Using reCAPTCHA on localhost
Update
The original answer is no longer correct. The developer's guide now states:
"If you would like to use "localhost" for development, you must add it to the list of domains."
This will only work if you access localhost using 127.0.0.1/... rather than localhost/....
The original answer is preserved below.
According to the reCAPTCHA Developer's Guide:
"localhost domains are no longer supported by default. If you wish to continue supporting them for development you can add them to the list of supported domains for your site key. Go to the admin console to update your list of supported domains. We advise to use a separate key for development and production and to not allow localhost on your production site key."
In other words, simply use the same key.
It's so easy:
- Go to your google reCAPTCHA adminstration panel
- Add
localhost&127.0.0.1to the domains of a new site, like the following image.
Update:
If your question is how to set reCAPTCHA on the Google site for using it in localhost, then it has be as I wrote it above, but if you are curious how you can use reCAPTCHA on both localhost and a website host by minimal code in your controller and prevent some codes like ConfigurationManager.AppSettings["ReCaptcha:SiteKey"] in it, then I help you with this extra description and code in my answer.
Do you like the following GET and POST actions?
The code below supports reCAPTCHA and doesn't need any other code for handling reCAPTCHA.
[HttpGet]
[Recaptcha]
public ActionResult Register()
{
// Your code in the GET action
}
[HttpPost]
[Recaptcha]
[ValidateAntiForgeryToken]
public ActionResult Register(RegisterViewModel model, string reCaptcha_SecretKey){
// Your code in the POST action
if (!ModelState.IsValid || !ReCaptcha.Validate(reCaptcha_SecretKey))
{
// Your code
}
// Your code
}
In View: (reference)
@ReCaptcha.GetHtml(@ViewBag.publicKey)
@if (ViewBag.RecaptchaLastErrors != null)
{
<div>Oops! Invalid reCAPTCHA =(</div>
}
To use it
A) Add the following ActionFilter to your Web project:
public class RecaptchaAttribute : FilterAttribute, IActionFilter
{
public void OnActionExecuting(ActionExecutingContext filterContext)
{
var setting_Key = filterContext.HttpContext.Request.IsLocal ? "ReCaptcha_Local" : "ReCaptcha";
filterContext.ActionParameters["ReCaptcha_SecretKey"] = ConfigurationManager.AppSettings[$"{setting_Key}:SecretKey"];
}
public void OnActionExecuted(ActionExecutedContext filterContext)
{
var setting_Key = filterContext.HttpContext.Request.IsLocal ? "ReCaptcha_Local" : "ReCaptcha";
filterContext.Controller.ViewBag.Recaptcha = ReCaptcha.GetHtml(publicKey: ConfigurationManager.AppSettings[$"{setting_Key}:SiteKey"]);
filterContext.Controller.ViewBag.publicKey = ConfigurationManager.AppSettings[$"{setting_Key}:SiteKey"];
}
}
B) Add the reCAPTCHA settings keys for both localhost and website like this in your webconfig file:
<appSettings>
<!-- RECAPTCHA SETTING KEYS FOR LOCALHOST -->
<add key="ReCaptcha_Local:SiteKey" value="[Localhost SiteKey]" />
<add key="ReCaptcha_Local:SecretKey" value="[Localhost SecretKey]" />
<!-- RECAPTCHA SETTING KEYS FOR WEBSITE -->
<!--<add key="ReCaptcha:SiteKey" value="[Webite SiteKey]" />
<add key="ReCaptcha:SecretKey" value="[Webite SecretKey]" />-->
<!-- OTHER SETTING KEYS OF YOUR PROJECT -->
</appSettings>
Note: By this way you did not need set the reCaptcha_SecretKey parameter in the post action or any ViewBag for reCaptcha manually in your Actions and Views. All of them will be filled in automatically at runtime with appropriate values depending on if you have run the project on the localhost or website.
Please note that as of 2016, reCAPTCHA doesn't naively support localhost anymore. From the FAQ:
Localhost domains are no longer supported by default. If you wish to continue supporting them for development you can add them to the list of supported domains for your site key. Go to the admin console to update your list of supported domains. We advise to use a separate key for development and production and to not allow localhost on your production site key.
Just add localhost to your list of domains for your site and you'll be good.
This worked for me:
Extracted from the reCAPTCHA documentation:
With the following test keys, you will always get No CAPTCHA and all verification requests will pass.
Site key:
6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhISecret key:
6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWeThe reCAPTCHA widget will show a warning message to claim that it's only for testing purpose. Please do not use these keys for your production traffic.