npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

node-recaptcha-v3

v1.0.35

Published

A Node.js library for verifying Google reCAPTCHA v3 tokens in your applications.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

voduchuy2001voduchuy2001

Keywords

Google-reCAPTCHA-v3reCAPTCHAreCAPTCHA v3nodejsexpressbackend

Readme

node-recaptcha-v3

A powerful and easy-to-use Node.js library for Google reCAPTCHA v3 verification, designed to protect your web applications from spam and abuse.

npm version Build license

Features

  • Simple and intuitive API
  • Secure token verification
  • Express.js middleware support
  • Configurable score thresholds
  • TypeScript support
  • Flexible token handling (headers or body)

Check out our complete example here

Table of Contents

Installation

npm install node-recaptcha-v3

Quick Start

1. Server-side Setup

import express from 'express'
import ReCaptchaV3 from 'node-recaptcha-v3'

const app = express()
app.use(express.json())

// Initialize reCAPTCHA with your secret key
const reCaptcha = new ReCaptchaV3({ secretKey: 'YOUR_SECRET_KEY' })

// Add verification middleware to your routes
app.post('/api/submit', reCaptcha.verify(0.5), (req, res) => {
  // Access the verification score
  const score = req.reCaptchaV3Score
  console.log(`reCAPTCHA score: ${score}`)

  res.json({
    success: true,
    score,
    message: 'Verification successful!'
  })
})

2. Client-side Integration

<!-- Add reCAPTCHA script to your HTML -->
<script src="https://www.google.com/recaptcha/api.js?render=YOUR_SITE_KEY"></script>

<script>
  async function handleSubmit(event) {
    event.preventDefault()

    try {
      // Execute reCAPTCHA when user submits form
      const token = await grecaptcha.execute('YOUR_SITE_KEY', {
        action: 'submit'
      })

      // Send to your server
      const response = await fetch('/api/submit', {
        method: 'POST',
        headers: {
          'Content-Type': 'application/json',
          'recaptcha-v3-token': token // Via header
        },
        body: JSON.stringify({
          reCaptchaV3Token: token // Or via body
          // ... other form data
        })
      })

      const result = await response.json()
      console.log('Verification result:', result)
    } catch (error) {
      console.error('Verification failed:', error)
    }
  }
</script>

Configuration

ReCaptchaV3 Options

interface ReCaptchaV3Configuration {
  secretKey: string
  statusCode?: number
  message?: string
  threshold?: number
  apiEndPoint?: string
}

Middleware Configuration

// Basic usage with default threshold (0.5)
app.post('/api/basic', reCaptcha.verify(), handler)

// Custom threshold
app.post('/api/strict', reCaptcha.verify(0.7), handler)

// Custom error handling
app.post(
  '/api/custom',
  reCaptcha.verify(0.5),
  (err, req, res, next) => {
    if (err.name === 'ReCaptchaError') {
      return res.status(400).json({ error: err.message })
    }
    next(err)
  },
  handler
)

API Reference

ReCaptchaV3 Class

class ReCaptchaV3 {
  constructor(config: ReCaptchaV3Config)
  verify(threshold?: number): RequestHandler
}

Best Practices

  1. Score Thresholds

    • Use higher thresholds (0.7+) for sensitive actions
    • Use lower thresholds (0.3-0.5) for less critical actions

  2. Security

    • Keep your secret key secure
    • Use environment variables
    • Implement rate limiting
    • Use HTTPS

  3. Error Handling

    • Always handle verification failures gracefully
    • Provide clear user feedback
    • Log suspicious activities

Frequently Asked Questions

How do scores work?

reCAPTCHA v3 returns a score (1.0 is very likely a good interaction, 0.0 is very likely a bot):

  • 1.0 - 0.8: Very likely human
  • 0.8 - 0.5: Probably human
  • 0.5 - 0.3: Suspicious
  • 0.3 - 0.0: Likely bot

Why use node-recaptcha-v3?

  • Simple integration
  • Type safety with TypeScript
  • Express.js middleware
  • Customizable configuration
  • Active maintenance
  • Comprehensive documentation

Contributing

Contributions are welcome! Please feel free to submit a Pull Request. For major changes, please open an issue first to discuss what you would like to change.

  1. Fork the Project
  2. Create your Feature Branch (git checkout -b feature/AmazingFeature)
  3. Commit your Changes (git commit -m 'Add some AmazingFeature')
  4. Push to the Branch (git push origin feature/AmazingFeature)
  5. Open a Pull Request

License

This project is licensed under the MIT License. See the LICENSE file for details.

Support

  • Create an issue on GitHub
  • Contact the maintainer: vdhuyme

Acknowledgments

  • Thanks to all contributors who have helped with code, bug reports, and suggestions