1
0

captcha.go 6.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270
  1. // Copyright 2014 beego Author. All Rights Reserved.
  2. //
  3. // Licensed under the Apache License, Version 2.0 (the "License");
  4. // you may not use this file except in compliance with the License.
  5. // You may obtain a copy of the License at
  6. //
  7. // http://www.apache.org/licenses/LICENSE-2.0
  8. //
  9. // Unless required by applicable law or agreed to in writing, software
  10. // distributed under the License is distributed on an "AS IS" BASIS,
  11. // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  12. // See the License for the specific language governing permissions and
  13. // limitations under the License.
  14. // Package captcha implements generation and verification of image CAPTCHAs.
  15. // an example for use captcha
  16. //
  17. // ```
  18. // package controllers
  19. //
  20. // import (
  21. // "github.com/astaxie/beego"
  22. // "github.com/astaxie/beego/cache"
  23. // "github.com/astaxie/beego/utils/captcha"
  24. // )
  25. //
  26. // var cpt *captcha.Captcha
  27. //
  28. // func init() {
  29. // // use beego cache system store the captcha data
  30. // store := cache.NewMemoryCache()
  31. // cpt = captcha.NewWithFilter("/captcha/", store)
  32. // }
  33. //
  34. // type MainController struct {
  35. // beego.Controller
  36. // }
  37. //
  38. // func (this *MainController) Get() {
  39. // this.TplName = "index.tpl"
  40. // }
  41. //
  42. // func (this *MainController) Post() {
  43. // this.TplName = "index.tpl"
  44. //
  45. // this.Data["Success"] = cpt.VerifyReq(this.Ctx.Request)
  46. // }
  47. // ```
  48. //
  49. // template usage
  50. //
  51. // ```
  52. // {{.Success}}
  53. // <form action="/" method="post">
  54. // {{create_captcha}}
  55. // <input name="captcha" type="text">
  56. // </form>
  57. // ```
  58. package captcha
  59. import (
  60. "fmt"
  61. "html/template"
  62. "net/http"
  63. "path"
  64. "strings"
  65. "time"
  66. "github.com/astaxie/beego"
  67. "github.com/astaxie/beego/cache"
  68. "github.com/astaxie/beego/context"
  69. "github.com/astaxie/beego/logs"
  70. "github.com/astaxie/beego/utils"
  71. )
  72. var (
  73. defaultChars = []byte{0, 1, 2, 3, 4, 5, 6, 7, 8, 9}
  74. )
  75. const (
  76. // default captcha attributes
  77. challengeNums = 6
  78. expiration = 600 * time.Second
  79. fieldIDName = "captcha_id"
  80. fieldCaptchaName = "captcha"
  81. cachePrefix = "captcha_"
  82. defaultURLPrefix = "/captcha/"
  83. )
  84. // Captcha struct
  85. type Captcha struct {
  86. // beego cache store
  87. store cache.Cache
  88. // url prefix for captcha image
  89. URLPrefix string
  90. // specify captcha id input field name
  91. FieldIDName string
  92. // specify captcha result input field name
  93. FieldCaptchaName string
  94. // captcha image width and height
  95. StdWidth int
  96. StdHeight int
  97. // captcha chars nums
  98. ChallengeNums int
  99. // captcha expiration seconds
  100. Expiration time.Duration
  101. // cache key prefix
  102. CachePrefix string
  103. }
  104. // generate key string
  105. func (c *Captcha) key(id string) string {
  106. return c.CachePrefix + id
  107. }
  108. // generate rand chars with default chars
  109. func (c *Captcha) genRandChars() []byte {
  110. return utils.RandomCreateBytes(c.ChallengeNums, defaultChars...)
  111. }
  112. // Handler beego filter handler for serve captcha image
  113. func (c *Captcha) Handler(ctx *context.Context) {
  114. var chars []byte
  115. id := path.Base(ctx.Request.RequestURI)
  116. if i := strings.Index(id, "."); i != -1 {
  117. id = id[:i]
  118. }
  119. key := c.key(id)
  120. if len(ctx.Input.Query("reload")) > 0 {
  121. chars = c.genRandChars()
  122. if err := c.store.Put(key, chars, c.Expiration); err != nil {
  123. ctx.Output.SetStatus(500)
  124. ctx.WriteString("captcha reload error")
  125. logs.Error("Reload Create Captcha Error:", err)
  126. return
  127. }
  128. } else {
  129. if v, ok := c.store.Get(key).([]byte); ok {
  130. chars = v
  131. } else {
  132. ctx.Output.SetStatus(404)
  133. ctx.WriteString("captcha not found")
  134. return
  135. }
  136. }
  137. img := NewImage(chars, c.StdWidth, c.StdHeight)
  138. if _, err := img.WriteTo(ctx.ResponseWriter); err != nil {
  139. logs.Error("Write Captcha Image Error:", err)
  140. }
  141. }
  142. // CreateCaptchaHTML template func for output html
  143. func (c *Captcha) CreateCaptchaHTML() template.HTML {
  144. value, err := c.CreateCaptcha()
  145. if err != nil {
  146. logs.Error("Create Captcha Error:", err)
  147. return ""
  148. }
  149. // create html
  150. return template.HTML(fmt.Sprintf(`<input type="hidden" name="%s" value="%s">`+
  151. `<a class="captcha" href="javascript:">`+
  152. `<img onclick="this.src=('%s%s.png?reload='+(new Date()).getTime())" class="captcha-img" src="%s%s.png">`+
  153. `</a>`, c.FieldIDName, value, c.URLPrefix, value, c.URLPrefix, value))
  154. }
  155. // CreateCaptcha create a new captcha id
  156. func (c *Captcha) CreateCaptcha() (string, error) {
  157. // generate captcha id
  158. id := string(utils.RandomCreateBytes(15))
  159. // get the captcha chars
  160. chars := c.genRandChars()
  161. // save to store
  162. if err := c.store.Put(c.key(id), chars, c.Expiration); err != nil {
  163. return "", err
  164. }
  165. return id, nil
  166. }
  167. // VerifyReq verify from a request
  168. func (c *Captcha) VerifyReq(req *http.Request) bool {
  169. req.ParseForm()
  170. return c.Verify(req.Form.Get(c.FieldIDName), req.Form.Get(c.FieldCaptchaName))
  171. }
  172. // Verify direct verify id and challenge string
  173. func (c *Captcha) Verify(id string, challenge string) (success bool) {
  174. if len(challenge) == 0 || len(id) == 0 {
  175. return
  176. }
  177. var chars []byte
  178. key := c.key(id)
  179. if v, ok := c.store.Get(key).([]byte); ok {
  180. chars = v
  181. } else {
  182. return
  183. }
  184. defer func() {
  185. // finally remove it
  186. c.store.Delete(key)
  187. }()
  188. if len(chars) != len(challenge) {
  189. return
  190. }
  191. // verify challenge
  192. for i, c := range chars {
  193. if c != challenge[i]-48 {
  194. return
  195. }
  196. }
  197. return true
  198. }
  199. // NewCaptcha create a new captcha.Captcha
  200. func NewCaptcha(urlPrefix string, store cache.Cache) *Captcha {
  201. cpt := &Captcha{}
  202. cpt.store = store
  203. cpt.FieldIDName = fieldIDName
  204. cpt.FieldCaptchaName = fieldCaptchaName
  205. cpt.ChallengeNums = challengeNums
  206. cpt.Expiration = expiration
  207. cpt.CachePrefix = cachePrefix
  208. cpt.StdWidth = stdWidth
  209. cpt.StdHeight = stdHeight
  210. if len(urlPrefix) == 0 {
  211. urlPrefix = defaultURLPrefix
  212. }
  213. if urlPrefix[len(urlPrefix)-1] != '/' {
  214. urlPrefix += "/"
  215. }
  216. cpt.URLPrefix = urlPrefix
  217. return cpt
  218. }
  219. // NewWithFilter create a new captcha.Captcha and auto AddFilter for serve captacha image
  220. // and add a template func for output html
  221. func NewWithFilter(urlPrefix string, store cache.Cache) *Captcha {
  222. cpt := NewCaptcha(urlPrefix, store)
  223. // create filter for serve captcha image
  224. beego.InsertFilter(cpt.URLPrefix+"*", beego.BeforeRouter, cpt.Handler)
  225. // add to template func map
  226. beego.AddFuncMap("create_captcha", cpt.CreateCaptchaHTML)
  227. return cpt
  228. }