Integration
Several integration solutions are available to simplify developers' work. We provide server-side and client-side libraries.
Ce composant permet d'installer en quelques minutes tous les pré-requis serveur
composer require blackcube/powshieldEdit Yii2 application configuration to activate the module
'bootstrap' => [
// modules to bootstrap
// ...
'powshield', ], 'modules' => [
// app modules
// ...
'powshield' => [
'class' => blackcube\powshield\Module::class, 'antiReplay' => true, // activate antireplay
'antiReplayTimeout' => 300, // antireplay timeout
'algorithm' => 'SHA-256', // cypher algo
'key' => 'sdfghjklmnbvcxwqertyuiop', // cypher key
'minIterations' => 0, // min iterations to solve the challenge
'maxIterations' => 50000, // max iterations to solve the challenge
'saltLength' => 12, 'timeValidity' => 900, // time validity
], ]Once the module is activated, the endpoints
become available.
To validate the CAPTCHA on the server side, it is necessary to add a validator
namespace app\models;
use yii\base\Model;
class FormModel extends Model
{
public $email;
public $subject;
public $message;
public $captchaSolution;
public function rules()
{
return [
[['email', 'subject', 'message', 'captchaSolution'], 'required'],
[['captchaSolution'], 'powshield'], // CAPTCHA validator
];
}
}This component allows you to install client prerequisites.
npm install --save @blackcube/aurelia2-powshieldimport Aurelia, { ConsoleSink, LoggerConfiguration, LogLevel } from 'aurelia';
import { PowshieldConfiguration} from '@blackcube/aurelia2-powshield';
import {Enhance} from "./app/enhance";
declare var webpackBaseUrl: string;
declare var __webpack_public_path__: string;
if ((window as any).webpackBaseUrl) {
__webpack_public_path__ = webpackBaseUrl;
} else {
__webpack_public_path__ = '';
}
declare var PRODUCTION:boolean;
const page = document.querySelector('body') as HTMLElement;
const au = new Aurelia();
au.register(PowshieldConfiguration.configure({}));
if(PRODUCTION == false) {
au.register(LoggerConfiguration.create({
level: LogLevel.trace, colorOptions: 'colors', sinks: [ConsoleSink]
}));
}
au.enhance({
host: page, component: Enhance
});
Here is the form input for the user
use yii\helpers\Html;
use yii\helpers\Url;
echo Html::beginForm(Url::to(['form']), 'post', ['novalidate' => 'novalidate', 'bc-powshield' => '']);
echo Html::errorSummary($formModel);
echo Html::activeHiddenInput($formModel, 'captchaSolution', ['id' => 'powshieldSolution']);
echo Html::beginTag('div');
echo HTml::activeLabel($formModel, 'email');
echo Html::activeInput('email', $formModel, 'email', ['placeholder' => 'Email *']);
echo Html::endTag('div');
echo Html::beginTag('div');
echo HTml::activeLabel($formModel, 'subject');
echo Html::activeInput('email', $formModel, 'subject', ['placeholder' => 'Subject *']);
echo Html::endTag('div');
echo Html::beginTag('div');
echo HTml::activeLabel($formModel, 'subject');
echo Html::activeInput('email', $formModel, 'subject', ['placeholder' => 'Message *']);
echo Html::endTag('div');
echo Html::beginTag('div');
echo Html::submitButton('Send');
echo Html::endTag('div');
echo Html::endForm();This setup integrates the CAPTCHA seamlessly with the form, and the powshield validator ensures everything is correct. After these slight modifications, your form is protected!
This component allows you to install client prerequisites
npm install --save @blackcube/vanilla-powshieldHere is the form input for the user
use yii\helpers\Html;
use yii\helpers\Url;
echo Html::beginForm(Url::to(['form']), 'post', ['novalidate' => 'novalidate']);
echo Html::errorSummary($formModel);
echo Html::activeHiddenInput($formModel, 'captchaSolution', ['id' => 'powshieldSolution']);
echo Html::beginTag('div');
echo HTml::activeLabel($formModel, 'email');
echo Html::activeInput('email', $formModel, 'email', ['placeholder' => 'Email *']);
echo Html::endTag('div');
echo Html::beginTag('div');
echo HTml::activeLabel($formModel, 'subject');
echo Html::activeInput('email', $formModel, 'subject', ['placeholder' => 'Subject *']);
echo Html::endTag('div');
echo Html::beginTag('div');
echo HTml::activeLabel($formModel, 'subject');
echo Html::activeInput('email', $formModel, 'subject', ['placeholder' => 'Message *']);
echo Html::endTag('div');
echo Html::beginTag('div');
echo Html::submitButton('Send');
echo Html::endTag('div');
echo Html::endForm();And here is a snippet of JavaScript code to handle form submission.
import {Powshield} from '@blackcube/vanilla-powshield';
const powshield = new Powshield();
const form = document.querySelector('form');
if (form) {
form.addEventListener('submit', function (event) {
event.preventDefault();
powshield.getChallenge('/powshield/generate-challenge')
.then(challenge => {
return powshield.solveChallenge(challenge)
})
.then(response => {
console.log('challenge:', response);
return powshield.solveChallenge(response)
})
.then(response => {
console.log('solution:', response);
const promises = [];
promises.push(powshield.verifySolution('/powshield/verify-solution', response));
promises.push(response);
return Promise.all(promises);
})
.then(response => {
const verified = response[0];
const solution = response[1];
console.log('verified:', solution);
if (!verified) {
throw new Error('Solution is not verified');
}
const b64 = btoa(JSON.stringify(solution));
return b64;
})
.then(response => {
const hiddenField = document.getElementById('powshieldSolution');
if (hiddenField) {
hiddenField.value = response;
// finally submit form
event.target.submit();
} else {
throw new Error('Hidden field not found');
}
console.log('encoded:', response);
})
});
}