Cloudflare Workers hCaptcha

Verify a hCaptcha token from within a Cloudflare Worker.

Installation

npm install --save @glenstack/cf-workers-hcaptcha

Usage

import { createVerifier } from "@glenstack/cf-workers-hcaptcha";

const verify = createVerifier("0x0000000000000000000000000000000000000000");

const handleRequest = async (request) => {
  try {
    const payload = await verify(request);
    return new Response("Verified!");
  } catch (e) {
    return new Response(`Could not verify hCaptcha token: ${e.message}`, {
      status: 401,
    });
  }
};

addEventListener("fetch", (event) => {
  const { request } = event;
  event.respondWith(handleRequest(request));
});

createVerifier takes a single parameter, the secret key used to verify tokens.

It returns a function which, in turn, takes two parameters:

1. The Request.

2. Optionally, an object with the optional parameters:

   • tokenExtractor: An asynchronous function which, when given a Request, returns the token to verify. This defaults to extracting h-captcha-response from the formData body.

It returns a Promise of the the hCaptcha payload if the verification was successful, else throws an error with a human-readable error message.