· 7 years ago · Oct 31, 2018, 04:36 PM
1add_action('login_form','my_added_login_field');
2 function my_added_login_field(){
3?>
4 <p>
5 <div class="g-recaptcha" data-sitekey="mySiteKey"></div>
6 </p>
7<?php
8}
9
10add_filter( 'authenticate', 'my_custom_authenticate', 10, 3 );
11function my_custom_authenticate( $user, $username, $password ){
12
13$my_value = $_POST['g-captcha-response'];
14
15if (!)
16
17return $user;
18}
19
20{
21 "success": true|false,
22 "challenge_ts": timestamp, // timestamp of the challenge load (ISO format yyyy-MM-dd'T'HH:mm:ssZZ)
23 "hostname": string, // the hostname of the site where the reCAPTCHA was solved
24 "error-codes": [...] // optional
25}
26
27add_filter( 'wp_authenticate_user', 'verify_recaptcha_on_login', 10, 3 );
28function verify_recaptcha_on_login($user, $password) {
29 $secretkey = "your secret key";
30 if (isset($_POST['g-recaptcha-response'])) {
31 $response = wp_remote_get( 'https://www.google.com/recaptcha/api/siteverify?secret='.$secretkey.'&response=' . $_POST['g-recaptcha-response'] );
32
33 $response = json_decode($response['body'], true);
34
35
36 if (true == $response['success']) {
37
38
39 return $user;
40
41
42 } else {
43
44
45 // FIXME: This one fires if your password is incorrect... Check if password was incorrect before returning this error...
46
47
48 return new WP_Error( 'Captcha Invalid', __('<strong>ERROR</strong>: You are a bot') );
49
50
51 }
52
53
54 } else {
55
56
57 return new WP_Error( 'Captcha Invalid', __('<strong>ERROR</strong>: You are a bot. If not then enable JavaScript.') );
58
59
60 }
61}