blogs_captcha 0.0.1 → 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/blogs_captcha/version.rb +1 -1
- metadata +5 -8
- data/CHANGELOG.md +0 -234
- data/README.md +0 -164
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: df8a98734acf75acf749960e211fa8b874bd5396cb1b8c99a44c520e589a35fe
|
4
|
+
data.tar.gz: 84d378b299f1fa0fdf16944d50e865e49e7133b8f17df2267e0cb17397fc0e5d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5b23c3fd944a02c2a8aa2fb696121a6581b26d78cdb48352c1954dc2a05385eec6ce98782c5a2d8f1eb528eb6d96e6e92f9082e7516d824293bf2019635a2f84
|
7
|
+
data.tar.gz: 6178359ee970438eba06bc168d82ec8182e53472f20592a615228f3947c42ad1deb575ab638acac0d587a0e3af79716df2bbe8a277ecfe17a7f9aea985cf4b7f
|
metadata
CHANGED
@@ -1,10 +1,10 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: blogs_captcha
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
|
-
-
|
7
|
+
- ChinaHDJ
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
@@ -39,14 +39,12 @@ dependencies:
|
|
39
39
|
- !ruby/object:Gem::Version
|
40
40
|
version: '1'
|
41
41
|
description:
|
42
|
-
email:
|
42
|
+
email: 1035457356@qq.com
|
43
43
|
executables: []
|
44
44
|
extensions:
|
45
45
|
- ext/blogs_captcha/extconf.rb
|
46
46
|
extra_rdoc_files: []
|
47
47
|
files:
|
48
|
-
- CHANGELOG.md
|
49
|
-
- README.md
|
50
48
|
- app/controllers/blogs_captcha/captcha_controller.rb
|
51
49
|
- config/locales/rucaptcha.en.yml
|
52
50
|
- config/locales/rucaptcha.pt-BR.yml
|
@@ -65,7 +63,7 @@ files:
|
|
65
63
|
- lib/blogs_captcha/errors/configuration.rb
|
66
64
|
- lib/blogs_captcha/version.rb
|
67
65
|
- lib/blogs_captcha/view_helpers.rb
|
68
|
-
homepage:
|
66
|
+
homepage:
|
69
67
|
licenses:
|
70
68
|
- MIT
|
71
69
|
metadata: {}
|
@@ -88,6 +86,5 @@ rubyforge_project:
|
|
88
86
|
rubygems_version: 2.7.8
|
89
87
|
signing_key:
|
90
88
|
specification_version: 4
|
91
|
-
summary:
|
92
|
-
C code so it no dependencies.
|
89
|
+
summary: 这是一个验证码生成器。基于rucaptcha。本人只是将他的源码拉下来。为我的网站进行适配。因为我不使用sesion.id
|
93
90
|
test_files: []
|
data/CHANGELOG.md
DELETED
@@ -1,234 +0,0 @@
|
|
1
|
-
2.4.0
|
2
|
-
-------
|
3
|
-
|
4
|
-
- Add skip_cache_store_check configuration. (#63)
|
5
|
-
- Fix for generate captcha with relative path, not url. (#58)
|
6
|
-
|
7
|
-
2.3.2
|
8
|
-
-------
|
9
|
-
|
10
|
-
- Change Yellow and Green colors to Pink and Deep Purple to pass WCAG 2.0's contrast test. (#70)
|
11
|
-
|
12
|
-
2.3.1
|
13
|
-
-------
|
14
|
-
|
15
|
-
- Fix #67 a y chars will invalid error (only in 2.3.0).
|
16
|
-
|
17
|
-
2.3.0
|
18
|
-
-------
|
19
|
-
|
20
|
-
- Add `config.outline` for use outline style.
|
21
|
-
- Reduce colors down to 5 (red, blue, green, yellow and black).
|
22
|
-
|
23
|
-
2.2.0
|
24
|
-
-----
|
25
|
-
|
26
|
-
- Add option `config.length` for support change number chars. (#57)
|
27
|
-
- Add option `config.strikethrough` for enable or disable strikethrough. (#57)
|
28
|
-
|
29
|
-
2.1.3
|
30
|
-
-----
|
31
|
-
|
32
|
-
- Windows support fixed with `send_data` method. (#45)
|
33
|
-
|
34
|
-
2.1.2
|
35
|
-
-----
|
36
|
-
|
37
|
-
- Do not change captcha when `HEAD /rucaptcha`.
|
38
|
-
|
39
|
-
2.1.1
|
40
|
-
-----
|
41
|
-
|
42
|
-
- Mount engine use `prepend` method to get high priority in config/routes.rb.
|
43
|
-
|
44
|
-
2.1.0
|
45
|
-
-----
|
46
|
-
|
47
|
-
- Mount Router by default, not need config now.
|
48
|
-
|
49
|
-
> IMPORTANT: Wen you upgrade this version, you need remove `mount RuCaptcha::Engine` line from your `config/routes.rb`
|
50
|
-
- Default use [:file_store, 'tmp/cache/rucaptcha/session'] as RuCaptcha.config.cache_store, now it can work without any configurations.
|
51
|
-
|
52
|
-
> NOTE: But you still need care about `config.cache_store` to setup on a right way.
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
2.0.3
|
57
|
-
-----
|
58
|
-
|
59
|
-
- Use `ActiveSupport.on_load` to extend ActionController and ActionView.
|
60
|
-
|
61
|
-
2.0.1
|
62
|
-
-----
|
63
|
-
|
64
|
-
- Fix `/rucaptcha` path issue when `config.action_controller.asset_host` has setup with CDN url.
|
65
|
-
|
66
|
-
2.0.0
|
67
|
-
-----
|
68
|
-
|
69
|
-
*Break Changes!*
|
70
|
-
|
71
|
-
WARNING!: This version have so many break changes!
|
72
|
-
|
73
|
-
- Use C ext instead of ImageMagick, now it's no dependencies!
|
74
|
-
- New captcha style.
|
75
|
-
- Remove `len`, `font_size`, `cache_limit` config key, no support now.
|
76
|
-
- Output `GIF` format.
|
77
|
-
|
78
|
-
1.2.0
|
79
|
-
-----
|
80
|
-
|
81
|
-
- Add an `:keep_session` option for `verify_rucaptcha?` method to giva a way for let you keep session on verify, if true, RuCaptcha will not delete the captcha code session after validation.
|
82
|
-
|
83
|
-
1.1.4
|
84
|
-
-----
|
85
|
-
|
86
|
-
- Fix #35 just give a warning message if not setup a right cache_store, only raise on :null_store.
|
87
|
-
|
88
|
-
1.1.2
|
89
|
-
-----
|
90
|
-
|
91
|
-
- Fix #34 rucaptcha.root_url -> root_path, to avoid generate a http url in a https application.
|
92
|
-
- Fix spec to require Ruby 2.0.0, because there have a `Module#prepend` method called.
|
93
|
-
|
94
|
-
1.1.1
|
95
|
-
-----
|
96
|
-
|
97
|
-
- Remove inspect log on verify_rucaptcha
|
98
|
-
|
99
|
-
1.1.0
|
100
|
-
-----
|
101
|
-
|
102
|
-
- Add `cache_store` config key to setup a cache store location for RuCaptcha.
|
103
|
-
- Store captcha in custom cache store.
|
104
|
-
|
105
|
-
## Security Notes
|
106
|
-
|
107
|
-
- Fix Session replay secure issue that when Rails application use CookieStore.
|
108
|
-
|
109
|
-
1.0.0
|
110
|
-
-----
|
111
|
-
|
112
|
-
- Adjust to avoid lighter colors.
|
113
|
-
- Avoid continuous chars have same color.
|
114
|
-
- Use same color for each chars in :black_white mode.
|
115
|
-
|
116
|
-
0.5.1
|
117
|
-
-----
|
118
|
-
|
119
|
-
- Make sure it will render image when ImageMagick stderr have warning messages. (#26)
|
120
|
-
|
121
|
-
0.5.0
|
122
|
-
-----
|
123
|
-
|
124
|
-
- Fix cache with Rails 5.
|
125
|
-
|
126
|
-
0.4.5
|
127
|
-
-----
|
128
|
-
|
129
|
-
- Removed `posix-spawn` dependency, used open3 instead (core funciontality), JRuby compatible (#24)
|
130
|
-
|
131
|
-
0.4.4
|
132
|
-
-----
|
133
|
-
|
134
|
-
- Remove deprecated `width`, `height` config.
|
135
|
-
- Delete session key after verify (#23).
|
136
|
-
- Lighter text color, improve style.
|
137
|
-
|
138
|
-
0.4.2
|
139
|
-
-----
|
140
|
-
|
141
|
-
- Fix NoMethodError bug when params[:_rucaptha] is nil.
|
142
|
-
|
143
|
-
0.4.1
|
144
|
-
-----
|
145
|
-
|
146
|
-
- Add error message to resource when captcha code expired.
|
147
|
-
|
148
|
-
0.4.0
|
149
|
-
-----
|
150
|
-
|
151
|
-
- Add `config.colorize` option, to allow use black text theme.
|
152
|
-
|
153
|
-
0.3.3
|
154
|
-
-----
|
155
|
-
|
156
|
-
- Add `config.expires_in` to allow change captcha code expire time.
|
157
|
-
|
158
|
-
0.3.2.1
|
159
|
-
-------
|
160
|
-
|
161
|
-
- Add Windows development env support.
|
162
|
-
|
163
|
-
0.3.2
|
164
|
-
-----
|
165
|
-
|
166
|
-
- Make better render positions;
|
167
|
-
- Trim blank space.
|
168
|
-
|
169
|
-
0.3.1
|
170
|
-
-----
|
171
|
-
|
172
|
-
- More complex Image render: compact text, strong lines, +/-5 rotate...
|
173
|
-
- [DEPRECATION] config.width, config.height removed, use config.font_size.
|
174
|
-
- Fix the render position in difference font sizes.
|
175
|
-
- Fix input field type, and disable autocorrect, autocapitalize, and limit maxlength with char length;
|
176
|
-
|
177
|
-
0.2.5
|
178
|
-
-----
|
179
|
-
|
180
|
-
- Add `session[:_rucaptcha]` expire time, for protect Rails CookieSession Replay Attack.
|
181
|
-
- Captcha input field disable autocomplete, and set field type as `email` for shown correct keyboard on mobile view.
|
182
|
-
|
183
|
-
0.2.3
|
184
|
-
-----
|
185
|
-
|
186
|
-
- It will raise error when call ImageMagick failed.
|
187
|
-
|
188
|
-
0.2.2
|
189
|
-
-----
|
190
|
-
|
191
|
-
- Added locale for pt-BR language; @ramirovjr
|
192
|
-
|
193
|
-
0.2.1
|
194
|
-
-----
|
195
|
-
|
196
|
-
- Fix issue when cache dir not exist.
|
197
|
-
|
198
|
-
0.2.0
|
199
|
-
-----
|
200
|
-
|
201
|
-
- Added file cache, can setup how many images you want generate by `config.cache_limit`,
|
202
|
-
RuCaptcha will use cache for next requests.
|
203
|
-
When you restart Rails processes it will generate new again and clean the old caches.
|
204
|
-
|
205
|
-
0.1.4
|
206
|
-
-----
|
207
|
-
|
208
|
-
- Fix `verify_rucaptcha?` logic in somecase.
|
209
|
-
- Locales fixed.
|
210
|
-
|
211
|
-
0.1.3
|
212
|
-
-----
|
213
|
-
|
214
|
-
- `zh-TW` translate file fixed.
|
215
|
-
- Use xxx_url to fix bad captcha URL for `config.action_controller.asset_host` enabled case.
|
216
|
-
|
217
|
-
0.1.2
|
218
|
-
-----
|
219
|
-
|
220
|
-
- No case sensitive;
|
221
|
-
- Export config.implode;
|
222
|
-
- Improve image color and style;
|
223
|
-
- Don't generate chars in 'l,o,0,1'.
|
224
|
-
- Render lower case chars on image.
|
225
|
-
|
226
|
-
0.1.1
|
227
|
-
-----
|
228
|
-
|
229
|
-
- Include default validation I18n messages (en, zh-CN, zh-TW).
|
230
|
-
|
231
|
-
0.1.0
|
232
|
-
-----
|
233
|
-
|
234
|
-
- First release.
|
data/README.md
DELETED
@@ -1,164 +0,0 @@
|
|
1
|
-
# RuCaptcha
|
2
|
-
|
3
|
-
[![Gem Version](https://badge.fury.io/rb/rucaptcha.svg)](https://badge.fury.io/rb/rucaptcha)
|
4
|
-
[![Build Status](https://travis-ci.org/huacnlee/rucaptcha.svg)](https://travis-ci.org/huacnlee/rucaptcha)
|
5
|
-
|
6
|
-
This is a Captcha gem for Rails Applications which generates captcha image by C code.
|
7
|
-
|
8
|
-
[中文介绍和使用说明](https://ruby-china.org/topics/27832)
|
9
|
-
|
10
|
-
## Example
|
11
|
-
|
12
|
-
<img src="https://user-images.githubusercontent.com/5518/49985459-f8492f80-ffa6-11e8-9ef5-8f8f522e4707.png" width="579px" />
|
13
|
-
|
14
|
-
## Feature
|
15
|
-
|
16
|
-
- No dependencies. No ImageMagick. No RMagick;
|
17
|
-
- For Rails Application;
|
18
|
-
- Simple, Easy to use;
|
19
|
-
- High performance.
|
20
|
-
|
21
|
-
## Usage
|
22
|
-
|
23
|
-
Put rucaptcha in your `Gemfile`:
|
24
|
-
|
25
|
-
```
|
26
|
-
gem 'rucaptcha'
|
27
|
-
```
|
28
|
-
|
29
|
-
Create `config/initializers/rucaptcha.rb`
|
30
|
-
|
31
|
-
```rb
|
32
|
-
RuCaptcha.configure do
|
33
|
-
# Color style, default: :colorful, allows: [:colorful, :black_white]
|
34
|
-
# self.style = :colorful
|
35
|
-
# Custom captcha code expire time if you need, default: 2 minutes
|
36
|
-
# self.expires_in = 120
|
37
|
-
# [Requirement / 重要]
|
38
|
-
# Store Captcha code where, this config more like Rails config.cache_store
|
39
|
-
# default: Read config info from `Rails.application.config.cache_store`
|
40
|
-
# But RuCaptcha requirements cache_store not in [:null_store, :memory_store, :file_store]
|
41
|
-
# 默认:会从 Rails 配置的 cache_store 里面读取相同的配置信息,并尝试用可以运行的方式,用于存储验证码字符
|
42
|
-
# 但如果是 [:null_store, :memory_store, :file_store] 之类的,你可以通过下面的配置项单独给 RuCaptcha 配置 cache_store
|
43
|
-
self.cache_store = :mem_cache_store
|
44
|
-
# 如果想要 disable cache_store 的 warning,就设置为 true,default false
|
45
|
-
# self.skip_cache_store_check = true
|
46
|
-
# Chars length, default: 5, allows: [3 - 7]
|
47
|
-
# self.length = 5
|
48
|
-
# enable/disable Strikethrough.
|
49
|
-
# self.strikethrough = true
|
50
|
-
# enable/disable Outline style, for hard mode
|
51
|
-
# self.outline = false
|
52
|
-
end
|
53
|
-
```
|
54
|
-
|
55
|
-
RuCaptcha 没有使用 Rails Session 来存储验证码信息,因为 Rails 的默认 Session 是存储在 Cookie 里面,如果验证码存在里面会存在 [Replay attack](https://en.wikipedia.org/wiki/Replay_attack) 漏洞,导致验证码关卡被攻破。
|
56
|
-
|
57
|
-
所以我在设计上要求 RuCaptcha 得配置一个可以支持分布式的后端存储方案例如:Memcached 或 Redis 以及其他可以支持分布式的 cache_store 方案。
|
58
|
-
|
59
|
-
同时,为了保障易用性,默认会尝试使用 `:file_store` 的方式,将验证码存在应用程序的 `tmp/cache/rucaptcha/session` 目录(但请注意,多机器部署这样是无法正常运作的)。
|
60
|
-
|
61
|
-
所以,我建议大家使用的时候,配置上 `cache_store` (详见 [Rails Guides 缓存配置部分](https://ruby-china.github.io/rails-guides/caching_with_rails.html#%E9%85%8D%E7%BD%AE)的文档)到一个 Memcached 或 Redis,这才是最佳实践。
|
62
|
-
|
63
|
-
#
|
64
|
-
(RuCaptha do not use Rails Session to store captcha information. As the default session is stored in Cookie in Rails, there's a [Replay attack](https://en.wikipedia.org/wiki/Replay_attack) bug which may causes capthcha being destroyed if we store captcha in Rails Session.
|
65
|
-
|
66
|
-
So in my design I require RuCaptcha to configure a distributed backend storage scheme, such as Memcached, Redis or other cache_store schemes which support distribution.
|
67
|
-
|
68
|
-
Meanwhile, for the ease of use, RuCapthca would try to use `:file_store` by default and store the capthca in `tmp/cache/rucaptcha/session` directory (kindly note that it's not working if deploy on multiple machine).
|
69
|
-
|
70
|
-
For recommendation, configure the `cache_store`(more details on [Rails Guides Configuration of Cache Stores](http://guides.rubyonrails.org/caching_with_rails.html#configuration)) to Memcached or Redis, that would be the best practice.)
|
71
|
-
|
72
|
-
#
|
73
|
-
|
74
|
-
Controller `app/controller/account_controller.rb`
|
75
|
-
|
76
|
-
When you called `verify_rucaptcha?`, it uses value from `params[:_rucaptcha]` to validate.
|
77
|
-
|
78
|
-
```rb
|
79
|
-
class AccountController < ApplicationController
|
80
|
-
def create
|
81
|
-
@user = User.new(params[:user])
|
82
|
-
if verify_rucaptcha?(@user) && @user.save
|
83
|
-
redirect_to root_path, notice: 'Sign up successed.'
|
84
|
-
else
|
85
|
-
render 'account/new'
|
86
|
-
end
|
87
|
-
end
|
88
|
-
end
|
89
|
-
|
90
|
-
class ForgotPasswordController < ApplicationController
|
91
|
-
def create
|
92
|
-
# without any args
|
93
|
-
if verify_rucaptcha?
|
94
|
-
to_send_email
|
95
|
-
else
|
96
|
-
redirect_to '/forgot-password', alert: 'Invalid captcha code.'
|
97
|
-
end
|
98
|
-
end
|
99
|
-
end
|
100
|
-
```
|
101
|
-
|
102
|
-
> TIP: Sometimes you may need to keep last verified captcha code in session on `verify_rucaptcha?` method call, you can use `keep_session: true`. For example: `verify_rucaptcha? @user, keep_session: true`.
|
103
|
-
|
104
|
-
View `app/views/account/new.html.erb`
|
105
|
-
|
106
|
-
```erb
|
107
|
-
<form method="POST">
|
108
|
-
...
|
109
|
-
<div class="form-group">
|
110
|
-
<%= rucaptcha_input_tag(class: 'form-control', placeholder: 'Input Captcha') %>
|
111
|
-
<%= rucaptcha_image_tag(alt: 'Captcha') %>
|
112
|
-
</div>
|
113
|
-
...
|
114
|
-
|
115
|
-
<div class="form-group">
|
116
|
-
<button type="submit" class="btn btn-primary">Submit</button>
|
117
|
-
</div>
|
118
|
-
</form>
|
119
|
-
```
|
120
|
-
|
121
|
-
And if you are using [Devise](https://github.com/plataformatec/devise), you can read this reference to add validation: [RuCaptcha with Devise](https://github.com/huacnlee/rucaptcha/wiki/Working-with-Devise).
|
122
|
-
|
123
|
-
### Write your test skip captcha validation
|
124
|
-
|
125
|
-
for RSpec
|
126
|
-
|
127
|
-
```rb
|
128
|
-
describe 'sign up and login', type: :feature do
|
129
|
-
before do
|
130
|
-
allow_any_instance_of(ActionController::Base).to receive(:verify_rucaptcha?).and_return(true)
|
131
|
-
end
|
132
|
-
|
133
|
-
it { ... }
|
134
|
-
end
|
135
|
-
```
|
136
|
-
|
137
|
-
for MiniTest
|
138
|
-
|
139
|
-
```rb
|
140
|
-
class ActionDispatch::IntegrationTest
|
141
|
-
def sign_in(user)
|
142
|
-
ActionController::Base.any_instance.stubs(:verify_rucaptcha?).returns(true)
|
143
|
-
post user_session_path \
|
144
|
-
'user[email]' => user.email,
|
145
|
-
'user[password]' => user.password
|
146
|
-
end
|
147
|
-
end
|
148
|
-
```
|
149
|
-
|
150
|
-
### Invalid message without Devise
|
151
|
-
|
152
|
-
When you are using this gem without Devise, you may find out that the invalid message is missing.
|
153
|
-
For this case, use the trick below to add your i18n invalid message manually.
|
154
|
-
|
155
|
-
```rb
|
156
|
-
if verify_rucaptcha?(@user) && @user.save
|
157
|
-
do_whatever_you_want
|
158
|
-
redirect_to someplace_you_want
|
159
|
-
else
|
160
|
-
# this is the trick
|
161
|
-
@user.errors.add(:base, t('rucaptcha.invalid'))
|
162
|
-
render :new
|
163
|
-
end
|
164
|
-
```
|