docs: add warning

This commit is contained in:
Tiago
2025-06-11 17:20:14 +01:00
parent dfeef8ff78
commit 5c291254ac
2 changed files with 10 additions and 4 deletions
+6 -4
View File
@@ -40,7 +40,7 @@ Start by adding importing the Cap widget library from a CDN:
:::
::: warning
We're using the latest version of the library here for simplicity, but you should optimally pin a specific version to avoid breaking changes in the future.
You should optimally pin a specific version to avoid breaking changes instead of using @latest
:::
Next, add the `<cap-widget>` component to your HTML.
@@ -49,9 +49,7 @@ Next, add the `<cap-widget>` component to your HTML.
<cap-widget id="cap" data-cap-api-endpoint="<your cap endpoint>"></cap-widget>
```
::: info
You'll need to start a server with the Cap API running at the same URL as specified in the `data-cap-api-endpoint` attribute. In the server-side example we provided, it's set to `/api`, but you can change this by replacing every `app.post('/api/...', ...)` to `app.post('/<endpoint>/...', ...)`.
:::
You'll need to start a server with the Cap API running at the same URL as specified in the `data-cap-api-endpoint` attribute. In the server-side example we provided, it's set to `/api`, but you can change this by replacing every `app.post('/api/...', ...)` to `app.post('/<endpoint>/...', ...)`. We'll tell you how to set up the server in the next section.
Then, in your JavaScript, listen for the `solve` event to capture the token when generated:
@@ -245,6 +243,10 @@ app.listen(3000, () => {
:::
::: warning
These example codes don't have ratelimiting for simplicity. Make sure to add proper ratelimiting to your endpoints to prevent abuse.
:::
### Token validation
Once the token is generated and captured, you can use it later to validate the user's identity. You can do this by calling `await cap.validateToken` in your server-side code:
+4
View File
@@ -168,6 +168,10 @@ app.listen(3000, () => {
:::
::: warning
These example codes don't have ratelimiting for simplicity. Make sure to add proper ratelimiting to your endpoints to prevent abuse.
:::
Then, you can verify the CAPTCHA tokens on your server by calling the `await cap.validateToken("<token>")` method. Example:
```js