulnerabilities.

Credits

License

The MIT License (MIT). Please see License File for more information.

About

An Altcha integration for Laravel.

Resources

Readme

License

MIT license
Activity

Stars

5 stars

Watchers

3 watching

Forks

2 forks
Report repository

Releases

2 tags

Sponsor this project

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages