How to implement reCaptcha V3 in ASP.NET

by

The simplest implementation:

  1. In your cshtml file (at the top)

    @section Scripts
{
    <script src="https://www.google.com/recaptcha/api.js?render=your site key"></script>
    <script>
        grecaptcha.ready(function () {
            grecaptcha.execute('your site key', { action: 'homepage' }).then(function (token) {
                document.getElementById("foo").value = token;
            });
        });
    </script>
}

  2. In your cshtml, inside the form (just before </form>):

    <input type="hidden" id="foo" name="foo" />

  3. A function inside your Pagemodel class. See the documentation for the response object:

    public static bool ReCaptchaPassed(string gRecaptchaResponse)
{
    HttpClient httpClient = new HttpClient();

    var res = httpClient.GetAsync($"https://www.google.com/recaptcha/api/siteverify?secret=your secret key no quotes&response={gRecaptchaResponse}").Result;

    if (res.StatusCode != HttpStatusCode.OK) 
    {
        return false;
    }
    string JSONres = res.Content.ReadAsStringAsync().Result;
    dynamic JSONdata = JObject.Parse(JSONres);

    if (JSONdata.success != "true" || JSONdata.score <= 0.5m)
    {
        return false;
    }

    return true;
}

  1. Finally, inside your OnPostAsync() handler, at the top:

    if (!ModelState.IsValid) 
{
    return Page();
}
else
{
    if (!ReCaptchaPassed(Request.Form["foo"]))
    {
        ModelState.AddModelError(string.Empty, "You failed the CAPTCHA.");
        return Page();
    }
}

More Related Contents:

  1. Building a menu similar to stackoverflow [closed]
  2. Routing to a fixed URL in ASP.NET MVC
  3. A potentially dangerous Request.Form value was detected from the client
  4. ASP.NET MVC – Set custom IIdentity or IPrincipal
  5. Store pictures as files or in the database like MSSQL for a web app?
  6. How do I get the current location of an iframe?
  7. Can I access session state from an HTTPModule?
  8. How can I implement Ninject or DI on asp.net Web Forms?
  9. How to retrieve form values from HTTPPOST, dictionary or?
  10. Why order matters in this RegEx with alternation?
  11. How and where to call Database.EnsureCreated and Database.Migrate?
  12. Get Image dimensions using Javascript during file upload
  13. IIS URL Rewriting vs URL Routing
  14. Is there a way to force ASP.NET Web API to return plain text?
  15. HTTPS with Visual Studio’s built-in ASP.NET Development Server
  16. Unmanaged DLLs fail to load on ASP.NET server
  17. Mailbox unavailable. The server response was: 5.7.1 Unable to relay for [email protected] [closed]
  18. Preventing CSRF with the same-site cookie attribute
  19. How to warm up an ASP.NET MVC application on IIS 7.5?
  20. How to return raw string with ApiController?
  21. Can SignalR be used with asp.net WebForms?
  22. Stopping onclick from firing when onclientclick is false?
  23. Profiling ASP.NET websites with EQATEC Profiler
  24. ASP.NET MVC ViewModel Pattern
  25. How to POST a FORM from HTML to ASPX page
  26. OutOfMemoryException when send big file 500MB using FileStream ASPNET
  27. Web authentication state – Session vs Cookie?
  28. I am getting a blank page while deploying MVC application on IIS
  29. Different users get the same cookie – value in .ASPXANONYMOUS
  30. URL encoded colon resolves in 400 Bad Request

Leave a Comment