rucaptcha 2.1.3 → 2.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 51c8a512c9e753bf74549211821f381dcbb97464
4
- data.tar.gz: c074c183fbeee85e221a05fd45398ffef44a573d
3
+ metadata.gz: 0740eff0acb8f6c4fb6b4da226b3abbcab71412c
4
+ data.tar.gz: 75b309cf315d5dd39b4d0f1692639ac86613258c
5
5
  SHA512:
6
- metadata.gz: 8997bfca05ece7d0fb5ec808000bcb6bd0d6a9f423e3a37cc464fe4c5bbeeec9d9b4a80f1bd3fdcd97446ae2b75acdd0b965843c6af6873ea3f11d5a6c0a30f6
7
- data.tar.gz: 93f67bb005cfd26835a27f3d5fc13ed3957dae4c609764bfc766bebe176959f355964fbc699a7fd597bc7aeaf23d9be93c7a25f05284b4aaf13b43a6f6e2aee0
6
+ metadata.gz: 33372cd726889909c636742cc61bc23ccb2e7c4f4e3b0a509fb05ace0867cfff0e486a4f2ea11b20491c173df28d161f63206ed380ba1efca29eb202fb25ab62
7
+ data.tar.gz: 679be16335e6740e7167b65e5b20a9c32c4e9386aceeb2cab57735a77919b1144230c02ffbc17e75c4911c56e0e65294ae9dbd57d4c5eb7cba75eb6736d9a2e9
@@ -1,3 +1,9 @@
1
+ 2.2.0
2
+ -----
3
+
4
+ - Add option `config.length` for support change number chars.
5
+ - Add option `config.strikethrough` for enable or disable strikethrough.
6
+
1
7
  2.1.3
2
8
  -----
3
9
 
data/README.md CHANGED
@@ -4,7 +4,7 @@
4
4
  [![Build Status](https://travis-ci.org/huacnlee/rucaptcha.svg)](https://travis-ci.org/huacnlee/rucaptcha)
5
5
  [![Code Climate](https://codeclimate.com/github/huacnlee/rucaptcha/badges/gpa.svg)](https://codeclimate.com/github/huacnlee/rucaptcha)
6
6
 
7
- This is a Captcha gem for Rails Applications. It drawing captcha image with C code.
7
+ This is a Captcha gem for Rails Applications which generates captcha image by C code.
8
8
 
9
9
  ## Example
10
10
 
@@ -14,7 +14,7 @@ This is a Captcha gem for Rails Applications. It drawing captcha image with C co
14
14
 
15
15
  ## Feature
16
16
 
17
- - No dependencies. No ImageMagick, No RMagick.
17
+ - No dependencies. No ImageMagick. No RMagick;
18
18
  - For Rails Application;
19
19
  - Simple, Easy to use;
20
20
  - High performance.
@@ -42,12 +42,35 @@ RuCaptcha.configure do
42
42
   # 默认:会从 Rails 配置的 cache_store 里面读取相同的配置信息,并尝试用可以运行的方式,用于存储验证码字符
43
43
   # 但如果是 [:null_store, :memory_store, :file_store] 之类的,你可以通过下面的配置项单独给 RuCaptcha 配置 cache_store
44
44
   self.cache_store = :mem_cache_store
45
+ # Chars length, default: 5, allows: [3 - 7]
46
+ # self.length = 5
47
+ # enable/disable Strikethrough.
48
+ # self.strikethrough = true
45
49
  end
46
50
  ```
47
51
 
52
+ RuCaptcha 没有使用 Rails Session 来存储验证码信息,因为 Rails 的默认 Session 是存储在 Cookie 里面,如果验证码存在里面会存在 [Replay attack](https://en.wikipedia.org/wiki/Replay_attack) 漏洞,导致验证码关卡被攻破。
53
+
54
+ 所以我在设计上要求 RuCaptcha 得配置一个可以支持分布式的后端存储方案例如:Memcached 或 Redis 以及其他可以支持分布式的 cache_store 方案。
55
+
56
+ 同时,为了保障易用性,默认会尝试使用 `:file_store` 的方式,将验证码存在应用程序的 `tmp/cache/rucaptcha/session` 目录(但请注意,多机器部署这样是无法正常运作的)。
57
+
58
+ 所以,我建议大家使用的时候,配置上 `cache_store` (详见 [Rails Guides 缓存配置部分](https://ruby-china.github.io/rails-guides/caching_with_rails.html#%E9%85%8D%E7%BD%AE)的文档)到一个 Memcached 或 Redis,这才是最佳实践。
59
+
60
+ #
61
+ (RuCaptha do not use Rails Session to store captcha information. As the default session is stored in Cookie in Rails, there's a [Replay attack](https://en.wikipedia.org/wiki/Replay_attack) bug which may causes capthcha being destroyed if we store captcha in Rails Session.
62
+
63
+ So in my design I require RuCaptcha to configure a distributed backend storage scheme, such as Memcached, Redis or other cache_store schemes which support distribution.
64
+
65
+ Meanwhile, for the ease of use, RuCapthca would try to use `:file_store` by default and store the capthca in `tmp/cache/rucaptcha/session` directory (kindly note that it's not working if deploy on multiple machine).
66
+
67
+ For recommendation, configure the `cache_store`(more details on [Rails Guides Configuration of Cache Stores](http://guides.rubyonrails.org/caching_with_rails.html#configuration)) to Memcached or Redis, that would be the best practice.)
68
+
69
+ #
70
+
48
71
  Controller `app/controller/account_controller.rb`
49
72
 
50
- When you called `verify_rucaptcha?`, it will uses value from `params[:_rucaptcha]` to validation.
73
+ When you called `verify_rucaptcha?`, it uses value from `params[:_rucaptcha]` to validate.
51
74
 
52
75
  ```rb
53
76
  class AccountController < ApplicationController
@@ -73,7 +96,7 @@ class ForgotPasswordController < ApplicationController
73
96
  end
74
97
  ```
75
98
 
76
- > TIP: Sometime you may need keep last verified captcha code in session on `verify_rucaptcha?` method call, you can use `keep_session: true`. For example: `verify_rucaptcha? @user, keep_session: true`.
99
+ > TIP: Sometimes you may need to keep last verified captcha code in session on `verify_rucaptcha?` method call, you can use `keep_session: true`. For example: `verify_rucaptcha? @user, keep_session: true`.
77
100
 
78
101
  View `app/views/account/new.html.erb`
79
102
 
@@ -92,7 +115,7 @@ View `app/views/account/new.html.erb`
92
115
  </form>
93
116
  ```
94
117
 
95
- And if you are use Devise, you can read this to add validation: [RuCaptcha with Devise](https://github.com/huacnlee/rucaptcha/wiki/Working-with-Devise).
118
+ And if you are using [Devise](https://github.com/plataformatec/devise), you can read this reference to add validation: [RuCaptcha with Devise](https://github.com/huacnlee/rucaptcha/wiki/Working-with-Devise).
96
119
 
97
120
  ### Write your test skip captcha validation
98
121
 
@@ -120,3 +143,19 @@ class ActionDispatch::IntegrationTest
120
143
  end
121
144
  end
122
145
  ```
146
+
147
+ ### Invalid message without Devise
148
+
149
+ When you are using this gem without Devise, you may find out that the invalid message is missing.
150
+ For this case, use the trick below to add your i18n invalid message manually.
151
+
152
+ ```rb
153
+ if verify_rucaptcha?(@user) && @user.save
154
+ do_whatever_you_want
155
+ redirect_to someplace_you_want
156
+ else
157
+ # this is the trick
158
+ @user.errors.add(:base, t('rucaptcha.invalid'))
159
+ render :new
160
+ end
161
+ ```
@@ -1,6 +1,6 @@
1
1
  // http://github.com/ITikhonov/captcha
2
2
  const int gifsize;
3
- void captcha(unsigned char im[70*200], unsigned char l[6]);
3
+ void captcha(unsigned char im[70*200], unsigned char l[8], int length, int i_line);
4
4
  void makegif(unsigned char im[70*200], unsigned char gif[gifsize], int style);
5
5
 
6
6
  #include <unistd.h>
@@ -152,18 +152,37 @@ static void filter(unsigned char im[70*200]) {
152
152
 
153
153
  static const char *letters="abcdafahijklmnopqrstuvwxyz";
154
154
 
155
- void captcha(unsigned char im[70*200], unsigned char l[6]) {
155
+ void captcha(unsigned char im[70*200], unsigned char l[8], int length, int i_line) {
156
156
  unsigned char swr[200];
157
157
  uint8_t s1,s2;
158
158
 
159
159
  int f=open("/dev/urandom",O_RDONLY);
160
160
  read(f,l,5); read(f,swr,200); read(f,dr,sizeof(dr)); read(f,&s1,1); read(f,&s2,1);
161
161
  close(f);
162
+ memset(im,0xff,200*70); s1=s1&0x7f; s2=s2&0x3f;
162
163
 
163
- memset(im,0xff,200*70); s1=s1&0x7f; s2=s2&0x3f; l[0]%=25; l[1]%=25; l[2]%=25; l[3]%=25; l[4]%=25; l[5]=0;
164
- int p=30; p=letter(l[0],p,im,swr,s1,s2); p=letter(l[1],p,im,swr,s1,s2); p=letter(l[2],p,im,swr,s1,s2); p=letter(l[3],p,im,swr,s1,s2); letter(l[4],p,im,swr,s1,s2);
165
- line(im,swr,s1); dots(im); // blur(im); // filter(im);
166
- l[0]=letters[l[0]]; l[1]=letters[l[1]]; l[2]=letters[l[2]]; l[3]=letters[l[3]]; l[4]=letters[l[4]];
164
+ int x;
165
+ for(x=0;x<length;x++){
166
+ l[x]%=25;
167
+ }
168
+ for(x=length;x<8;x++){
169
+ l[length]=0;
170
+ }
171
+ //l[0]%=25; l[1]%=25; l[2]%=25; l[3]%=25; l[4]=0; // l[4]%=25; l[5]=0;
172
+ int p=30;
173
+ for(x=0;x<length;x++){
174
+ p=letter(l[x],p,im,swr,s1,s2);
175
+ }
176
+ //p=letter(l[0],p,im,swr,s1,s2); p=letter(l[1],p,im,swr,s1,s2); p=letter(l[2],p,im,swr,s1,s2); p=letter(l[3],p,im,swr,s1,s2); //letter(l[4],p,im,swr,s1,s2);
177
+ if (i_line == 1) {
178
+ line(im,swr,s1);
179
+ }
180
+ dots(im); // blur(im); // filter(im);
181
+
182
+ for(x=0;x<length;x++){
183
+ l[x]=letters[l[x]];
184
+ }
185
+ //l[1]=letters[l[1]]; l[2]=letters[l[2]]; l[3]=letters[l[3]]; //l[4]=letters[l[4]];
167
186
  }
168
187
 
169
188
  // #ifdef CAPTCHA
@@ -188,20 +207,22 @@ VALUE RuCaptcha = Qnil;
188
207
 
189
208
  void Init_rucaptcha();
190
209
 
191
- VALUE create(VALUE self, VALUE style);
210
+ VALUE create(VALUE self, VALUE style, VALUE length, VALUE line);
192
211
 
193
212
  void Init_rucaptcha() {
194
213
  RuCaptcha = rb_define_module("RuCaptcha");
195
- rb_define_singleton_method(RuCaptcha, "create", create, 1);
214
+ rb_define_singleton_method(RuCaptcha, "create", create, 3);
196
215
  }
197
216
 
198
- VALUE create(VALUE self, VALUE style) {
199
- char l[6];
217
+ VALUE create(VALUE self, VALUE style, VALUE length, VALUE line) {
218
+ char l[8];
200
219
  unsigned char im[80*200];
201
220
  unsigned char gif[gifsize];
202
221
  int i_style = FIX2INT(style);
222
+ int i_length = FIX2INT(length);
223
+ int i_line = FIX2INT(line);
203
224
 
204
- captcha(im, l);
225
+ captcha(im, l, i_length, i_line);
205
226
  makegif(im, gif, i_style);
206
227
 
207
228
  VALUE result = rb_ary_new2(2);
@@ -211,4 +232,3 @@ VALUE create(VALUE self, VALUE style) {
211
232
  return result;
212
233
  }
213
234
 
214
-
@@ -8,14 +8,18 @@ require 'rucaptcha/controller_helpers'
8
8
  require 'rucaptcha/view_helpers'
9
9
  require 'rucaptcha/cache'
10
10
  require 'rucaptcha/engine'
11
+ require 'rucaptcha/errors/configuration'
11
12
 
12
13
  module RuCaptcha
13
14
  class << self
14
15
  def config
15
16
  return @config if defined?(@config)
16
17
  @config = Configuration.new
17
- @config.style = :colorful
18
- @config.expires_in = 2.minutes
18
+ @config.style = :colorful
19
+ @config.length = 5
20
+ @config.strikethrough = true
21
+ @config.expires_in = 2.minutes
22
+
19
23
  if Rails.application
20
24
  @config.cache_store = Rails.application.config.cache_store
21
25
  else
@@ -31,7 +35,14 @@ module RuCaptcha
31
35
 
32
36
  def generate()
33
37
  style = config.style == :colorful ? 1 : 0
34
- self.create(style)
38
+ length = config.length
39
+
40
+ unless length.in?(3..7)
41
+ raise Rucaptcha::Errors::Configuration, 'length config error, value must in 3..7'
42
+ end
43
+
44
+ strikethrough = config.strikethrough ? 1 : 0
45
+ self.create(style, length, strikethrough)
35
46
  end
36
47
 
37
48
  def check_cache_store!
@@ -47,7 +58,7 @@ module RuCaptcha
47
58
  But your current set is #{cache_store}, it has changed to :file_store for working.
48
59
  NOTE: :file_store is still not a good way, it only works with single server case.
49
60
 
50
- Please make config file `config/initializes/rucaptcha.rb` to setup `cache_store`.
61
+ Please make config file `config/initializers/rucaptcha.rb` to setup `cache_store`.
51
62
  More infomation please read GitHub RuCaptcha README file.
52
63
  https://github.com/huacnlee/rucaptcha
53
64
 
@@ -7,5 +7,9 @@ module RuCaptcha
7
7
  attr_accessor :expires_in
8
8
  # Color style, default: :colorful, allows: [:colorful, :black_white]
9
9
  attr_accessor :style
10
+ # Chars length: default 5, allows: [3..7]
11
+ attr_accessor :length
12
+ # strikethrough, default: true
13
+ attr_accessor :strikethrough
10
14
  end
11
15
  end
@@ -0,0 +1,5 @@
1
+ module Rucaptcha
2
+ module Errors
3
+ class Configuration < StandardError; end
4
+ end
5
+ end
@@ -1,3 +1,3 @@
1
1
  module RuCaptcha
2
- VERSION = '2.1.3'
2
+ VERSION = '2.2.0'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rucaptcha
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.3
4
+ version: 2.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jason Lee
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-03-22 00:00:00.000000000 Z
11
+ date: 2017-12-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: railties
@@ -62,6 +62,7 @@ files:
62
62
  - lib/rucaptcha/configuration.rb
63
63
  - lib/rucaptcha/controller_helpers.rb
64
64
  - lib/rucaptcha/engine.rb
65
+ - lib/rucaptcha/errors/configuration.rb
65
66
  - lib/rucaptcha/version.rb
66
67
  - lib/rucaptcha/view_helpers.rb
67
68
  homepage: https://github.com/huacnlee/rucaptcha
@@ -84,7 +85,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
84
85
  version: '0'
85
86
  requirements: []
86
87
  rubyforge_project:
87
- rubygems_version: 2.6.11
88
+ rubygems_version: 2.6.13
88
89
  signing_key:
89
90
  specification_version: 4
90
91
  summary: This is a Captcha gem for Rails Applications. It drawing captcha image with