Captcha

Verify captcha tokens before protected endpoints.

This page documents the current Ruby port behavior. Ruby uses snake_case option names and auth.api method names; HTTP paths and JSON keys keep the upstream wire shape where implemented.

Configure

config/auth.rb
require "better_auth"

auth = BetterAuth.auth(
  secret: ENV.fetch("BETTER_AUTH_SECRET"),
  base_url: ENV.fetch("BETTER_AUTH_URL", "http://localhost:3000"),
  plugins: [
    BetterAuth::Plugins.captcha(provider: "cloudflare-turnstile", secret_key: ENV.fetch("CAPTCHA_SECRET"), endpoints: ["/sign-up/email"])
  ]
)

Usage

server.rb
# This plugin hooks into existing auth flows and does not add public endpoints.
# Use the normal sign-up, sign-in, or password routes after configuring it.

Routes

This plugin does not add public routes.

Options

Current Ruby options accepted by BetterAuth::Plugins.captcha:

  • endpoints
  • secret_key
  • provider
  • site_verify_url_override
  • site_key
  • min_score
  • verifier

Support Notes

  • The examples above are based on Ruby plugin source and tests in packages/better_auth.
  • If an upstream section is not represented here, treat it as not yet documented or not yet supported by the Ruby port until the matching Ruby implementation exists.
Edit on GitHub

Previous Page

Device Authorization

Next Page

Have I Been Pwned

On this page