Added recaptcha v3 example

Author: rai-gaurav

README.md

@@ -138,3 +138,4 @@ Hopefully will work on older version too (as old as 5.10) and across diferent OS
 | Currency Converter <ul><li>LWP::UserAgent</li></ul><ul><li>Mojo::UserAgent</li></ul>                                    | Completed |
 | Weather <ul><li>LWP::UserAgent</li></ul><ul><li>Mojo::UserAgent</li></ul>                                               | Completed |
 | reCAPTCHA v2 | Completed |
+| reCAPTCHA v3 | Completed |

web_programming/recaptcha_verification/README.md

@@ -1,9 +1,32 @@
 # reCAPTCHA verification using Perl
 
+
 ### v2 verification in login page created using Mojolicious
 
 To run the script just update it with your 'Site Key' and 'Secret Key' and run -
+
     morbo recaptcha_v2_verification.pl
 
-![alt text](login_page.PNG?raw=true)
-![alt text](recaptcha_v2_verification.PNG?raw=true)
+Browse to http://localhost:3000 for the output
+
+![alt text](screenshots/login_page_v2.PNG?raw=true)
+![alt text](screenshots/recaptcha_v2_verification.PNG?raw=true)\
+
+
+### v3 verification in login page created using Mojolicious
+
+To run the script just update it with your 'Site Key' and 'Secret Key' and run -
+
+    morbo recaptcha_v3_verification.pl
+
+Browse to http://localhost:3000 for the output -
+
+![alt text](screenshots/login_page_v3.PNG?raw=true)
+
+In case of success user will be able to login -
+
+![alt text](screenshots/login_success.PNG?raw=true)
+
+In case of bot, it will theough error -
+
+![alt text](screenshots/error_for_bot.PNG?raw=true)

web_programming/recaptcha_verification/recaptcha_v2_verification.pl

@@ -8,6 +8,7 @@
 
 # https://metacpan.org/pod/Mojolicious
 # https://docs.mojolicious.org/Mojolicious/Lite
+# https://developers.google.com/recaptcha/docs/display
 
 # This is a simple Login page. We will be authenticating user.
 # After success they will get a home page where we will be welcoming them and they can logout from there.
@@ -24,7 +25,6 @@
 sub is_valid_captcha {
     my ($c) = @_;
     my $ua = Mojo::UserAgent->new;
-    $ua->insecure(1);
     my $param = $c->param('g-recaptcha-response');
 
     my $captcha_url = 'https://www.google.com/recaptcha/api/siteverify';

web_programming/recaptcha_verification/recaptcha_v3_verification.pl

@@ -0,0 +1,158 @@
+#!/usr/bin/env perl
+
+# reCAPTCHA is a CAPTCHA system, that is a system that allows web hosts to distinguish between human
+# and automated access to websites. More info - https://www.google.com/recaptcha/about/
+# You can register your site in google reCAPTCHA at https://www.google.com/recaptcha/admin/create
+# You will get 'Site Key' and 'Secret Key'.
+# 'Site Key' will be put on front-end side while 'Secret key' will be on server side in environemnt variable.
+
+# https://metacpan.org/pod/Mojolicious
+# https://docs.mojolicious.org/Mojolicious/Lite
+# https://developers.google.com/recaptcha/docs/v3
+
+# This is a simple Login page. We will be authenticating user.
+# After success they will get a home page where we will be welcoming them and they can logout from there.
+# In case of authentication failure error will be thrown.
+
+use strict;
+use warnings;
+use Mojolicious::Lite;
+use Mojo::UserAgent;
+
+# Add your 'Secret Key' here
+$ENV{'CAPTCHA_V3_SECRET_KEY'} = "";
+
+sub is_valid_captcha {
+    my ($c) = @_;
+    my $ua = Mojo::UserAgent->new;
+    my $param = $c->param('g-recaptcha-response');
+    my $captcha_url = 'https://www.google.com/recaptcha/api/siteverify';
+    my $response
+        = $ua->post(
+        $captcha_url => form => {response => $param, secret => $ENV{'CAPTCHA_V3_SECRET_KEY'}})
+        ->result;
+    if ($response->is_success()) {
+        my $out = $response->json;
+        # reCAPTCHA v3 returns a score -> 1.0 is very likely a good interaction, 0.0 is very likely a bot
+        if ($out->{success} && $out->{score} > 0.5) {
+            return 1;
+        }
+        else {
+            # Its a bot
+            return 0;
+        }
+    }
+
+    # Connection to reCAPTCHA failed
+    return 0;
+}
+
+# https://docs.mojolicious.org/Mojolicious/Lite#Helpers
+# Check for authentication
+helper auth => sub {
+    my $c = shift;
+
+    if (($c->param('username') eq 'admin') && ($c->param('password') eq 'admin')) {
+        return 1;
+    }
+    return 0;
+};
+
+helper verify_captcha => sub {
+    my $c = shift;
+    if (is_valid_captcha($c)) {
+        return 1;
+    }
+    return 0;
+};
+
+# Different Routes
+get '/' => sub { shift->render } => 'index';
+
+post '/login' => sub {
+    my $c = shift;
+    if ($c->auth) {
+        if ($c->verify_captcha) {
+            $c->session(auth => 1);
+            $c->flash(username => $c->param('username'));
+            return $c->redirect_to('home');
+        }
+        else {
+            $c->flash('error' => 'Captcha verification failed');
+            $c->redirect_to('index');
+        }
+    }
+    $c->flash('error' => 'Wrong login/password');
+    $c->redirect_to('index');
+} => 'login';
+
+get '/logout' => sub {
+    my $c = shift;
+    delete $c->session->{auth};
+    $c->redirect_to('index');
+} => 'logout';
+
+# https://docs.mojolicious.org/Mojolicious/Lite#Under
+under sub {
+    my $c = shift;
+    return 1 if ($c->session('auth') // '') eq '1';
+
+    $c->render('denied');
+};
+
+get '/home' => sub {
+    my $c = shift;
+    $c->render();
+} => 'home';
+
+app->start;
+
+__DATA__
+
+
+@@ index.html.ep
+<html>
+    <head>
+        <link href="https://fonts.googleapis.com/css?family=Nunito:200,600" rel="stylesheet">
+        <script src="https://code.jquery.com/jquery-3.5.1.min.js" integrity="sha256-9/aliU8dGd2tb6OSsuzixeV4y/faTqgFtohetphbbj0=" crossorigin="anonymous"></script>
+        <script src="https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=Your Site Key"></script>
+    </head>
+    <body>
+        %= t h1 => 'Login'
+
+        % if (flash('error')) {
+            <h2 style="color:red"><%= flash('error') %></h2>
+        % }
+
+        %= form_for login => (method => 'post') => begin
+            <label>username:</label> <%= text_field 'username' %>
+        <br /><br />
+            <label>password:</label> <%= password_field 'password' %>
+        <br /><br />
+            <input type="hidden" id="g-recaptcha-response" name="g-recaptcha-response">
+            <input type="hidden" name="action" value="validate_captcha">
+        %= submit_button 'Log in'
+        %= end
+        <script>
+            function onloadCallback() {
+                grecaptcha.ready(function() {
+                    grecaptcha.execute('Your Site Key', {action:'validate_captcha'}).then(function(token) {
+                        document.getElementById('g-recaptcha-response').value = token;
+                    });
+                });
+            }
+        </script>
+    </body>
+</html>
+
+
+@@ home.html.ep
+%= t h1 => 'Home Page'
+<h2 style="color:green">Hello <%= flash('username') %></h2>
+<a href="<%= url_for('logout') %>">Logout</a>
+
+
+@@ denied.html.ep
+%= t h2 => 'Access Denied'
+<a href="<%= url_for('index') %>">Login</a>
+