Google reCAPTCHA V2 wrapper for the ASP.NET Web Forms (.NET Framework>4.0) with online/offline detection capabilities.
From a Package Manager Console or PowerShell; install .nupkg locally
# Installs harta-recaptcha 1.0.3 package, using the .nupkg file under local path of c:\temp\packages
Install-Package c:\temp\packages\harta-recaptcha.1.0.3.nupkg
# Installs harta-recaptcha but not its dependencies from c:\temp\packages
Install-Package harta-recaptcha -IgnoreDependencies -Source c:\temp\packages
You must first have a secret key and a site key in order to use the reCAPTCHA service. This package supports v2 api keys. You can read more about reCAPTCHA v2, and sign up for free here: https://www.google.com/recaptcha/intro/
Configuration can be setup from the application or page level depends on the situation.
Add the following entry to the file and make sure to paste in your secret key and site key:
<add key="RecaptchaSecretKey" value="paste secret key here" />
<add key="RecaptchaSiteKey" value="paste site key here" />
Optionally, if you want to disable the control, add following entry to the file. (Default value = false)
<add key="RecaptchaSkipValidation" value="true|false:boolean" />
Inject package assembly and namespace within the directive syntax as described below:
<%@ Register Assembly="Recaptcha" Namespace="Recaptcha" TagPrefix="recaptcha" %>
Place the control within form tags. Optionally, SkipRecaptcha can be use on this level to skip the validation procedure aka disable the control.
<recaptcha:RecaptchaControl SiteKey="Your site key" SecretKey="Your secret key" SkipRecaptcha="true|false" runat="server"/>
TLDR: Complete example
Note: Example below will assumed that the configuration was done on the application level
Inject control on selected page
<%@ Register Assembly="Recaptcha" Namespace="Recaptcha" TagPrefix="recaptcha" %>
Place custom tag derived from the registered control within form.
<form id="form1" runat="server">
<div>
<recaptcha:RecaptchaControl runat="server"/>
</div>
</form>
Create HiddenField
on the same page and hook the ID to the recaptcha control attribute HiddenFieldControlId
Note: HiddenField used to store the browser connectivity state
<form id="form1" runat="server">
<asp:HiddenField runat="server" ID="HiddenFieldID"/>
<div>
<recaptcha:RecaptchaControl HiddenFieldControlId="HiddenFieldID" runat="server"/>
</div>
</form>
Final form should be like below:
<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs" Inherits="RecaptchaTest._Default" %>
<%@ Register Assembly="Recaptcha" Namespace="Recaptcha" TagPrefix="recaptcha" %>
<!DOCTYPE html>
<html>
<body>
<form id="form1" runat="server">
<asp:HiddenField runat="server" ID="BrowserState"/>
<div>
<recaptcha:RecaptchaControl ID="RecaptchaControl" HiddenFieldControlId="BrowserState" runat="server"/>
<asp:Label ID="RecaptchaResult" runat="server"/><br/>
<asp:Button ID="RecaptchaButton" Text="Submit" runat="server" onclick="RecaptchaButton_Click"/>
</div>
</form>
</body>
</html>
To validate the recaptcha attempts, use Page.IsValid
on the backend logic. This property will trigger the validation pipeline and send the secured request with provided keys to the upstream server for validation (spam/etc.)
protected void RecaptchaButton_Click(object sender, EventArgs e)
{
if (this.Page.IsValid)
{
this.RecaptchaResult.Text = "Success";
}
else
{
this.RecaptchaResult.Text = this.RecaptchaControl.ErrorMessage;
}
}
Invalid response will be attached to ErrorMessage
property, by leveraging default API response from Google reCAPTCHA