1.0.0 • Published 4 months ago

als-captcha v1.0.0

Weekly downloads
-
License
ISC
Repository
-
Last release
4 months ago

als-captcha

als-captcha is a Node.js library for generating and validating a simple yet effective captcha. It employs a combination of image recognition with noise and tilt, basic math problem solving, and several other strategies to differentiate between human users and bots.

Installation

To install als-captcha, use npm:

npm i als-captcha

Usage

Generating Captcha HTML

To generate a captcha, you need to create a route that returns HTML containing the captcha challenge. The als-captcha library provides an easy way to generate this HTML.

Example:

const { createCaptcha } = require('als-captcha');

app.get('/captcha', (req, res) => {
    const captchaHtml = createCaptcha({ includeAudio:true, maxAge:1000*60*10 })
    res.send(`<!DOCTYPE html>
<html lang="en">
<head>
   <title>HEllo</title>
</head>

<body>
    <form>
        ${captchaHtml}
    </form>
<body>
</html>
`);
});

Parameters:

  • includeAudio:(default:true) - if true, sends audio for listening problem to solve
  • maxAge:(default:10006010) - captcha life time (after this time, captcha outdated)

Validating Captcha

To validate the captcha, create a route where the captcha form is submitted. The als-captcha library provides a function to validate the captcha response.

Example:

const { checkCaptcha } = require('als-captcha');

app.post('/submit-captcha', (req, res) => {
    if (checkCaptcha(req.body)) {
        res.send("right");
    } else {
        res.send("wrong");
    }
});

Security Strategies

als-captcha uses multiple strategies to enhance security:

  • Image Recognition Challenge: A captcha image with noise, tilt, and bot-unfriendly font.
  • Math Problem Solving: A basic math problem that must be solved correctly, ensuring complete text recognition.
  • Hidden importantInfo Field: Remains empty and is used to detect bots that might fill it.
  • Bot Detection through onchange Event: If the onchange event does not trigger, the bot field retains its default value, indicating a bot.
  • Timestamp and Screen Dimension Check: Captures the time taken to complete the captcha and multiplies the screen's color depth with its width to generate a unique number, which helps in bot detection.
captchasecurityimage-captchaaudio-captchabot-detectionnodejsanti-botmath-captchaweb-security
als-uidcanvas
@everything-registry/sub-chunk-1122
1.0.0

4 months ago

0.1.1

2 years ago

0.1.0

2 years ago