This bundle provides authentication based on the response from Cloudflare Turnstile.
MIT License
This bundle provides authentication based on the response from Cloudflare Turnstile.
./config/packages/cf_turnstile_authenticator.yaml
file:cf_turnstile_authenticator:
secret_key: '%env(string:CF_TURNSTILE_AUTHENTICATOR_SECRET_KEY)%'
CF_TURNSTILE_AUTHENTICATOR_SECRET_KEY
environment variable to the .env
file with a dummy secret key
CF_TURNSTILE_AUTHENTICATOR_SECRET_KEY
environment variable to the .env.local
file with the secret key from Cloudflare Turnstile
composer require nuvola/cloudflare-turnstile-authenticator-bundle
./config/bundles.php
file:<?php
// ...
Nuvola\CloudflareTurnstileAuthenticatorBundle\CloudflareTurnstileAuthenticatorBundle::class => ['all' => true],
// ...
./config/packages/security.yaml
file:security:
# ...
firewalls:
# ...
# adjust the name and pattern to your application!
public:
pattern: ^/api/public/
stateless: true
custom_authenticators:
- Nuvola\CloudflareTurnstileAuthenticatorBundle\Security\CloudflareTurnstileAuthenticator
# ...
access_control:
- { path: ^/api/public/, roles: IS_AUTHENTICATED_FULLY }
# ...
After adding this configuration, only authenticated by response token from the Cloudflare Turnstile will be passed.
curl -H "x-cf-turnstile-response: $RESPONSE" https://api.nuvola.pl/api/public/users/7ff847d9-a2e0-4f93-9c00-b59ecd51a766