This episode is for members only
Sign up to access "reCAPTCHA with Laravel" right now.
Get started
Already a member? Sign in to continue
Playing
06. Throwing exceptions on reCAPTCHA failure
01. Introduction and demo
3m 5s
0%
02. Alpine.js basics
4m 55s
0%
03. Getting the reCAPTCHA token
9m 10s
0%
04. Submitting the token to the server
4m 49s
0%
05. Verifying the token with middleware
7m 48s
0%
06. Throwing exceptions on reCAPTCHA failure
5m 45s
0%
07. Refactoring to a Blade directive
9m 50s
0%
08. Passing reCAPTCHA options
4m 5s
0%
Transcript
00:00
OK, so let's work on these two failures, and really importantly, how we're going to handle them.
00:06
Now, the failure just here, whether this was successful or not, is not as important as the score, because this is more user facing. But if something does go wrong, we kind of
00:16
want to ask the user to try again. It could be that the Google API is having some sort of issue. So we want to handle both, really, and also show a message for both as well.
00:25
So what we're going to do inside of here is throw an exception, and then we're going to handle that in some way by redirecting the user back with a flash message to show over on the login form.
00:35
So let's go over here back to our login form, and let's figure this out. Now, luckily for us, over in the login form, we already have our session status just here.
00:47
Now, this will take anything that we flash to the session with the key of status, and it will put it into this component just here. This is just a blade component.
00:56
So if we open up that session status component, all this does is it checks if this exists, and it shows a message styled up with the status. Now, you might have something different in your own app,
01:07
so you might want to build your own. But if you are following along a simple if statement here to check this session value, we'll be good. So we're going to use this, and we're
01:16
going to use this status for the login page to handle this. So let's go ahead and throw an exception here. We can go ahead and make these on the command line. So let's go ahead and make an exception out.
01:27
And I already have this in here autocompleted, but we're going to create our request or recapture request failed. And let's put this in there properly,
01:38
and it's already there for me. So recapture request failed. This is the exception for if that request failed. And then we're going to have a recapture verification
01:48
failed for whether it doesn't meet the threshold. So let's start with the request failed, and we'll try and trigger this. So we're just going to throw a new recapture request failed,
02:01
and that's pretty much it. We're going to handle the redirection within the exception, or you can add this to your error handling.
02:08
But I'm going to show you a neat way that we can do this directly within our exception. OK, so let's go over and just try this out. But we need to kind of trigger this.
02:18
So what I'm going to do is just let's just comment this out and add in an incorrect key that should trigger that. So let's go and enter my details, and yeah, perfect. So we've got a recapture request failed exception being thrown.
02:36
Now we can choose what to do inside of there. So let's open this up, recapture request failed. Now inside of an exception within Laravel, what we can do is use a render method, which determines how
02:50
we render this exception out. And Laravel, as long as this method exists, we'll go ahead and do whatever you want inside of here. So if I die dump and say failed, and we try this again,
03:03
you can see it just die dumps failed. So the code inside of here is being run. So inside of here, what we can do is just about get away with redirecting the user directly
03:12
within here. I find this a bit neater because it means that we don't have to add this in our exception handler and write a bunch of additional code.
03:20
So in here, we're going to go ahead and redirect back to the last page. And with this, we can flash a message. So we can use the with method to flash the status.
03:29
And we'll just say, something went wrong. Please try again. And of course, come up with a better message if you want to. So when this exception gets thrown,
03:40
the render method will be called. We will be redirected back with that status, which we know gets picked up on the login page. Let's try it out.
03:49
So I'm going to go ahead and just refresh this, just so I don't have to put all those details in. And there we go. Something went wrong.
03:54
Please try again. So the user can try again. Or you can fix up the issue if it was your fault. OK, so let's go over to our middleware.
04:05
And let's get that secret back in there so we can deal with this one. It's pretty much going to be the same way that we've done this before.
04:13
So throw, new, recapture, verification failed. And if we head over to this, let's again go ahead and add in the render method, return, and redirect the user back
04:28
to where they just came from. Back is really important here, because of course, we don't want to redirect to a specific page because we can apply this middleware
04:35
functionality to any form. So we have to go back rather than to a specific route. And again, we're going to say with status. And let's just say recapture failed.
04:47
Try again, or something along those lines. Great. All right, so let's go over and try and fail this. We'll need to adjust the threshold for this.
04:57
So let's bump this up to 1. Of course, this will be configurable a little bit later. But let's see if this works.
05:04
And we're pretty much ready to go. Perfect. So the recapture failed. Try again.
05:08
The user knows this, because this is the more user-facing one. So at least they know why the login failed. OK, great.
05:14
I'm going to bump this threshold back down to 0.8. And of course, we'll just go ahead and try and log in one more time. And we are in.
05:23
So we've got a little bit further in the fact that we're actually showing the error message to the user now, rather than just dying and dumping, which is never a good idea in production.
05:32
And we can move on to look at creating that really nice snippet over in our login page. So we don't have to do this on every single form that we want this on.
8 episodes• 49 mins•1 year ago
Overview
Adding Google reCAPTCHA to a Laravel form isn’t too much trouble, but what happens when we want to re-use it for other forms?
This course focuses on setting up reCAPTCHA using Alpine.js to fetch the token, and then middleware to verify the token based on a threshold in our config. We’ll add a Blade directive too, so we’re able to easily use reCAPTCHA for any forms in our Laravel apps — just by adding a couple of lines of code.
Alex Garrett-Smith
Hey, I'm the founder of Codecourse!
Episode discussion
No comments, yet. Be the first!