reCAPTCHA 㨠Firebase ã§ã¦ã§ã ã³ã³ãã³ããä¸æ£ä½¿ç¨ããå®ã
2017å¹´9æ7æ¥æ¨ææ¥
ã¦ã§ããµã¤ã ã¨ã³ã¸ãã¢ã¯、ãµã¤ããã¹ãã ããããã«ããä¸æ£ä½¿ç¨ããå®ãã¤ã¤、人éã«ããæ£è¦ã®å©ç¨ã許å¯ããããã«、ãã®ãããªãã¨ãè¡ã£ã¦ãã¾ã。ã§ã¯、ãªããã®ãããªä¿è·ãå¿ è¦ãªã®ã§ãããã。æéãä¿å容éã®é¢ã§é«ä¾¡ãªããã¯ã¨ã³ã ã³ã¼ãããã、å®éã®ã¦ã§ãã¦ã¼ã¶ã¼ã®ã¿ã«ããã¢ã¯ã»ã¹ãã¦ã»ãããªããªã©ã®å¯è½æ§ãèãããã¾ã。
ã¦ã§ããµã¤ãããæã¡ã®çããã¯、ãµã¼ãã¹ãä¿è·ããããã« reCAPTCHA ã使ããã¨ãã§ãã¾ã。ã¾ã、Firebase Hosting ã使ã£ã¦ãµã¤ããæ§ç¯ãã¦ããå ´å、Cloud Functions for Firebase ãå©ç¨ããã°、ç°¡åã« reCAPTCHA ãçµã¿è¾¼ãã§å®å ¨ã§æ¡å¼µå¯è½ãª reCAPTCHA æ¤è¨¼ããã¯ã¨ã³ããæä¾ã§ãã¾ã。
ãã®è¨äºã§ã¯、æ°ã¹ãããã§å®äºããåºæ¬çãªçµã¿è¾¼ã¿æ¹æ³ãç´¹ä»ãã¾ã。å¾ã§ãã®æ¹æ³ãæ¡å¼µãã¦、çããã®ãµã¤ãã« reCAPTCHA ãçµã¿è¾¼ãã§ããã ããã¨ãå¯è½ã§ã。ãã®ãã¥ã¼ããªã¢ã«ã§ã¯、ãã§ã«ã¦ã§ãéçºã Firebase Console、Firebase CLI ã«ã¤ãã¦、ããããã®çµé¨ããããã¨ãåæã¨ãã¦ãã¾ã。
1. ã³ã³ã½ã¼ã«ã§ Firebase ããã¸ã§ã¯ããä½æãã
Firebase ã³ã³ã½ã¼ã«ãéã、æ°ããããã¸ã§ã¯ããä½æãã¾ã。ãã®ããã¸ã§ã¯ãã«ã¯、課éã¯å¿ è¦ããã¾ãã。å®é¨ã¯ãã¹ã¦ã¯ã¬ã¸ãã ã«ã¼ããç»é²ããã«è¡ããã¨ãã§ãã¾ã。ããã¸ã§ã¯ããä½æããã、ã³ã³ã½ã¼ã«ã§è¡ããã¨ã¯ããããã¾ãã。2. ããã¸ã§ã¯ãã®ã³ã¼ããæ ¼ç´ãããã£ã¬ã¯ããªãè¨å®ãã
Firebase CLI ãã、ããã¸ã§ã¯ããä½æããã¨ãã«å©ç¨ãã Google ã¢ã«ã¦ã³ãã«ãã°ã¤ã³ãã¾ã。$ firebase login
次ã«、ããã¸ã§ã¯ãã®ã«ã¼ã ãã£ã¬ã¯ããªãä½æã、åæåãã¾ã。
$ mkdir my_project $ cd my_project $ firebase init
firebase init ãå®è¡ããã¨ãã¯、hosting 㨠functions ã®ä¸¡æ¹ãé¸æãã¾ã。ããã¸ã§ã¯ããé¸ã¶ããå°ããããã、å
ã»ã©ä½æããããã¸ã§ã¯ããé¸æãã¾ã。ãã®ä»ã®ããã³ããã§ã¯、ãã¹ã¦ããã©ã«ããé¸ã³ã¾ã。æçµçã«、ã¦ã§ã ã³ã³ãã³ãç¨ã® public ãã©ã«ãã¨、ããã¯ã¨ã³ã ã³ã¼ãç¨ã® functions ãã©ã«ããå«ããã£ã¬ã¯ããªæ§é ãã§ããããã¾ã。 次ã«、Cloud Functions ããã¯ã¨ã³ã㧠reCAPTCHA ã®æ¤è¨¼ã«ä½¿ç¨ããããã¤ãã®ã¢ã¸ã¥ã¼ã«ã npm ã使ã£ã¦ã¤ã³ã¹ãã¼ã«ãã¾ã。reCAPTCHA API ã§ã¯、ããã¯ã¨ã³ãããæ¤è¨¼ããããã« HTTP ãªã¯ã¨ã¹ããä½æããå¿ è¦ãããã¾ã。ããã«ã¯、 request ã¢ã¸ã¥ã¼ã«ã¨ request-promise ã¢ã¸ã¥ã¼ã«ã使ç¨ãã¾ã。次ã®ããã«ãã¦、ãããã®ã¢ã¸ã¥ã¼ã«ãã¤ã³ã¹ãã¼ã«ãã¾ã。
$ cd functions $ npm install request request-promise
package.json ãã¡ã¤ã«ã«ã¯、firebase-functions 㨠firebase-admin ã«å ãã¦、ä¸è¨ã® 2 ã¤ã®ã¢ã¸ã¥ã¼ã«ãæ°ãã追å ããã¾ã。 3. ã¦ã§ã ãããã¤ã¡ã³ãããã¹ããã
次ã®ããã«、deploy ã³ãã³ããå®è¡ã、ã¦ã§ã ã³ã³ãã³ãããããã¤ã§ãããã¨ã確èªãã¾ã。$ firebase deploy --only hosting
ã³ãã³ããçµäºããã¨、æ°ããã¦ã§ããµã¤ãã®ãããªã㯠URL ã表示ããã¾ã。ããã¯、次ã®ãããªå½¢å¼ã«ãªã£ã¦ãã¾ã。
✔ Deploy complete! Project Console: https://console.firebase.google.com/project/your-project/overview Hosting URL: https://your-project.firebaseapp.com
your-project ã¯、ã³ã³ã½ã¼ã«ããããã¸ã§ã¯ããä½æããã¨ãã«å²ãå½ã¦ãããåºæã® ID ã§ã。Hosting ã® URL ããã©ã¦ã¶ã«è²¼ãä»ããã¨、「Firebase Hosting Setup Complete」ã¨ãããã¼ã¸ã表示ãããã¯ãã§ã。 4. reCAPTCHA API ãã¼ãåå¾ãã
reCAPTCHA ãåä½ãããã«ã¯、2 ã¤ã® API ãã¼ãå¿ è¦ã«ãªãã¾ã。1 ã¤ã¯ã¦ã§ã ã¯ã©ã¤ã¢ã³ãç¨、ãã 1 ã¤ã¯ãµã¼ãã¼ API ç¨ã§ã。ãããã¯、reCAPTCHA 管çããã«ããåå¾ã§ãããã、ãã®ãã¼ã¸ã«ç§»åãã¾ã。æ°ãããµã¤ããä½ã£ã¦ååãä»ã、[reCAPTCHA V2] ãé¸æãã¾ã。ãã¡ã¤ã³æ¬ã«ã¯、Firebase Hosting ã®å®å ¨ãªãµã¤ãå(ä¾: 「your-project.firebaseapp.com」)ãå ¥åãã¾ã。
ç»é²ãå®äºããã、Site ã㼠㨠Secret ãã¼ãå ¥æã§ãã¾ã。Site ãã¼ã¯ããã³ãã¨ã³ã HTML ã«ä½¿ç¨ã、Secret ãã¼ã¯ Cloud Functions ã«ãã¹ãããããã¯ã¨ã³ãã§ä½¿ç¨ãã¾ã。
5. reCAPTCHA ãã¼ã¸ã追å ãã
次ã«、reCAPTCHA ã表示ããæ°ãã HTML ãã¼ã¸ã追å ãã¾ã。ããã¸ã§ã¯ãã®public ãã£ã¬ã¯ããªã«、recaptcha.html ã¨ããåå㧠reCAPTCHA ã表示ããæ°ãã HTML ãã¡ã¤ã«ã追å ãã¾ã。æ°ãããã¡ã¤ã«ã«ã¯、次ã®å
容ãç´æ¥ã³ãã¼ãã¦è²¼ãä»ãã¦ãã ãã。<html>
<head>
<title>Firebase + reCAPTCHA</title>
<script src="https://www.google.com/recaptcha/api.js" async defer></script>
<script type="text/javascript">
function dataCallback(response) {
console.log("dataCallback", response)
window.location.href = "/checkRecaptcha?response=" + encodeURIComponent(response)
}
function dataExpiredCallback() {
console.log("dataExpiredCallback")
}
</script>
</head>
<body>
<div class="g-recaptcha"
data-sitekey="PASTE_YOUR_SITE_KEY_HERE"
data-callback="dataCallback"
data-expired-callback="dataExpiredCallback"/>
</body>
</html>
body ã®ä¸ã«「g-recaptcha」ã¯ã©ã¹ã® div ãããã¾ã。ããã§æåã«è¡ãå¿ è¦ãããã®ã¯、reCAPTCHA ã® Site ãã¼ã div ã® data-sitekey å±æ§ã®å¤ã«ã³ãã¼ãããã¨ã§ã。ä¸é¨ã«ããæåã®ã¹ã¯ãªãããèªã¿è¾¼ã¾ããã¨、ãã® div ã¯èªåçã« reCAPTCHA ã® UI ã«å¤æããã¾ã。詳ããã¯、ãã¡ãã®ããã¥ã¡ã³ããã覧ãã ãã。
ãã 1 度
firebase deploy ãå®è¡ãã¦ãã、Hosting ã® URL ã®「/recaptcha.html」ã«ç§»åããã¨、ããã«ç¢ºèªã§ãã¾ã。ããã、ã¾ã reCAPTCHA ã使ã£ã¦ã¯ããã¾ãã。æ¤è¨¼ã§ããããã«ããã«ã¯、ããã¯ã¨ã³ãã®ã³ã¼ããå¿
è¦ã§ã。 ãã®ãã¼ã¸ã® JavaScript ã³ã¼ãã§ã¯、
dataCallback 㨠dataExpiredCallback ã¨ãã 2 ã¤ã®é¢æ°ãå®ç¾©ããã¦ãã¾ã。ãã® 2 ã¤ã®é¢æ°ã¯、reCAPTCHA ãæåããå ´åã¨、ã¦ã¼ã¶ã¼ãä¸å®æéå
ã«æåããããã¨ãã§ããªãã£ãå ´åã®ã³ã¼ã«ããã¯ã«ãªã£ã¦ãã、div ããåç
§ããã¦ãã¾ã。 éè¦ãªã®ã¯、
dataCallback ã§ãã©ã¦ã¶ã /checkRecaptcha ã¨ãããã¹ã®å¥ã® URL ã«ãªãã¤ã¬ã¯ãã、response ã¨ããååã§ãã©ã¡ã¼ã¿ã渡ãã¦ããç¹ã§ã。ãã®æåå㯠reCAPTCHA ãçæãããã®ã§、ã©ã³ãã ãªæååã®ããã«è¦ãã¾ã。 ã¦ã§ããµã¤ãã«ã¯
/checkRecaptcha ã¨ãããã¹ã¯ã¾ã åå¨ãã¾ãã。ããã§、reCAPTCHA ããã®ã¬ã¹ãã³ã¹æååã Cloud Function ã使ã£ã¦æ¤è¨¼ããããã«ãã¾ã。 6. reCAPTCHA ã®ã¬ã¹ãã³ã¹ãæ¤è¨¼ãã Cloud Function ãä½ã
ããã¸ã§ã¯ãã® functions ãã£ã¬ã¯ããªã«ãã index.js ãã¡ã¤ã«ãç·¨éãã¾ã。ãã®ãã¡ã¤ã«ã«ã¯、ããã¤ãã®ãµã³ãã«ã³ã¼ããæ¸ããã¦ãã¾ãã、ããã¯åé¤ãã¦æ§ãã¾ãã。ãã®å ´æã«、次㮠JavaScript ã³ã¼ããè²¼ãä»ãã¾ã。const functions = require('firebase-functions')
const rp = require('request-promise')
exports.checkRecaptcha = functions.https.onRequest((req, res) => {
const response = req.query.response
console.log("recaptcha response", response)
rp({
uri: 'https://recaptcha.google.com/recaptcha/api/siteverify',
method: 'POST',
formData: {
secret: 'PASTE_YOUR_SECRET_CODE_HERE',
response: response
},
json: true
}).then(result => {
console.log("recaptcha result", result)
if (result.success) {
res.send("You're good to go, human.")
}
else {
res.send("Recaptcha verification failed. Are you a robot?")
}
}).catch(reason => {
console.log("Recaptcha request failure", reason)
res.send("Recaptcha request failed.")
})
})
ããã§æåã«è¡ãå¿ è¦ãããã®ã¯、ç»é²ãµã¤ãã§åå¾ãã reCAPTCHA ã® Secret ãã¼ã「PASTE_YOUR_SECRET_CODE_HERE」ã¨æ¸ãããå ´æã«è²¼ãä»ãããã¨ã§ã。
(éãèªè ã®çããã¯、ããã¥ã¡ã³ãã«ã¯ reCAPTCHA API ã¨ã³ããã¤ã³ãã®ãã¹ãã、「www.google.com」ã¨æ¸ããã¦ããã«ãããããã、ããã§ã¯「recaptcha.google.com」ã«ãªã£ã¦ãããã¨ã«æ°ã¥ãããããã¾ãã。ããã¯åé¡ããã¾ãã。Spark ãã©ã³ã§ãã®å¼ã³åºããè¡ãããã«ã¯、ããã«è¨è¼ããããã«、recaptcha.google.com ã使ãå¿ è¦ãããã¾ã。ãã®ãã¹ãã¯、Cloud Functions ããã®å¤é¨ãã©ãã£ãã¯ã®å®å ã¨ãã¦ãã¯ã¤ããªã¹ãã«ç»é²ããã¦ãã¾ã)
ãã®ã³ã¼ãã¯、HTTPS é¢æ°ãå®ç¾©ãã¦ãã¾ã。ãããããªã¬ã¼ãããã¨、ã¯ã¨ãªæååã¨ãã¦åä¿¡ããã¬ã¹ãã³ã¹ãæ¤è¨¼ããããã«、reCAPTCHA API ã¸ã®å¥ã® HTTPS ãªã¯ã¨ã¹ã(request-promise ã¢ã¸ã¥ã¼ã«ã使ç¨ãã¦ãã¾ã)ãä½æããã¾ã。3 éãã®ã±ã¼ã¹ããã、ããã«å¿ãã¦ã¯ã©ã¤ã¢ã³ãã« 3 éãã®ã¬ã¹ãã³ã¹ãè¿ããããã¨ã«æ³¨æãã¦ãã ãã。å ·ä½çã«ã¯、以ä¸ã®ããããã«ãªãã¾ã。
- reCAPTCHA ã®æ¤è¨¼ãæåãã(ã¦ã¼ã¶ã¼ã¯äººéã§ãã)
- reCAPTCHA ã失æãã(ããããã®å¯è½æ§ããã)
- API ã®å¼ã³åºãã失æãã
éè¦ã«ãªãã®ã¯、 ãã¹ã¦ã®ã±ã¼ã¹ã§ã¯ã©ã¤ã¢ã³ãã«ã¬ã¹ãã³ã¹ãéãè¿ããã¨ã§ã。ããããªãã¨、Function ã¯ã¿ã¤ã ã¢ã¦ãã、Firebase Console ã®ãã°ã«ã¨ã©ã¼ ã¡ãã»ã¼ã¸ãåºåããã¾ã。
次ã®ã³ãã³ããå®è¡ãã¦、ãã®æ°ããé¢æ°ããããã¤ãã¾ã(åæã«、ã¦ã§ã ã³ã³ãã³ãããããã¤ããã¾ã)。
$ firebase deploy
åºåãã、é¢æ°ã URL ã«å²ãå½ã¦ããããã¨ããããã¾ã。ããã¯、次ã®ãã㪠URL ã«ãªãã¾ã。
https://us-central1-your-project.cloudfunctions.net/checkRecaptcha
ããã«è¡¨ç¤ºããã¦ãããã¹ãã¯、ã¦ã§ã ã³ã³ãã³ããæ ¼ç´ããã¦ãããã¹ãã¨ã¯æããã«ç°ãªãã¾ã。ããã§å®éã«ããããã®ã¯、次ã®ãã㪠URL ã§、ã使ãã®ã¦ã§ããã¹ããæå®ãã¦é¢æ°ãåç §ãããã¨ã§ã。
https://your-project.firebaseapp.com/checkRecaptcha
ãããã§ããã°、é¢æ°ãã¦ã§ããµã¤ãã®ä¸é¨ã§ããããã«è¦ãã¾ã。Firebase Hosting 㨠Cloud Functions ãå©ç¨ããã¨、ãããå®ç¾ã§ãã¾ã。
7. Hosting ã® URL ã Cloud Function ã«ãããã³ã°ããããã®ãªã©ã¤ãã追å ãã
ããã¸ã§ã¯ãã®ã«ã¼ã ãã£ã¬ã¯ããªã«ããfirebase.json ãã¡ã¤ã«ãç·¨éã、ãã®å
容ã«æ¬¡ã® JSON è¨å®ãè²¼ãä»ãã¾ã。{
"hosting": {
"public": "public",
"rewrites": [
{
"source": "/checkRecaptcha",
"function": "checkRecaptcha"
}
]
}
}
詳ããã¯ããã¥ã¡ã³ããã覧ããã ãã¨ãã¦、ããã§ã¯、ãªã©ã¤ãç¨ã®ã»ã¯ã·ã§ã³ãæ°ãã追å ãã¦ãã¾ã。å ·ä½çã«ã¯、URL ãã¹
/checkRecaptcha ã«ã¢ã¯ã»ã¹ããéã«、å
ã»ã© functions/index.js ãã¡ã¤ã«ã«è²¼ãä»ãã checkRecaptcha é¢æ°ãå¼ã³åºãããããã«ãã¦ãã¾ã。 recaptcha.html ã® JavaScript ã³ã¼ãã§、ã¦ã¼ã¶ã¼ã reCAPTCHA ãééããéã¯、ãã®ãã¹ã«ãªãã¤ã¬ã¯ãããããã«ãããã¨ãæãåºãã¦ãã ãã。ãã®ãã、reCAPTCHA ã®å¦çãçµããã¦ã¼ã¶ã¼ã¯、å®è³ªçã«ãã®é¢æ°ã«éããããã¨ã«ãªãã¾ã。 æå¾ã«ãã 1 度ãããã¤ãè¡ã、ãã¹ã¦ã®ãã¡ã¤ã«ã Firebase ã«éä¿¡ãã¾ã。
$ firebase deploy
8. reCAPTCHA ããã¹ããã
Hosting ã® URL ã®/recaptcha.html ã«ç§»åã、reCAPTCHA ãééãã¦ã¿ã¾ããã。ãã¨ãã°、ä½æãã®åçã表示ãã、è»ãéãå¤å¥ãããã¨ãæ±ãããã¾ã。人éã¨ãã¦ãµããããæä½ãè¡ã£ã¦ reCAPTCHA ãééããã¨、HTML å
ã® JavaScript ã«ãã£ã¦é¢æ°ã«ãªãã¤ã¬ã¯ãããã¾ã。ãã®é¢æ°ã¯、ãµã¼ãã¼ã使ã£ã¦æ¬å½ã«äººéã«ããæä½ã§ããããæ¤è¨¼ã、ãã®çµæ、「You're good to go, human.」ã¨ããã¡ãã»ã¼ã¸ã表示ããã¾ã。ããã§ç´¹ä»ãã Cloud Functions for Firebase 㧠reCAPTCHA ã使ããµã³ãã«ã¯、ããããå®éã®ã¦ã§ããµã¤ãã§å©ç¨ãããã®ãã、ããªãã·ã³ãã«ã«ãªã£ã¦ãã¾ã。reCAPTCHA ã®ã¬ã¹ãã³ã¹ãé¢æ°ã«éãæ¹æ³ã¯ããã¤ããã、å½ç¶ãªãã、çããã¯ã¦ã¼ã¶ã¼ã«ã¡ãã»ã¼ã¸ã表示ããããããã£ã¨å½¹ç«ã¤ãã¨ããããã¨æãã§ããã。ããããã®ä¾ã¯、ã¦ã§ã ã³ã³ãã³ãããããã«ããä¸æ£ä½¿ç¨ããä¿è·ããæåã®ä¸æ©ã«ãªãã¯ãã§ã。
Reviewed by Eiji Kitamura - Developer Relations Team
