Merge pull request #13 from DarkGhostHunter/master

Fixed exception on group of routes
DarkGhostHunter · Nov 25, 2019 · 246c761 · 246c761
2 parents 90eceb4 + 6e415ad
commit 246c761
Show file tree

Hide file tree

Showing 3 changed files with 31 additions and 36 deletions.
diff --git a/README.md b/README.md
@@ -42,9 +42,9 @@ Just add the `data-recaptcha="true"` attribute to the forms where you want to ha
 </form>
 ``` 
 
-The Google reCAPTCHA script from Google will be automatically injected on all responses for better analytics.
+The Google reCAPTCHA script from Google will be automatically injected on all responses for better analytics. 
 
-> Check the `manual` mode if you want control on how to deal with the frontend reCAPTCHA script. 
+> Alternatively, you may want to use the [`manual` mode](#manual) if you want control on how to deal with the frontend reCAPTCHA script. 
 
 ### Backend
 
@@ -413,6 +413,16 @@ This blade views requires the Google reCAPTCHA v3 script, and detects the forms
 
 There you can edit how the script is downloaded from Google, and how it checks for forms to link with the backend.
 
+### AJAX Requests
+
+Depending of your application, AJAX Requests won't include the reCAPTCHA token. This may be for various reasons:
+
+* Using virtual DOM frameworks like Vue and React.
+* Creating a form after the page loaded with JavaScript.
+* An AJAX Requests being done entirely in JavaScript.
+
+In any of these scenarios, you may want disable the injection script and [use the reCAPATCHA v3 scripts directly](https://developers.google.com/recaptcha/docs/v3).
+
 ## License
 
-The MIT License (MIT). Please see [License File](LICENSE.md) for more information.
+The MIT License (MIT). Please see [License File](LICENSE.md) for more information.
diff --git a/src/Http/Middleware/CheckRecaptcha.php b/src/Http/Middleware/CheckRecaptcha.php
@@ -3,14 +3,13 @@
 namespace DarkGhostHunter\Captchavel\Http\Middleware;
 
 use Closure;
-use DarkGhostHunter\Captchavel\Exceptions\FailedRecaptchaException;
-use DarkGhostHunter\Captchavel\Exceptions\InvalidCaptchavelMiddlewareMethod;
-use DarkGhostHunter\Captchavel\Exceptions\InvalidRecaptchaException;
+use Illuminate\Http\Request;
 use DarkGhostHunter\Captchavel\ReCaptcha;
+use ReCaptcha\ReCaptcha as ReCaptchaFactory;
 use Illuminate\Contracts\Config\Repository as Config;
 use Illuminate\Contracts\Validation\Factory as Validator;
-use Illuminate\Http\Request;
-use ReCaptcha\ReCaptcha as ReCaptchaFactory;
+use DarkGhostHunter\Captchavel\Exceptions\FailedRecaptchaException;
+use DarkGhostHunter\Captchavel\Exceptions\InvalidRecaptchaException;
 
 class CheckRecaptcha
 {
@@ -72,25 +71,14 @@ public function __construct(Validator $validator,
      */
     public function handle($request, Closure $next, float $threshold = null)
     {
-        $this->isPostMethod($request);
-        $this->hasValidRequest($request);
-        $this->hasValidReCaptcha($request, $threshold ?? $this->config['threshold']);
+        if ($request->getRealMethod() === 'POST') {
+            $this->hasValidRequest($request);
+            $this->hasValidReCaptcha($request, $threshold ?? $this->config['threshold']);
+        }
 
         return $next($request);
     }
 
-    /**
-     * Detect if the Request is a "write" method
-     *
-     * @param  \Illuminate\Http\Request  $request
-     * @return bool
-     * @throws \Throwable
-     */
-    protected function isPostMethod(Request $request)
-    {
-        return throw_unless($request->getRealMethod() === 'POST', InvalidCaptchavelMiddlewareMethod::class);
-    }
-
     /**
      * Return if the Request has a valid reCAPTCHA token
      *
@@ -148,4 +136,4 @@ protected function sanitizeAction(string $action)
     {
         return preg_replace('/[^A-z\/\_]/s', '', $action);
     }
-}
+}
diff --git a/tests/Middleware/CheckRecaptchaTest.php b/tests/Middleware/CheckRecaptchaTest.php
@@ -2,17 +2,16 @@
 
 namespace DarkGhostHunter\Captchavel\Tests;
 
-use DarkGhostHunter\Captchavel\Exceptions\FailedRecaptchaException;
-use DarkGhostHunter\Captchavel\Exceptions\InvalidCaptchavelMiddlewareMethod;
-use DarkGhostHunter\Captchavel\Exceptions\InvalidRecaptchaException;
-use DarkGhostHunter\Captchavel\Http\Middleware\CheckRecaptcha;
-use DarkGhostHunter\Captchavel\ReCaptcha;
-use Illuminate\Support\Carbon;
+use ReCaptcha\Response;
 use Illuminate\Support\Str;
+use ReCaptcha\RequestMethod;
+use Illuminate\Support\Carbon;
 use Orchestra\Testbench\TestCase;
+use DarkGhostHunter\Captchavel\ReCaptcha;
 use ReCaptcha\ReCaptcha as ReCaptchaFactory;
-use ReCaptcha\RequestMethod;
-use ReCaptcha\Response;
+use DarkGhostHunter\Captchavel\Http\Middleware\CheckRecaptcha;
+use DarkGhostHunter\Captchavel\Exceptions\FailedRecaptchaException;
+use DarkGhostHunter\Captchavel\Exceptions\InvalidRecaptchaException;
 
 class CheckRecaptchaTest extends TestCase
 {
@@ -103,13 +102,11 @@ public function testFailsOnNonPostMethod()
 
         $response = $this->get('get-route');
 
-        $response->assertStatus(500);
-        $this->assertInstanceOf(InvalidCaptchavelMiddlewareMethod::class, $response->exception);
+        $response->assertStatus(200);
 
         $response = $this->call('head', 'head-route');
 
-        $response->assertStatus(500);
-        $this->assertInstanceOf(InvalidCaptchavelMiddlewareMethod::class, $response->exception);
+        $response->assertStatus(200);
     }
 
     public function testFailsInvalidToken()