Open in app

Sign in

Write

Sign in

Integrating Google reCAPTCHA with Symfony Forms: A Step-by-Step Guide

Aghar Saifeddine
2 min readJul 28, 2024

--

In today’s digital age, protecting your website from spam and bots is crucial. Google reCAPTCHA offers a free and effective solution. This guide will walk you through integrating reCAPTCHA with Symfony forms.

Registering Your Site on Google reCAPTCHA

  1. Sign In and Register:
  • Visit Google reCAPTCHA and sign in with your Google account.
  • Click on the “Get reCAPTCHA” button and fill out the registration form.

2. Setting the Label:

  • Choose a label that will help you identify your site easily.

3. Choosing reCAPTCHA Type:

  • Checkbox: Users click a checkbox to prove they’re not robots.
  • Invisible: Less intrusive, triggered via a JavaScript API call.

Note: A site can only use one reCAPTCHA type.

4. Setting Domains:

  • Add your domain(s). This ensures reCAPTCHA only works on these domains. For testing, use localhost.

5. Generate Keys:

  • Obtain your site key and secret key.

Configuring Your Symfony Application

  1. Install reCAPTCHA PHP Library:

Run the following command from your project directory:

composer require google/recaptcha

2. Add API Keys in .env File:

RECAPTCHA_SITE_KEY=your_site_key
RECAPTCHA_SECRET_KEY=your_secret_key

3. Register reCAPTCHA Class as a Service:

  • Define the service in your configuration file.

4. Add a Twig Global Variable:

Add the site key as a global variable so it’s available in all Twig templates.

Adding reCAPTCHA to Your Forms

  1. Integrate reCAPTCHA in Forms:

Add the data-sitekey attribute to your form field.

<div class="g-recaptcha" data-sitekey="{{ recaptcha_site_key }}"></div>

2. Include reCAPTCHA Script:

Add the script to your Twig template:

<script src="https://www.google.com/recaptcha/api.js" async defer></script>

Verifying reCAPTCHA Response

When the form is submitted, Google sends g-recaptcha-response as POST data. Verify it in your controller to ensure the user is human.

use ReCaptcha\ReCaptcha;
$recaptcha = new ReCaptcha($secret);
$response = $recaptcha->verify($_POST['g-recaptcha-response'], $_SERVER['REMOTE_ADDR']);
if ($response->isSuccess()) {
 // Verified!
} else {
 // Verification failed
}
Login page
Register page

Conclusion

Integrating Google reCAPTCHA with Symfony forms is straightforward and significantly enhances your site’s security. By following these steps, you can protect your website from unwanted spam and bot activities.

Google Recaptcha
Web Development
Web Security
Symfony
Web3

--

--

Aghar Saifeddine

Written by Aghar Saifeddine

4 Followers

Full Stack Developer | SYMPHONY | PHP | DevOps

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams