justcaptcha/README.md

3.2 KiB

justcaptcha

A simple CAPTCHA service implementation.

Service usage

justcaptchad -expiry 10m -listen /var/run/justcaptcha/sock

-expiry takes time for CAPTCHA to be valid for in format X{s,m,h}.

-listen is ip:port or /path/to/unix.sock to listen on.

Service HTTP API

Errors

All error codes are returned with an error message in text/plain.

Create a new CAPTCHA

POST /

It will return an ID of a new CAPTCHA in text/plain.

HTTP codes

  • 201 if created (always being created)

Get an image for a CAPTCHA

GET /:captcha_id/image?style=

Responds with an image in JPEG format (image/jpeg).

An optional URL parameter style= set a name of a CAPTCHA style if it is supported by CAPTCHA implementation. E.g. style=dark.

HTTP codes

  • 200 if exists
  • 404 if doesn't exist
  • 500 if for some reason an image wasn't created

Submit an answer

POST /:captcha_id

Accepts application/x-www-form-urlencoded content type.

It takes one parameter answer=123456.

Responds with an empty body and one of the HTTP codes.

HTTP codes

  • 202 if solved
  • 403 if not solved

Check if captcha is solved

GET /:captcha_id?remove

Responds with an empty body and one of the HTTP codes.

If an optional remove parameter without a value supplied CAPTCHA will be removed without checking and a HTTP code 204 will be sent. Otherwise, a 403 HTTP code will be sent if it is not solved.

A remove parameter was added because browsers will print an error in a console if HTTP code is not within 2xx, so to keep a console clean you can provide this parameter.

This can be useful to remove an unused CAPTCHA from a DB without waiting for it to be expired. E.g. when a visitor requests for a new CAPTCHA or leaving a page.

HTTP codes

  • 204 if solved
  • 403 if not solved

Example of interaction

First a client makes a POST request with empty body to create a new CAPTCHA and obtains an ID for it.

POST /

As a result we get an ID n60f2K9JiD5c4qX9MYe90A54nT0nnJrtgfhAjfaWtBg.

Then a client requests an image for a new CAPTCHA. E.g. with a dark style.

GET /n60f2K9JiD5c4qX9MYe90A54nT0nnJrtgfhAjfaWtBg/image?style=dark

Then a client submits an answer for a CAPTCHA.

POST 'answer=198807' /n60f2K9JiD5c4qX9MYe90A54nT0nnJrtgfhAjfaWtBg

And if answer was correct a client gets a HTTP code 202. Or 403 otherwise.

Then a server checks if CAPTCHA was solved with following request.

GET /n60f2K9JiD5c4qX9MYe90A54nT0nnJrtgfhAjfaWtBg

Library usage

A simple example using built-in dwelling CAPTCHA implementation.

Create a new CAPTCHA:

c := dwcaptcha.NewDwellingCaptcha(expiry)
_, id := inmemdb.New(someAdditionalDataUsedInIDGenerationUsuallyIPAddr, c)

Get an image for a CAPTCHA:

i := inmemdb.Image(captchaID, captchaStyle)
if i == nil {
    ... // do something if there was no image returned
}

jpeg.Encode(w, *i, &jpeg.Options{Quality: 20})

Solve a CAPTCHA:

if ok := inmemdb.Solve(captchaID, answer); !ok {
    ... // not solved
}
// solved
...

Check is CAPTCHA was solved:

if ok := inmemdb.IsSolved(captchaID); !ok {
    ... // not solved
}
// solved
...