Google Recaptcha Validation By Lua

260 views
Skip to first unread message

Hadi Abbasi

unread,
Feb 26, 2019, 2:04:43 AM2/26/19
to openresty-en
Hey guys
I want to send google recaptcha verification request using Lua but its response and status code is not available!
I have used below code to sending post request:

function googleRecaptchaFinalizing(userResponseToken) 
 
local config = require("ps.admin_config")
 
local json = require("cjson")
 
local ltn12 = require 'ltn12'
 
local http = require("socket.http")
 
 http
.TIMEOUT = 10
 
local respbody = {}
 
local payload =[[secret=]] .. config.captcha_private_key .. [[&response=]] .. userResponseToken .. [[&remoteip=]] .. ngx.var.remote_addr
 --I Can Use ngx.escape_uri(value) to convert values to escaped type
 -- ngx.log(ngx.DEBUG,"------> " .. payload)
 local success , code, respHeader, status = http.request
 
{
 url 
= config.google_recaptcha_validation_url 
 --url = config.google_recaptcha_validation_url .. "?secret="..config.captcha_private_key .. "&response=" .. userResponseToken
 ,method = "post",
 headers 
=
 
{
 
["cache-control"] = "no-cache",
 
-- ["Content-Type"] ="application/json"
 
-- ["Content-Type"] ="application/x-www-form-urlencoded",
 
["Content-Length"] = #payload --string.len(payload)
 
},
 source 
= ltn12.source.string(payload),
 sink 
= ltn12.sink.table(respbody)
 
}
 
 respbody 
= table.concat(respbody)
 ngx
.log(ngx.DEBUG,"token>>>>> " .. userResponseToken)
 ngx
.log(ngx.DEBUG,'success:' .. tostring(success or -1))
 ngx
.log(ngx.DEBUG,'code:' .. tostring(code))
 ngx
.log(ngx.DEBUG,'status: ' .. tostring(status))
 ngx
.log(ngx.DEBUG,'payload: ' .. (payloadStr or ""))
 ngx
.log(ngx.DEBUG,'respBody: ' .. tostring(respbody))
 
for k, v in pairs(respHeader) do 
 
local attKey = tostring(k)
 
local attVal = tostring(v)
 ngx
.log(ngx.DEBUG,attKey .. " ----> " .. attVal) 
 
end
 
if tostring(code)=="200" then
 
local jsonResp = json.decode(respbody)
 
if jsonResp.success == true then
 
return true , "is OK"
 
else
 
return false , jsonResp["error-codes"][0]
 
end
 
else
 
return nil , "response status code is: " .. tostring(code)
 
end
end
the result status code is 
 success:1
code:405

>Error 405 (Method Not Allowed)!!

when I test below cURL command, it's available and the  result is correct(200  OK), but the above function is not ok! I don't know why?!
 can you please help me?

curl -X POST \
  https
://www.google.com/recaptcha/api/siteverify \
  
-'cache-control: no-cache' \
  
-F secret=MY SECRET KEY \
  
-F response=USER RESPONSE  HASH \
  
-F remoteip=USER REMOTE IP

Even when I use ngx.escape_uri to escape payload values or when I use google uri vars like below url or change content-type to json format, the result is invalid!
config.google_recaptcha_validation_url .. "?secret="..config.captcha_private_key .. "&response=" .. userResponseToken
thanks a lot...
Best,


Hadi
Message has been deleted
Message has been deleted

Hadi Abbasi

unread,
Feb 26, 2019, 9:26:32 AM2/26/19
to openresty-en

Hi
this is the SOLVED final function

function googleRecaptchaFinalizing(userResponseToken)
   
local config = require("ps.admin_config")

   
local requests = require('requests')
   
local response  = requests.post(config.google_recaptcha_validation_url .. "?secret="..config.captcha_private_key .. "&response=" .. userResponseToken .. "&remoteip=" .. ngx.var.remote_addr)
   
--if response.status_code == 200 then
   
local json, err = response.json()
   
if not json then return nil, err end
   
if not json.success then return false, json['error-codes'] end
   
return true , "valid and trusted!"
end

Reply all
Reply to author
Forward
0 new messages