1.0.0 • Published 4 months ago
als-captcha v1.0.0
als-captcha
als-captcha
is a Node.js library for generating and validating a simple yet effective captcha. It employs a combination of image recognition with noise and tilt, basic math problem solving, and several other strategies to differentiate between human users and bots.
Installation
To install als-captcha
, use npm:
npm i als-captcha
Usage
Generating Captcha HTML
To generate a captcha, you need to create a route that returns HTML containing the captcha challenge. The als-captcha
library provides an easy way to generate this HTML.
Example:
const { createCaptcha } = require('als-captcha');
app.get('/captcha', (req, res) => {
const captchaHtml = createCaptcha({ includeAudio:true, maxAge:1000*60*10 })
res.send(`<!DOCTYPE html>
<html lang="en">
<head>
<title>HEllo</title>
</head>
<body>
<form>
${captchaHtml}
</form>
<body>
</html>
`);
});
Parameters:
includeAudio
:(default:true) - if true, sends audio for listening problem to solvemaxAge
:(default:10006010) - captcha life time (after this time, captcha outdated)
Validating Captcha
To validate the captcha, create a route where the captcha form is submitted. The als-captcha
library provides a function to validate the captcha response.
Example:
const { checkCaptcha } = require('als-captcha');
app.post('/submit-captcha', (req, res) => {
if (checkCaptcha(req.body)) {
res.send("right");
} else {
res.send("wrong");
}
});
Security Strategies
als-captcha
uses multiple strategies to enhance security:
- Image Recognition Challenge: A captcha image with noise, tilt, and bot-unfriendly font.
- Math Problem Solving: A basic math problem that must be solved correctly, ensuring complete text recognition.
- Hidden
importantInfo
Field: Remains empty and is used to detect bots that might fill it. - Bot Detection through
onchange
Event: If theonchange
event does not trigger, thebot
field retains its default value, indicating a bot. - Timestamp and Screen Dimension Check: Captures the time taken to complete the captcha and multiplies the screen's color depth with its width to generate a unique number, which helps in bot detection.