gkcaptcha/gkcaptcha-laravel
Composer 安装命令:
composer require gkcaptcha/gkcaptcha-laravel
包简介
Laravel integration for gkCAPTCHA: middleware, validation rule, Blade directive, and service provider
README 文档
README
Laravel integration package for gkCAPTCHA. Provides a service provider, middleware, validation rule, Blade directive, and Facade for CAPTCHA protection with a single line of configuration.
Requirements
- PHP 8.1+
- Laravel 10 or 11
gkcaptcha/gkcaptcha-php^1.0 (included as a dependency)
Installation
composer require gkcaptcha/gkcaptcha-laravel
The package auto-discovers via Laravel's package auto-discovery. No manual registration required.
Configuration
Publish the config file:
php artisan vendor:publish --tag=gkcaptcha-config
Add to .env:
GKCAPTCHA_SECRET_KEY=sk_live_your_secret_key GKCAPTCHA_SITE_KEY=pk_live_your_site_key GKCAPTCHA_API_URL=https://gkcaptcha.gatekeeper.sa GKCAPTCHA_TIMEOUT=5 GKCAPTCHA_FAIL_CLOSED=false GKCAPTCHA_WIDGET_URL=https://gkcaptcha.gatekeeper.sa/widget/gk-captcha.js
Environment Variables
| Variable | Default | Description |
|---|---|---|
GKCAPTCHA_SECRET_KEY |
(required) | Server-side secret key for token verification |
GKCAPTCHA_SITE_KEY |
(required) | Public site key for the widget |
GKCAPTCHA_API_URL |
https://gkcaptcha.gatekeeper.sa |
gkCAPTCHA API base URL |
GKCAPTCHA_TIMEOUT |
5.0 |
Request timeout in seconds |
GKCAPTCHA_FAIL_CLOSED |
false |
Block requests on network error (fail-closed) |
GKCAPTCHA_WIDGET_URL |
https://gkcaptcha.gatekeeper.sa/widget/gk-captcha.js |
Widget script URL |
Blade Directive
Add the CAPTCHA widget to any Blade template:
<form method="POST" action="/contact"> @csrf <input type="text" name="email" /> @gkcaptcha('pk_live_your_site_key') <button type="submit">Submit</button> </form>
If GKCAPTCHA_SITE_KEY is set in .env, you can omit the argument:
@gkcaptcha
The directive outputs:
<gk-captcha sitekey="pk_live_your_site_key"></gk-captcha> <script src="https://gkcaptcha.gatekeeper.sa/widget/gk-captcha.js" defer></script>
Middleware
Route Group (recommended)
Protect a group of routes by adding VerifyCaptcha to a route group:
use GkCaptcha\Laravel\Http\Middleware\VerifyCaptcha; Route::middleware([VerifyCaptcha::class])->group(function () { Route::post('/contact', [ContactController::class, 'store']); Route::post('/register', [RegisterController::class, 'store']); });
Global Kernel Registration (Laravel 10)
In app/Http/Kernel.php:
protected $routeMiddleware = [ // ... 'captcha' => \GkCaptcha\Laravel\Http\Middleware\VerifyCaptcha::class, ];
Then use the alias:
Route::post('/contact', [ContactController::class, 'store'])->middleware('captcha');
Token Sources
The middleware reads the CAPTCHA token from (in priority order):
captchaTokenbody field (form POST or JSON body)X-Captcha-Tokenrequest header (AJAX / API)
Middleware Responses
| Condition | HTTP Status | Body |
|---|---|---|
| No token present | 403 | {"success": false, "error": "CAPTCHA token required"} |
| Token invalid | 403 | {"success": false, "error": "CAPTCHA verification failed"} |
| Network error (fail-open) | passes through | Warning logged, request continues |
| Token valid | passes through | Normal route response |
Validation Rule
Use the gkcaptcha rule in form request classes or inline validators:
// In a FormRequest class: public function rules(): array { return [ 'email' => 'required|email', 'captchaToken' => 'required|gkcaptcha', ]; }
Or with the Rule object directly:
use GkCaptcha\Laravel\Rules\GkCaptchaRule; use GkCaptcha\GkCaptchaClient; $rules = [ 'captchaToken' => ['required', new GkCaptchaRule(app(GkCaptchaClient::class))], ]; $validator = Validator::make($request->all(), $rules);
Facade
For inline verification anywhere in your application:
use GkCaptcha\Laravel\Facades\GkCaptcha; $result = GkCaptcha::verifyToken( token: $request->input('captchaToken'), clientIP: $request->ip(), userAgent: $request->userAgent(), ); if (!$result->success) { abort(403, 'CAPTCHA verification failed'); }
Fail-Open Behavior
By default (GKCAPTCHA_FAIL_CLOSED=false), network errors when reaching the gkCAPTCHA API allow the request to proceed. A warning is logged:
[warning] gkCAPTCHA API unreachable, failing open {"error": "..."}
This prevents gkCAPTCHA API availability from causing downtime on your application.
Set GKCAPTCHA_FAIL_CLOSED=true to block requests when the API is unreachable. This is appropriate for high-security environments where it is better to reject users than to risk allowing bots through.
Testing
The package includes PHPUnit-compatible tests using Orchestra Testbench.
With dependencies installed:
cd sdks/laravel
composer install
./vendor/bin/phpunit tests/
For environments without Composer (CI, Docker images without Testbench), a standalone runner is included:
php tests/run_tests.php
License
MIT
gkcaptcha/gkcaptcha-laravel 适用场景与选型建议
gkcaptcha/gkcaptcha-laravel 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 0 次下载、GitHub Stars 达 0, 最近一次更新时间为 2026 年 03 月 27 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「validation」 「middleware」 「captcha」 「laravel」 「gkcaptcha」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 gkcaptcha/gkcaptcha-laravel 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 gkcaptcha/gkcaptcha-laravel 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 gkcaptcha/gkcaptcha-laravel 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Shoot aims to make providing data to your templates more manageable
Diese Contao 4 Erweiterung stellt Google reCAPTCHA V2 in Form eines neuen Formularfeldes im Formulargenerator bereit. This extension provides Google reCAPTCHA V2 in the form of a new form field in the form generator of Contao Open Source CMS.
Two Captcha
Adds request-parameter validation to the SLIM 3.x PHP framework
Slim Framework 3 CSRF protection middleware utilities
A jQuery augmented PHP library for creating and validating HTML forms
统计信息
- 总下载量: 0
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 24
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2026-03-27