How to know if reCAPTCHA v3 works or not?

Question

My front end use vuetify like this :

   validate: async function () {
    let tokenCaptcha
    await this.$recaptcha('login').then((token) => {
      tokenCaptcha = token
    })

    if (this.$refs.form.validate() && tokenCaptcha) {
        let params = {
          birthDate: this.birthday,
          emailAddress: this.email,
          name: this.fullname,
          phoneNumber: this.phone,
          recaptcha: tokenCaptcha
        }
        this.modalSummary = true
        await this.setSummary(params) // Async vuex store / post to api backend
        if (this.dataSummary) {
          this.success = true
        } else {
          this.success = false
        }
    }
  }

Reference : https://www.npmjs.com/package/vue-recaptcha-v3

My backend/server side using express js(node js) like this :

app.post('/summary', function (req, res) {
    if (req.body.recaptcha === undefined || req.body.recaptcha === '' || req.body.recaptcha === null) {
        res.send({success: false, msg: 'Please select captcha first'});
        return;
    }
    const secretKey = 'xxxxxx';
    const verificationURL = `https://www.google.com/recaptcha/api/siteverify?secret=${secretKey}&response=${req.body.recaptcha}&remoteip=${req.connection.remoteAddress}`;
    https.get(verificationURL, (resG) => {
        let rawData = '';
        resG.on('data', (chunk) => { rawData += chunk })
        resG.on('end', function() {
            try {
                var parsedData = JSON.parse(rawData);
                if (parsedData.success === true) {
                    let data = { 
                        date_of_birth: req.body.birthDate,
                        email_address: req.body.emailAddress,
                        full_name: req.body.name,
                        phone_number: req.body.phoneNumber,
                    }
                    let sql = "INSERT INTO summary SET ?";
                    let query = conn.query(sql, data,(err, results) => {
                        if(err) throw err;
                        res.send({success: "OK", message: 'Success', data: data});
                    });
                } else {
                    res.send({success: false, msg: 'Failed captcha verification'});
                    return;
                }
            } catch (e) {
                res.send({success: false, msg: 'Failed captcha verification from Google'});
                return;
            }
        });
    });
});

The code is works. But how to know if reCAPTCHA v3 works or not?

Because version 3 captcha doesn't appear. I just want to make sure whether my code flow is correct or not. Besides that I want to check the captcha to appear if it is a robot

score 4 · Accepted Answer · answered Nov 17 '19 at 13:12

On the user interface (bottom right) you should have this:

In the back-end: get the result of the recaptcha's response. Like:

console.info(parsedData)

Must look like:

{
  "success": true|false,      // whether this request was a valid reCAPTCHA token for your site
  "score": number             // the score for this request (0.0 - 1.0)
  "action": string            // the action name for this request (important to verify)
  "challenge_ts": timestamp,  // timestamp of the challenge load (ISO format yyyy-MM-dd'T'HH:mm:ssZZ)
  "hostname": string,         // the hostname of the site where the reCAPTCHA was solved
  "error-codes": [...]        // optional
}

^ https://developers.google.com/recaptcha/docs/v3#site_verify_response

Comments are not for extended discussion; this conversation has been [moved to chat](https://chat.stackoverflow.com/rooms/202524/discussion-on-answer-by-crbast-how-to-know-if-recaptcha-v3-works-or-not). — Samuel Liew, Nov 17 '19 at 20:27

score 2 · Answer 2 · answered May 06 '21 at 00:58

2

On the Webpage(bottom right) you should have Google Captcha icon like below :
You can verify the no of hits and scores distribution in the admin page (https://www.google.com/recaptcha/about/)

answered May 06 '21 at 00:58

Vali7394

441
5
10

score 0 · Answer 3 · answered Jun 16 '20 at 11:07

You can also log your token into the console. Each time you send a form the different token is generated -this way you know that captcha v3 works.

Just put: console.log(token);

Yuu should get in the console this type of unigue string: enter image description here

score 0 · Answer 4 · answered Aug 16 '23 at 11:47

Solutions to check tokens on a server site are correct, however, expecting the Recaptcha logo to be visible on a site may be misleading. Actually, it can be hidden. https://developers.google.com/recaptcha/docs/invisible

So the best solution it works is in my opinion to verify it in the recaptcha admin section: https://www.google.com/recaptcha/admin

How to know if reCAPTCHA v3 works or not?

4 Answers4

Linked