adonis-turnstile
AdonisJS Turnstile is a package that provides a set of tools to secure your AdonisJS applications from bots and spam attacks while also protecting your user's privacy.
Installation
Install and configure the package in your Adonis project.
# npm
npm i adonis-turnstile
node ace configure adonis-turnstile
# yarn
yarn add adonis-turnstile
node ace configure adonis-turnstile
Usage
Step 1: Registration
Sign up for a Cloudflare account and go to the Cloudflare Turnstile feature page. Login and follow the steps to get your site and secret key.
.env
file
Step 2: Add variables in TURNSTILE_SITE_KEY=YOUR_SITE_KEY
TURNSTILE_SECRET_KEY=YOUR_SECRET_KEY
.env.ts
file
Step 3: Add validation in the import Env from '@ioc:Adonis/Core/Env'
export default Env.rules({
// ....
TURNSTILE_SITE_KEY: Env.schema.string(),
TURNSTILE_SECRET_KEY: Env.schema.string(),
})
start/kernel.ts
Step 4: Add middleware to Server.middleware.registerNamed({
// ....
turnstile: () => import('App/Middleware/Turnstile'),
})
Step 5: Add middleware to your route
Route.post('login', 'LoginController.login').middleware('turnstile')
Step 6: Add the script to your client-side
Add this turnstileScript
helper to end of your body tag. This helper will inject the script tag to your HTML.
...
{{ turnstileScript() }}
...
<body>
it will render like this:
...
<script src="https://challenges.cloudflare.com/turnstile/v0/api.js" async defer></script>
...
<body>
Step 7: Update your form
Add this turnstileField
helper to inside your form or anywhere that you want:
....
<input type="password" name="password" />
<button type="submit">Login</button>
{{ turnstileField() }}
....
Step 8: Check response in your controller
export default class LoginController {
public async login({ turnstile, request, view }: HttpContextContract) {
if (turnstile.success) {
// Do some action
}
// Throw error
}
}