ReCaptcha Login Configuration Instructions
This document outlines the steps to configure ReCaptcha for the login process using the app settings and captcha files. Follow these instructions to properly set up and customize the ReCaptcha functionality for your local environment.
1. Obtain ReCaptcha Keys
- Visit the Google ReCaptcha admin console: [https://www.google.com/recaptcha/admin/]
- Register your site and obtain the Site Key and Secret Key
- Ensure to create the "I'm not a robot" Checkbox, the invisible recaptcha is not required for login.
2. Configure captcha.json
Open your captcha.json file and add the following section (invisible Recaptcha- and v2Recaptcha- must be 2 different captcha sites, let's focus on v2RecaptchaSiteKey and v2RecaptchaSecret only):
{
"captcha": {
"invisibleRecaptchaSiteKey": "{invisibleRecaptchaSiteKey}",
"invisibleRecaptchaSecret": "{invisibleRecaptchaSecret}",
"v2RecaptchaSiteKey": "{v2RecaptchaSiteKey}",
"v2RecaptchaSecret": "{v2RecaptchaSecret}"
}
}
3. Configure appsettings.json
In your API appsettings.json file, in securitySettings section modify the allowAdminLoginCaptcha and/or allowTakeSurveyLoginCaptcha prop:
{
"securitySettings": {
...
"allowAdminLoginCaptcha": true,
"allowTakeSurveyLoginCaptcha": true
},
}
The captcha for login can be activated independently for both admins and take survey apps. Each can be turned on or off separately.
So far, this config is enough for any server implementation
Note: Remember to keep your Secret Key confidential and never expose it in client-side code or public repositories.
4. Configure invisible captcha
In your API appsettings.json file, in securitySettings section modify the isInvisibleCaptcha prop:
{
"securitySettings": {
...
"isInvisibleCaptcha": true
},
}
0 Comments