27Mar
Am I supposed to granularly configure recaptcha in all places of a webapp?
I am trying to understand how to properly configure things like Google RecaptchaV3.
I have configured it manually for just one of tens of the views in my webapp so it sends a token to backend and backend sends a request to google to verify it and then performs the requested action to the client or sends an error like "You seem to be a bot".
I know I am the only one who is responsible for the security of the webapp. So, is this supposed to include this logic into every single action on the client side I want to protect from bots and the same for backend endpoints?