Project

rails_cloudflare_turnstile

0.04
There's a lot of open issues
A long-lived project that still receives updates
rails_cloudflare_turnstileinstrumentl/rails-cloudflare-turnstileHomepageDocumentationSource CodeBug Tracker
Rails extension for Cloudflare's Turnstile CAPTCHA alternative. This gem should work with Rails 6.x, 7.x, 8.x and with Faraday 1.x and 2.x.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
 Popularity
Downloads
226,220
Stars
57
Forks
29
Watchers
3
 Releases
Current version
0.4.3
Total releases
15
First release
1980-01-02
Latest release
2025-04-11
 Issues
Open Issues
9
Closed Issues
9
Total Issues
18
Issue Closure Rate
50%
 Pull Requests
Open Pull Requests
5
Closed Pull Requests
51
Merged Pull Requests
161
Pull Request Acceptance Rate
74%
 Development
Primary Language
Ruby
Licenses
ISC
Average date of last 50 commits
2025-01-27
Reverse Dependencies
0

 Dependencies

Runtime

faraday
>= 1.0, < 3.0
rails
>= 6.0, < 8.2
 Project Readme

RailsCloudflareTurnstile

This is a Rails plugin adding support for Cloudflare Turnstile. It works with Rails 6+, and Ruby 3.x.

CI Gem Version

Usage

Installation

Add this line to your application's Gemfile:

gem 'rails_cloudflare_turnstile'

And then execute:

$ bundle

Or install it yourself as:

$ gem install rails_cloudflare_turnstile

Next, configure it by creating a config/initializers/cloudflare_turnstile.rb with contents like the following:

RailsCloudflareTurnstile.configure do |c|
  c.site_key = "XXXXXX"
  c.secret_key = "XXXXXXXX"
  c.fail_open = true
end

To totally disable Turnstile, you can set c.enabled = false and all other config values are ignored.

To use Turnstile for a view:

  1. Call cloudflare_turnstile_script_tag in your layout
  2. Call cloudflare_turnstile in your form View. Keyword arguments are passed to the tag helper (for example, to set the tabindex option, you could use cloudflare_turnstile(data: {tabindex: 0}))
  3. Call validate_cloudflare_turnstile as a before_action in your controller.

If the challenge fails, the exception RailsCloudflareTurnstile::Forbidden will be raised; you should handle this with a rescue_from block.

By default, in development and test mode, a special mock view will be inserted if real credentials are not present. To disable this, set the mock_enabled property of the configuration to false.

License

The gem is available as open source under the terms of the ISC License.