App level Recaptcha V2 support

[mike12345567]

Description

Implements support for for Recaptcha V2 on apps - if an app has this enabled then it cannot be accessed unless the user has been through the recaptcha flow. This protects the complete app rather than protecting individual forms similar to how Stack overflow works.

There is two new settings inputs, one for configuring your recaptcha keys and one to enable recaptcha on the app that you'd like to protect (its not enabled for every app globally).

There is a new screen within the client that will be brought up if this is enabled, the user has an enterprise license and they do not have recaptcha verification. The verification takes the form of a cookie which will expire after a period of time.

Pro PR to add the license features: https://github.com/Budibase/budibase-pro/pull/446

Screenshots

Button to disable/enable Recaptcha support in the app level settings:

This has a lock icon and no options if the user is not on the enterprise license.

If recaptcha token is not found:

Once accepted user is sent onto the app itself. This will expire after 30 minutes and they will be returned to this screen to re-validate.

Recaptcha settings menu globally

[Copilot]

Pull Request Overview

This PR implements Recaptcha V2 support at the application level, providing protection for entire apps rather than individual forms. When enabled, users must complete a recaptcha challenge before accessing any part of the protected application. The implementation includes enterprise licensing checks, global configuration management, session-based verification, and comprehensive middleware integration.

• Adds new configuration types and validation for Recaptcha settings
• Implements session-based verification using Redis with 30-minute expiration
• Integrates recaptcha middleware across all protected API routes

Reviewed Changes

Copilot reviewed 57 out of 57 changed files in this pull request and generated 8 comments.

Show a summary per file

File	Description
packages/types/src/documents/global/config.ts	Adds RecaptchaConfig interface and type definitions
packages/worker/src/api/controllers/global/configs.ts	Implements Recaptcha configuration processing with license validation
packages/server/src/middleware/recaptcha.ts	Core middleware for checking recaptcha verification status
packages/server/src/utilities/redis.ts	Redis session management for recaptcha verification
packages/server/src/api/controllers/recaptcha.ts	Handles recaptcha verification and session checking
packages/client/src/components/RecaptchaV2.svelte	Frontend recaptcha verification component
packages/builder/src/pages/builder/portal/settings/recaptcha.svelte	Admin configuration interface