tags:

views:

693

answers:

2
+1  Q: 

Rails Recaptcha plugin always returns false

I'm using the rails recaptcha plugin found here: http://github.com/ambethia/recaptcha/tree/master

I have signed up for an account on recaptcha.com, obtained a public & private key, and the site is configured with a global key (for now).

In config/environment.rb I setup the environment variables:

ENV['RECAPTCHA_PUBLIC_KEY'] = 'xxxxxxxxxxxxxxxx'
ENV['RECAPTCHA_PRIVATE_KEY'] = 'XXXXXXXXXXXXXXxx'

In my view I render the captcha like this:

<%= recaptcha_tags %>

And in my controller processing this form I have this:

unless verify_recaptcha #   <--  always returns false
    flash[:error] = "Your captcha entry was invalid"
    render :action=>'new'
    return
end

My problem is that verify_recaptcha always returns false.

I must be missing something simple, but I don't see it. And before I get a smart-alec reply, YES I'm typing the correct words into the captcha box :)

+2  A: 

I went in and looked at the recaptcha plugin. The pertinent part reads something like this:

recaptcha = Net::HTTP.post_form URI.parse("http://#{server}/verify"), {
            "privatekey" => private_key,
            "remoteip"   => request.remote_ip,
            "challenge"  => challenge,
            "response"   => response
          }

This takes the challenge and response and returns a response. When I tried it with a challenge and response I generated, I got "true\nsuccess". The following lines of code return false if:

answer, error = recaptcha.body.split.map { |s| s.chomp }
unless answer == "true"

Since I got back "true\nsuccess", answer will be "true", and the code should therefore pass.

Can you try sending the response directly using Net::HTTP and seeing what response you get?

Yehuda Katz  2009-07-03 06:23:33
Thanks for the tip, turns out I had fat fingered my private key!
Ben Scheirman  2009-07-03 20:08:29
+2  A: 

Just as a note, make sure you didn't accidentally switch around the public and private keys; they are different.

I can't tell if you're already handling the possibility that it is correct, in which case you would want to have something like this:

if verify_recaptcha
  @thing.save!
  redirect_to success_path
else
  flash[:error] = "There was an error with the recaptcha code below. Please re-enter the code and click submit." 
  render :action => 'new'
end

And remember to use:

<%= recaptcha_tags :ssl => true %>

If you are using SSL.

Jorge Israel Peña  2009-07-03 07:10:14
Thanks for the tips, got those areas covered.
Ben Scheirman  2009-07-03 15:56:57
Your answer prompted me to verify my keys, and turns out I had missed a trailing character from the private key. Thanks!
Ben Scheirman  2009-07-03 20:07:37

related questions

Is there a rake task for backing up the data in your database?
How to represent cross-model information in MVC?
WYSIWYG editor gem for Rails?
Best Solution For Authentication in Ruby on Rails
Acts-as-readable Rails plugin Issue
Associating source and search keywords with account creation
Any tips on getting Rails to run with an Access back-end?
Being as DRY as possible in a Ruby on Rails App
How Do You Secure database.yml?
What IDE to use for developing in Ruby on Rails on windows?
Is Ruby On Rails ready for the Enterprise?
OpenID authentication in Ruby on Rails
Why Doesn't My Cron Job Work Properly?
Why does sqlite3-ruby-1.2.2 not work on OS X?
Ruby mixins and calling super methods
Why all the Active Record hate?
Haml: how do I set a dymanic class value?
Learning Ruby on Rails any good for Grails?
How to sell Python to a client/boss/person with lots of cash
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
Ruby On Rails with Windows Vista - Best Setup?
What is good forum software to add to an existing Rails application?
How do I fix 'Unprocessed view path found' error with ExceptionNotifier plugin in rails 2.1?
Frequent SystemExit in Ruby when making HTTP calls
Implementation of "Remember me" in a Rails application.