承接 matt/sycaptcha 相关项目开发

从需求分析到上线部署,全程专人跟进,保证项目质量与交付效率

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

matt/sycaptcha

Composer 安装命令:

composer require matt/sycaptcha

包简介

Bundle for form protection using captcha, includes reCaptcha and hCaptcha

README 文档

README

SyCaptchaBundle is a form protection bundle made for Symfony, including a set of CAPTCHA challenges that should stop any malicious requests from submitting your forms.

Supported CAPTCHAs

There are three types of supported CAPTCHAs as of now

  1. reCaptcha V2 - By Google
  2. reCaptcha V3 - By Google
  3. hCaptcha - By Intuition Machines

Invisible reCaptcha V2 isn't supported, due to the fact that it's 'lower' end version of reCaptcha V3

Installation

With composer require

composer require matt/sycaptcha

Configuration without symfony/flex

You can configure all the needed files manually when not having an option to install/upgrade to symfony/flex

1. Register the bundle

Register bundle into config/bundles.php Symfony 4/5

return [
    Matt\SyCaptchaBundle\SyCaptchaBundle::class => ['all' => true],
];

Register bundle into app/AppKernel.php Symfony 3 and below

public function registerBundles()
{
    return [
        new Matt\SyCaptchaBundle\SyCaptchaBundle(),
    ];
}

2. Add configuration files

config/packages/sy_captcha.yaml (or app/config/config.yml if using Symfony 3 or below)

sy_captcha:  
  recaptcha_v2:  
    site_key: 'site_key'  
    secret_key: 'secret_key'  

Usage

Let's finally get to the part about how you can integrate those CAPTCHAS into your forms.

1. Create form and add the CAPTCHA protection

You can add all three CAPTCHAS into the form at the same time (yes, it's overkill), however, they all need to be configured properly

<?php  

use Matt\SyCaptchaBundle\Form\Type\SyCaptchaHCaptchaType;  

class FormType extends AbstractType  
{  
  public function buildForm(FormBuilderInterface $builder, array $options): void  
  {  
	  $builder->add('captcha', SyCaptchaHCaptchaType::class);
  }  
}

2. Configure the CAPTCHA if needed

There are series of parameters that can be used to configure the CAPTCHA and it's scripts. Most of them are being set via configuration file (more in whole configuration section) but few of them are being declared via form options. Those are

  1. action_name - Sets the action name (reCaptcha V3 Only)
  2. theme - Sets the CAPTCHA theme to either light / dark (reCaptcha V2 and hCaptcha Only)
  3. script_nonce_csp - Sets the nonce of all scripts injected via CAPTCHA widget

Full config explanation

The whole config looks like this now

sy_captcha:  
  enabled: true  
  recaptcha_v2:  
    site_key: null  
    secret_key: null  
    api_host: 'www.google.com'  
  recaptcha_v3:  
    site_key: null  
    secret_key: null  
    api_host: 'www.google.com'  
    score_threshold: 0.5  
  hcaptcha:  
    site_key: null  
    secret_key: null  
    api_host: 'js.hcaptcha.com'  
    invisible: false

As you can see there are few configurable options, and their default values. Let's break the script a little, please note that some options are only available for hCaptcha, some for reCaptcha only and so forth.

  • enabled - Defines whether the CAPTCHA verification is, or is not enabled can be used to (for example) disable whole page verification on DEV
  • site_key - This is the value you receive via your reCaptcha or hCaptcha dashboard, it represents the public key of your site
  • secret_key - This is the value you receive via your reCaptcha or hCaptcha dashboard, it represents the secret key of your website, that's used to check the response
  • score_threshold - reCaptcha V3 sends users score via the response as well, setting score_threshold to lower than 0.5 will make it even harder for bots (but for people as well) to pass this CAPTCHA
  • api_host - Can be used to enable CAPTCHAs worldwide, you can not access www.google.com in China, thus their CAPTCHA would not work there as well, that's why you'd need to set it to www.recaptcha.net

Including .ENV values into config

This is just a little tip, but you can include .ENV values in your Symfony config. All you need to do is to reference it via %env(VARIABLE)% tag in your config.

sy_captcha:
    enabled: '%env(SYCAPTCHA_ENABLED)%'

TODO

A little list of plans for the future

  • Cloudflare IP resolution, (implementing resolved interface)
  • Translations
  • Custom styles (meaning .css styles)

matt/sycaptcha 适用场景与选型建议

matt/sycaptcha 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 10 次下载、GitHub Stars 达 0, 最近一次更新时间为 2021 年 10 月 28 日, 在 PHP 生态内属于活跃度较高的组件。

我们在过去多个企业项目中使用过 matt/sycaptcha 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 matt/sycaptcha 我们能提供哪些服务?
定制开发 / 二次开发

基于 matt/sycaptcha 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 10
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 1
  • 点击次数: 7
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 1
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2021-10-28