[Skip to Content]

Google reCAPTCHA v3 C# demo

Published on Thursday 13 June 2019
Categories: Programming and Code |

Google Logo

reCAPTCHA v3 from Google helps you detect abusive traffic on your website without any user interaction compared to reCAPTCHA v2 which requires users to either tick a confirmation box or spend time to select images to prove that they are a real person and not a bot.

We have used the version 2 reCAPTCHA on clients websites and our own or many years but are now converting them to use the new reCAPTCHA v3 version to make it easier for real website visitors to contact the businesses.

The largest difference between reCAPTCHA v3 and v2 are the lack of visitor interaction and the new reCAPTCHA v3 returns a score between 0 and 1 for if it thinks the submission is a bot or human.

Any response over 0.5 is classified as likely to be a human and below this threshold it is likely to be a bot or spam submission.

Google have basic instructions on developers.google.com/recaptcha/docs/v3 for adding the reCAPTCHA v3 to your web pages but they don’t have any server side demo code for you to validate the response and process the form submission as needed.

Using existing code and other code snippets I found online, I wrote a simple C# class which adds the nessarry code to as web page and then validates the response from the reCAPTCHA v3 server and returns an object containing the returned data.

Installation:

Download the C# class and demo form from github.com/briandorey/google-recaptcha-v3-c-sharp-example and copy GoogleRecaptchia.cs into the App_Code folder on your website project.

Next you need to create a site profile on www.google.com/recaptcha/admin/ which will generate the reCAPTCHA keys.

You will be given a Site Key and a Secret Key which will need to be added into the GoogleRecaptchia.cs on lines 17 and 18

The class uses Newtonsoft.Json from www.newtonsoft.com/json to parse the JSON response from reCAPTCHA and you can install this using the package manager in Visual Studio with the following command in the Package Manager console:

Install-Package Newtonsoft.Json

You need to add a hidden input field which is used to pass the token from reCAPTCHA back to the server side code which needs to be added within your form tags.

<input type="hidden" id="g-recaptcha-response" name="g-recaptcha-response" />

On your web form you also need to add Jquery for the client side code which you can download from jquery.com

After your Jquery script link you need to add an asp:Literal which is used for the client side code on the page:

<asp:Literal ID="LitGoogleJS" runat="server"></asp:Literal>

In your code-behind file or in the .aspx page you need to add the following to create the GoogleRecaptchia object:

GoogleRecaptchia gr = new GoogleRecaptchia();

In the Page_Load function add the following to insert the client side code:

protected void Page_Load(Object Src, EventArgs E)
{
    if (!IsPostBack)
    {
        // insert the client side javascript into the page
        LitGoogleJS.Text = gr.GenPageCode();
    }
}

On the form submission function, you can call the validation using:

// create an empty string for any error messages
string errorMessage = string.Empty;
// validate the submission
ReCaptchaResponse returnval = gr.ValidateReCaptcha(ref errorMessage);
// is the ReCaptcha true or false
bool isValidCaptcha = returnval.Success;

To view the show the ReCaptcha score use:

returnval.Score

If there are any errors with the validation these will be returned in the errorMessage string.

The full form example and class can be downloaded from GitHub at https://github.com/briandorey/google-recaptcha-v3-c-sharp-example

Google Logos from https://commons.wikimedia.org/

Permalink


6 Comments


Brian

22 July 2019 at 8:43 am

You might want to reconsider helping Google to take over the web...
https://www.theregister.co.uk/2019/06/28/google_recaptcha_favoring_google/

Brian

22 July 2019 at 10:02 am

We are only changing the sites which our customers are requesting the conversion to version 3. Most are still using the older code or a bespoke validation system.

Rogerio Garulo

17 September 2019 at 7:10 pm

How to make a method in the .cs file to use the method grecaptcha.reset()?
I use this example on a login page, but I get the error "timeout-or-duplicate" when the user misses the login and will try to login again.

Brian

17 September 2019 at 7:23 pm

Rogerio, you would need to add the additional function after line 37 in the .cs file.

Rogerio Garulo

18 September 2019 at 11:47 am

Thank you Brian!
Could you help me with an example? I tried but I can't solve it!

Brian

18 September 2019 at 6:28 pm

Rogerio, I havent been able to get the reset to work and dont know how to make it work correctly.


Leave a comment