Skip to content

devlop/speedtrap

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
config
config
 
 
resources/views/components
resources/views/components
 
 
src
src
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 
composer.json
composer.json
 
 

Repository files navigation

Latest Stable Version License

Speedtrap

Simple speedtrap honeypot made for Laravel FormRequest that detects spam bots by measuring the time it took to submit the form.

Installation

composer require devlop/speedtrap

If you wish to change any of the speedtrap configuration options (such as the default threshold of 5 seconds or component name) you can publish the config, but this is usually not needed.

php artisan vendor:publish --provider="Devlop\Speedtrap\SpeedtrapServiceProvider"

Usage

First, add the WithSpeedtrap trait to your FormRequest.

namespace App\Http\Requests;

use Devlop\Speedtrap\WithSpeedtrap;
use Illuminate\Foundation\Http\FormRequest;

class DemoRequest extends FormRequest
{
    use WithSpeedtrap;

Next you need to add the speedtrap to your form.

<form method="POST" action="/">
    <x-speedtrap />

    ... all your other form contents
</form>

Optionally you can add a message to show when the speedtrap was triggered, this only works when using automatic validation.

<form method="POST" action="/">
    <x-speedtrap>
        <p>Slow down there muchacho!</p>
    </x-speedtrap>

    ... all your other form contents
</form>

Lastly, you need to configure the validation, it can either be automatic or manual.

Automatic validation

Add the speedtrap rules to your rules configuration, this will make it redirect back to the form when triggered, as any other form validation error.

    /**
     * Get the validation rules that apply to the request.
     *
     * @return array
     */
    public function rules() : array
    {
        return $this->withSpeedtrapRules([
            // your normal rules goes here
        ]);
    }

Optionally you can also register the rules like this

    /**
     * Get the validation rules that apply to the request.
     *
     * @return array
     */
    public function rules() : array
    {
        return [
            // your normal rules goes here,
            $this->getSpeedtrapInputName() => $this->speedtrapRules(),
        ];
    }

Manual validation

If you are doing the validation manually you have more control of how you handle spammers, maybe you want to silently ignore it and give the spammer the impression of success? it's all up to you.

namespace App\Http\Controllers;

use App\Requests\DemoRequest;
use Illuminate\Http\Request;

class DemoController
{
    public function store(DemoRequest $request)
    {
        // get the speedtrap
        $speedtrap = $request->speedtrap();

        if ($speedtrap->triggered()) {
            // do something when the speedtrap was triggered
        }
    }
}

About

Simple speedtrap honeypot made for Laravel FormRequest

Topics

laravel validation spam-detection

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 5

v1.2.2 - Updated readme Latest
Mar 5, 2021
+ 4 releases

Languages