Search.../
  1. APIs

authorize( )

Authorizes the CAPTCHA token.

Description

Following CAPTCHA verification on the client side, you must authorize the generated CAPTCHA token in the backend. authorize() checks if the token is valid, making sure it was not tampered with or timed out.

The authorize() function returns a Promise that resolves to a Success object when the token is authorized and to an Error object when authorization fails.

To understand how authorize() is used in a typical CAPTCHA validation lifecycle, click here.

If CAPTCHA token authorization fails, an error message containing a status code is returned. The following table lists the possible HTTP error status codes, based on RFC 2616:

Status CodeNameDescription
400Bad RequestThe request could not be understood by the server. This could occur for a number of reasons, such as:
  • The request was sent without a token.
  • The token is invalid.
  • The token has timed out.
401UnauthenticatedNo user identity found in passed request.
500Internal Server ErrorThe server encountered an unexpected condition, such as a missing or invalid private CAPTCHA key.
503UnavailableThe service is unavailable due to one of the following:
  • Throttled error: Server overload due to more than the allowed requests in a given time frame.
  • Request failed: No response following 10 retries with a 1-second interval.

Syntax

function authorize(token: string): Promise<SuccessReport>

authorize Parameters

NAME
TYPE
DESCRIPTION
token
string

The CAPTCHA token to authorize.

Returns

Fulfilled - A success message. Rejected - An error message.

Return Type:

Promise<SuccessReport>
NAME
TYPE
DESCRIPTION
success
boolean

Value is true when authorization is successful.

Related Content:

Captcha( )

Was this helpful?

Full CAPTCHA lifecycle scenario

This example demonstrates how to use reCAPTCHA to protect a data insertion. We use a text input for the data, a reCAPTCHA element, and a submit button. The submit button is disabled until the CAPTCHA is verified and a token is generated. Clicking the submit button triggers backend authorization of the token. If authorization is successful, the data is inserted into the collection.

Copy Code
1/************************************
2 * Backend code - submitHandler.web.js *
3 ************************************/
4

5import { Permissions, webMethod } from 'wix-web-module';
6import wixCaptchaBackend from 'wix-captcha-backend';
7import wixData from 'wix-data';
8

9export const processSubmission = webMethod(Permissions.Anyone, (submitRequestData) => {
10  return wixCaptchaBackend.authorize(submitRequestData.token)
11    .then(() => {
12      return wixData.insert("MyCollection", submitRequestData.data)
13        .then(() => ({ "type": "success" }))
14        .catch((error) => ({ "type": "insertion error", "message": "Error: collection insertion failed: " + error }));
15    })
16    .catch((error) => ({ "type": "authorization error", "message": "Error: CAPTCHA authorization failed: " + error }));
17});
18

19/********************
20 * Client-side code *
21 ********************/
22

23import { processSubmission } from 'backend/submitHandler.web';
24

25$w.onReady(function () {
26  // When user clicks submit button
27  $w("#submitDataButton").onClick(() => {
28    let submitRequestData = {
29      token: $w("#myCaptcha").token,
30      data: $w("#myInput").value,
31    }
32    processSubmission(submitRequestData) // Call backend function
33      .then((response) => {
34        // Display a different message depending on response from backend function
35        switch (response.type) {
36          case "success":
37            $w("#messageText").text = "Data successfully submitted";
38            break;
39          case "authorization error":
40            $w("#messageText").text = "CAPTCHA authorization failed. Redo the CAPTCHA challenge.";
41            break;
42          case "insertion error":
43            $w("#messageText").text = "Database error. Redo the CAPTCHA challenge.";
44            break;
45        }
46        $w("#myCaptcha").reset();
47        $w("#submitDataButton").disable();
48        $w("#messageText").show();
49      });
50  });
51

52  // Error handler
53  $w("#myCaptcha").onError(() => {
54    $w("#messageText").text = "The reCAPTCHA element lost connection with the CAPTCHA provider. Try again later.";
55    $w("#messageText").show()
56      .then(() => {
57        $w("#messageText").hide("fade", { "delay": 10000 });
58      });
59  })
60

61  // Verification handler
62  $w("#myCaptcha").onVerified(() => {
63    $w("#submitDataButton").enable();
64    $w("#messageText").hide();
65  })
66

67  // Timeout handler
68  $w("#myCaptcha").onTimeout(() => {
69    $w("#submitDataButton").disable();
70    $w("#messageText").text = "The CAPTCHA has timed out. Please redo the CAPTCHA challenge.";
71    $w("#messageText").show();
72  });
73});