blocks|key|4186602|text|导入HttpModule|type|unstyled|depth|inlineStyleRanges|offset|length|style|CODE|entityRanges|data|4186603|import+{+HttpModule,+Module+}+from+'@nestjs/common';

@Module({
++++imports:+[HttpModule],
++++...
})|code-block|syntax|javascript|4186604|然后创建一个服务来验证captcha值|4186605|注意：：您必须从获取秘密/站点密钥(站点密钥将在客户端使用)|BOLD|4186606|import+{+HttpService,+Inject,+Injectable+}+from+"@nestjs/common";
import+{+REQUEST+}+from+'@nestjs/core';
import+{+Request+}+from+'express';
import+{+map+}+from+'rxjs/operators'

@Injectable()
export+class+CaptchaService+{
++++constructor(
++++++++@Inject(REQUEST)+private+readonly+request:+Request,
++++++++private+httpService:+HttpService)+{+}

++++public+validate(value:string):+Promise<any>+{
++++++++const+remoteAddress+=+this.request.socket.remoteAddress
++++++++const+secretKey+=+"XXXXXXXXX"
++++++++const+url+=+"https://www.google.com/recaptcha/api/siteverify?secret="+%2B+secretKey+%2B+"&response="+%2B+value+%2B+"&remoteip="+%2B+remoteAddress;

++++++++return+this.httpService.post(url).pipe(map(response+=>+{
++++++++++++return+response['data']
++++++++})).toPromise()
++++}
++++
}|4186607|然后在你的控制器中：|4186608|+const+value="XXXXX"+//+client+send+this+for+you
+const+result+=+await+this.captchService.validate(value)
+if+(!result.success)+throw+new+BadRequestException()|4186609|客户端|4186610|如果你使用的是angular，你可以使用|4186611|entityMap^0|2|A|0|0|0|0|3|0|0|0|0|0|3|0|0^^$0|@$1|2|3|4|5|6|7|11|8|@$9|12|A|13|B|C]]|D|@]|E|$]]|$1|F|3|G|5|H|7|14|8|@]|D|@]|E|$I|J]]|$1|K|3|L|5|6|7|15|8|@]|D|@]|E|$]]|$1|M|3|N|5|6|7|16|8|@$9|17|A|18|B|O]]|D|@]|E|$]]|$1|P|3|Q|5|H|7|19|8|@]|D|@]|E|$I|J]]|$1|R|3|S|5|6|7|1A|8|@]|D|@]|E|$]]|$1|T|3|U|5|H|7|1B|8|@]|D|@]|E|$I|J]]|$1|V|3|W|5|6|7|1C|8|@$9|1D|A|1E|B|O]]|D|@]|E|$]]|$1|X|3|Y|5|6|7|1F|8|@]|D|@]|E|$]]|$1|Z|3|-4|5|6|7|1G|8|@]|D|@]|E|$]]]|10|$]]

Import <code>HttpModule</code>
<pre><code>import { HttpModule, Module } from '@nestjs/common';

@Module({
 imports: [HttpModule],
 ...
})
</code></pre>
Then create a service to validate captcha value
NOTE: You have to get the secret/site key from <a href="https://www.google.com/recaptcha/about/" rel="nofollow noreferrer">here</a> (site key will get used in the client)
<pre><code>import { HttpService, Inject, Injectable } from &quot;@nestjs/common&quot;;
import { REQUEST } from '@nestjs/core';
import { Request } from 'express';
import { map } from 'rxjs/operators'

@Injectable()
export class CaptchaService {
 constructor(
 @Inject(REQUEST) private readonly request: Request,
 private httpService: HttpService) { }

 public validate(value:string): Promise&lt;any&gt; {
 const remoteAddress = this.request.socket.remoteAddress
 const secretKey = &quot;XXXXXXXXX&quot;
 const url = &quot;https://www.google.com/recaptcha/api/siteverify?secret=&quot; + secretKey + &quot;&amp;response=&quot; + value + &quot;&amp;remoteip=&quot; + remoteAddress;

 return this.httpService.post(url).pipe(map(response =&gt; {
 return response['data']
 })).toPromise()
 }
 
}
</code></pre>
then in your controller :
<pre><code> const value=&quot;XXXXX&quot; // client send this for you
 const result = await this.captchService.validate(value)
 if (!result.success) throw new BadRequestException()
</code></pre>
Client Side
If you are using angular you can use <a href="https://www.npmjs.com/package/ng-recaptcha" rel="nofollow noreferrer">this</a>

blocks|key|4324810|text|我通过创建一个独立的RecaptchaGuard解决了这个问题。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|4324811|//+recaptcha.guard.ts
import+{
++Injectable,
++CanActivate,
++ExecutionContext,
++HttpService,
++ForbiddenException,
}+from+"@nestjs/common";

@Injectable()
export+class+RecaptchaGuard+implements+CanActivate+{
++constructor(private+readonly+httpService:+HttpService)+{}

++async+canActivate(context:+ExecutionContext):+Promise<boolean>+{
++++const+{+body+}+=+context.switchToHttp().getRequest();

++++const+{+data+}+=+await+this.httpService
++++++.post(
++++++++`https://www.google.com/recaptcha/api/siteverify?response=${body.recaptchaValue}&secret=${process.env.RECAPTCHA_SECRET}`
++++++)
++++++.toPromise();

++++if+(!data.success)+{
++++++throw+new+ForbiddenException();
++++}

++++return+true;
++}
}|code-block|syntax|javascript|4324812|接下来，您可以简单地在控制器上应用recaptcha保护。|4324813|//+app.controller.ts
import+{+Controller,+Post,+UseGuard+}+from+'@nestjs/common';
import+{+RecaptchaGuard+}+from+'./recaptcha.guard.ts'
++++
@Controller()
export+class+AppController+{

+@Post()
+@UseGuard(RecaptchaGuard)
+async+postForm(){
++//
+}
}|4324814|entityMap^0|0|0|0|0^^$0|@$1|2|3|4|5|6|7|M|8|@]|9|@]|A|$]]|$1|B|3|C|5|D|7|N|8|@]|9|@]|A|$E|F]]|$1|G|3|H|5|6|7|O|8|@]|9|@]|A|$]]|$1|I|3|J|5|D|7|P|8|@]|9|@]|A|$E|F]]|$1|K|3|-4|5|6|7|Q|8|@]|9|@]|A|$]]]|L|$]]

I solved it by creating a seperate RecaptchaGuard.
<pre class="lang-ts prettyprint-override"><code>// recaptcha.guard.ts
import {
 Injectable,
 CanActivate,
 ExecutionContext,
 HttpService,
 ForbiddenException,
} from &quot;@nestjs/common&quot;;

@Injectable()
export class RecaptchaGuard implements CanActivate {
 constructor(private readonly httpService: HttpService) {}

 async canActivate(context: ExecutionContext): Promise&lt;boolean&gt; {
 const { body } = context.switchToHttp().getRequest();

 const { data } = await this.httpService
 .post(
 `https://www.google.com/recaptcha/api/siteverify?response=${body.recaptchaValue}&amp;secret=${process.env.RECAPTCHA_SECRET}`
 )
 .toPromise();

 if (!data.success) {
 throw new ForbiddenException();
 }

 return true;
 }
}
</code></pre>
Next you can simply apply the recaptcha guard on a controller.
<pre class="lang-ts prettyprint-override"><code>// app.controller.ts
import { Controller, Post, UseGuard } from '@nestjs/common';
import { RecaptchaGuard } from './recaptcha.guard.ts'
 
@Controller()
export class AppController {

 @Post()
 @UseGuard(RecaptchaGuard)
 async postForm(){
 //
 }
}
</code></pre>

blocks|key|4324896|text|最初，我遵循了公认的答案，然后注意到有一种更简单的方法--我想分享它，以防它能帮助任何人。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|4324897|有一个NestJS模块可以很容易地与ReCAPTCHA集成：https://github.com/chvarkov/google-recaptcha。|offset|length|4324898|4324899|安装该模块。|unordered-list-item|4324900|在您的AppModule中创建类似以下内容：|style|CODE|4324901|4324902|++++const+googleRecaptchaFactory+=+(
++++++applicationConfigService:+ApplicationConfigService,
++++)+=>+({
++++++secretKey:+applicationConfigService.auth.recaptcha.secretKey,
++++++response:+(req)+=>+req.headers.recaptcha+%7C%7C+'',
++++++skipIf:+applicationConfigService.auth.recaptcha.bypassVerification,
++++});
++++
++++@Module({
++++++controllers:+[/*+...+*/],
++++++imports:+[
++++++++/*+...+*/
++++++++GoogleRecaptchaModule.forRootAsync({
++++++++++imports:+[],
++++++++++inject:+[ApplicationConfigService],
++++++++++useFactory:+googleRecaptchaFactory,
++++++++}),
++++++],
++++++providers:+[/*+...+*/],
++++++exports:+[/*+...+*/],
++++})
++++export+class+Module+{}|code-block|syntax|javascript|4324903|4324904|现在，在您的控制器中，使用@Recapcha防护。|4324905|4324906|您可以在链接的Github中找到整个集成过程的文档。|4324907|entityMap|0|LINK|mutability|MUTABLE|url|https://github.com/chvarkov/google-recaptcha^0|0|U|18|0|0|0|0|3|9|0|0|0|0|D|9|0|0|0^^$0|@$1|2|3|4|5|6|7|17|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|18|8|@]|9|@$D|19|E|1A|1|1B]]|A|$]]|$1|F|3|-4|5|6|7|1C|8|@]|9|@]|A|$]]|$1|G|3|H|5|I|7|1D|8|@]|9|@]|A|$]]|$1|J|3|K|5|I|7|1E|8|@$D|1F|E|1G|L|M]]|9|@]|A|$]]|$1|N|3|-4|5|6|7|1H|8|@]|9|@]|A|$]]|$1|O|3|P|5|Q|7|1I|8|@]|9|@]|A|$R|S]]|$1|T|3|-4|5|6|7|1J|8|@]|9|@]|A|$]]|$1|U|3|V|5|I|7|1K|8|@$D|1L|E|1M|L|M]]|9|@]|A|$]]|$1|W|3|-4|5|6|7|1N|8|@]|9|@]|A|$]]|$1|X|3|Y|5|6|7|1O|8|@]|9|@]|A|$]]|$1|Z|3|-4|5|6|7|1P|8|@]|9|@]|A|$]]]|10|$11|$5|12|13|14|A|$15|16]]]]

Initially, I was following the accepted answer, and then noticed that there's an easier way to do so - and wanna share it just in case it can help anyone.
There's a NestJS module that provides easy integration with ReCAPTCHA: <a href="https://github.com/chvarkov/google-recaptcha" rel="nofollow noreferrer">https://github.com/chvarkov/google-recaptcha</a>.
<ul>
<li>Install the module.</li>
<li>In your <code>AppModule</code> create something like this:</li>
</ul>
<pre class="lang-js prettyprint-override"><code> const googleRecaptchaFactory = (
 applicationConfigService: ApplicationConfigService,
 ) =&gt; ({
 secretKey: applicationConfigService.auth.recaptcha.secretKey,
 response: (req) =&gt; req.headers.recaptcha || '',
 skipIf: applicationConfigService.auth.recaptcha.bypassVerification,
 });
 
 @Module({
 controllers: [/* ... */],
 imports: [
 /* ... */
 GoogleRecaptchaModule.forRootAsync({
 imports: [],
 inject: [ApplicationConfigService],
 useFactory: googleRecaptchaFactory,
 }),
 ],
 providers: [/* ... */],
 exports: [/* ... */],
 })
 export class Module {}

</code></pre>
<ul>
<li>Now, in your controller, use the <code>@Recapcha</code> guard.</li>
</ul>
You can find documentation for the entire integration process in the linked Github.

I am trying to implement a server-side validation for reCaptcha using Nestjs and I want to if I should implement this as a module or as a service for modules(such as a self written user authentication module) that would require the use of reCaptcha.

Nestjs and Google Recaptcha

翻译质量差，导致语言生硬或混乱。

没有提供实际的解决方法或示例。

解答不清晰，无法理解或解决问题。

页面排版不美观，阅读体验差。

文章

问答

视频

学习中心

腾讯云实验室

直播

竞赛

腾讯云代码分析专区

腾讯iOA零信任安全管理系统专区

腾讯云架构师技术同盟交流圈

腾讯云数据库专区

腾讯云顾问专区

腾讯云原生专区

腾讯混元专区

腾讯云TCE专区

腾讯云Lighthouse专区

腾讯云HAI专区

腾讯云Edgeone专区

腾讯云存储专区

腾讯云智能专区

腾讯轻联专区 

腾讯云开发专区

TAPD专区

腾讯轻量云游戏服专区

腾讯云最具价值专家

腾讯云架构师技术同盟

腾讯云创作之星

腾讯云开发者先锋

腾讯云代码助手

云原生构建

TAPD 敏捷项目管理

Cloud Studio

SDK中心

API中心

命令行工具

涵盖代码开发、场景应用、自动测试全流程，助你从零构建专属AI助手

问Nestjs和Google Recaptcha
EN

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问Nestjs和Google RecaptchaEN