Message *

</div>

<button type="submit" disabled={status === 'submitting'}>
        {status === 'submitting' ? 'Sending...' : 'Send Message'}
      </button>
    </form>
  );
}
```

<Tip>
  Use different action names for different forms (e.g., `contact_form`, `newsletter_signup`, `login`) to track which forms are being targeted by bots in your reCAPTCHA admin console.
</Tip>

## Registration Form with Validation

A more complex example with client-side and server-side validation:

```jsx RegistrationForm.jsx theme={null}
import React, { useState, useCallback } from 'react';
import { useGoogleReCaptcha } from 'react-google-recaptcha-v3';

export function RegistrationForm() {
  const { executeRecaptcha } = useGoogleReCaptcha();
  const [formData, setFormData] = useState({
    username: '',
    email: '',
    password: '',
    confirmPassword: '',
  });
  const [errors, setErrors] = useState({});
  const [isSubmitting, setIsSubmitting] = useState(false);

// Client-side validation
  const validateForm = () => {
    const newErrors = {};

if (formData.username.length < 3) {
      newErrors.username = 'Username must be at least 3 characters';
    }

if (!/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(formData.email)) {
      newErrors.email = 'Please enter a valid email address';
    }

if (formData.password.length < 8) {
      newErrors.password = 'Password must be at least 8 characters';
    }

if (formData.password !== formData.confirmPassword) {
      newErrors.confirmPassword = 'Passwords do not match';
    }

return newErrors;
  };

const handleSubmit = useCallback(async (event) => {
    event.preventDefault();
    
    // Client-side validation
    const validationErrors = validateForm();
    if (Object.keys(validationErrors).length > 0) {
      setErrors(validationErrors);
      return;
    }

setIsSubmitting(true);
    setErrors({});

try {
      if (!executeRecaptcha) {
        throw new Error('reCAPTCHA not ready');
      }

// Get reCAPTCHA token
      const recaptchaToken = await executeRecaptcha('register');

// Submit registration
      const response = await fetch('/api/register', {
        method: 'POST',
        headers: {
          'Content-Type': 'application/json',
        },
        body: JSON.stringify({
          username: formData.username,
          email: formData.email,
          password: formData.password,
          recaptchaToken,
        }),
      });

const data = await response.json();

if (!response.ok) {
        // Handle server-side validation errors
        if (data.errors) {
          setErrors(data.errors);
        } else {
          throw new Error(data.message || 'Registration failed');
        }
        return;
      }

// Successful registration
      alert('Registration successful! Please check your email.');
      window.location.href = '/login';
    } catch (err) {
      setErrors({ submit: err.message });
    } finally {
      setIsSubmitting(false);
    }
  }, [formData, executeRecaptcha]);

return (
    <form onSubmit={handleSubmit} className="registration-form">
      <h2>Create an Account</h2>

{errors.submit && (
        <div className="error-alert">
          {errors.submit}
        </div>
      )}

<div className="form-group">
        <label htmlFor="username">Username *</label>
        <input
          id="username"
          name="username"
          type="text"
          value={formData.username}
          onChange={handleChange}
          required
          disabled={isSubmitting}
        />
        {errors.username && <span className="error">{errors.username}</span>}
      </div>

<div className="form-group">
        <label htmlFor="email">Email *</label>
        <input
          id="email"
          name="email"
          type="email"
          value={formData.email}
          onChange={handleChange}
          required
          disabled={isSubmitting}
        />
        {errors.email && <span className="error">{errors.email}</span>}
      </div>

<div className="form-group">
        <label htmlFor="password">Password *</label>
        <input
          id="password"
          name="password"
          type="password"
          value={formData.password}
          onChange={handleChange}
          required
          disabled={isSubmitting}
        />
        {errors.password && <span className="error">{errors.password}</span>}
      </div>

<div className="form-group">
        <label htmlFor="confirmPassword">Confirm Password *</label>
        <input
          id="confirmPassword"
          name="confirmPassword"
          type="password"
          value={formData.confirmPassword}
          onChange={handleChange}
          required
          disabled={isSubmitting}
        />
        {errors.confirmPassword && <span className="error">{errors.confirmPassword}</span>}
      </div>

<button type="submit" disabled={isSubmitting}>
        {isSubmitting ? 'Creating Account...' : 'Create Account'}
      </button>

<p className="recaptcha-notice">
        This site is protected by reCAPTCHA and the Google{' '}
        <a href="https://policies.google.com/privacy">Privacy Policy</a> and{' '}
        <a href="https://policies.google.com/terms">Terms of Service</a> apply.
      </p>
    </form>
  );
}
```

## TypeScript Support

For TypeScript users, here's a type-safe form example:

```tsx TypeScriptForm.tsx theme={null}
import React, { useState, useCallback, FormEvent, ChangeEvent } from 'react';
import { useGoogleReCaptcha } from 'react-google-recaptcha-v3';

interface FormData {
  email: string;
  message: string;
}

interface FormErrors {
  email?: string;
  message?: string;
  submit?: string;
}

export function TypeScriptForm() {
  const { executeRecaptcha } = useGoogleReCaptcha();
  const [formData, setFormData] = useState<FormData>({
    email: '',
    message: '',
  });
  const [errors, setErrors] = useState<FormErrors>({});
  const [isSubmitting, setIsSubmitting] = useState<boolean>(false);

const handleChange = (e: ChangeEvent<HTMLInputElement | HTMLTextAreaElement>) => {
    const { name, value } = e.target;
    setFormData(prev => ({ ...prev, [name]: value }));
  };

const handleSubmit = useCallback(async (event: FormEvent<HTMLFormElement>) => {
    event.preventDefault();
    setIsSubmitting(true);
    setErrors({});

try {
      if (!executeRecaptcha) {
        throw new Error('reCAPTCHA not available');
      }

const recaptchaToken = await executeRecaptcha('submit_form');

const response = await fetch('/api/submit', {
        method: 'POST',
        headers: {
          'Content-Type': 'application/json',
        },
        body: JSON.stringify({
          ...formData,
          recaptchaToken,
        }),
      });

if (!response.ok) {
        throw new Error('Submission failed');
      }

// Success handling
      alert('Form submitted successfully!');
    } catch (err) {
      setErrors({ submit: (err as Error).message });
    } finally {
      setIsSubmitting(false);
    }
  }, [formData, executeRecaptcha]);

return (
    <form onSubmit={handleSubmit}>
      {/* Form fields */}
    </form>
  );
}
```

<Note>
  Always perform server-side validation in addition to client-side validation. Never trust client-side data alone.
</Note>

## Best Practices

1. **Always verify on the backend**: Never rely solely on client-side verification
2. **Use meaningful action names**: This helps you analyze bot patterns in the reCAPTCHA dashboard
3. **Handle loading states**: Show appropriate UI feedback while reCAPTCHA is loading
4. **Set appropriate score thresholds**: Adjust based on your security needs (0.5 is a good starting point)
5. **Provide user feedback**: Let users know if their submission was flagged as suspicious
6. **Rate limiting**: Combine reCAPTCHA with rate limiting on your backend for additional security

## Next Steps

* Learn how to [Refresh reCAPTCHA Tokens](/examples/refresh-recaptcha)
* Explore [Provider Configuration](/api/google-recaptcha-provider)
* Check out [useGoogleReCaptcha API Reference](/api/use-google-recaptcha-hook)

Welcome Back

Thank you for your message!

Contact Us