(Re)captcha

To enable captcha checks on the forms, add a usecaptcha=true to the formintegration node in the site profile:

  <apply>
    <to type="all"/>
    <formintegration usecaptcha="true" />
  </apply>

Setup captcha support in your JS code

import { setupGoogleRecaptcha } from '@webhare/forms';
setupGoogleRecaptcha();

Request an API key from Google and configure it in WebHare.

Manual captcha integration

Request the user to fill in the captcha

import { getCaptchaResponse } from "@mod-publisher/js/captcha/api";

let sitekey = 'xxx'; //the result of GetCaptchaProvider()
let captcharesponse = await getCaptchaResponse(sitekey);

//Submit captcharesponse with the rest of your request

Serverside check:

STRING captcharesponse := "xxx"; ///captcha response from RPC/GetWebVariable
IF(NOT VerifyCaptchaResponse(GetFormRequestURL(), captcharesponse))
  ABORT("Invalid captcha response");

Disabling captcha checks for some users

  <apply>
    <to type="all"/>
    <captchaintegration skipfunction="my.whlib#SkipCaptcha" />
  </apply>

  PUBLIC BOOLEAN FUNCTION SkipCaptcha(OBJECT webcontext)
  {
    IF(IsPrivateIPAddress(GetClientRemoteIP()))
      RETURN TRUE;

    OBJECT wrdauth := webcontext->GetWRDAuthPlugin();
    IF(ObjectExists(wrdauth) AND wrdauth->IsLoggedIn())
      RETURN TRUE;

    RETURN FALSE;
  }

You can use AllowToSkipCaptchaCheck on a webdesign (or webcontext) object to verify whether the user is allowed to skip the captcha check. This should usually be done in the RPC that decides whether to request a captcha check