CODEWITHSUNDEEP
node.jssvgcaptcha
Myloo Tran
Myloo Tran

Reputation: 45

Verify captcha use svg-captcha npm

I am using svg-captcha library (link npm), however I can't find a way to validate captcha sent from user to server.

Now I can use it to generate captcha and return the client. Here is my code:

app.get('/captcha', function (req, res) {
    var captcha = svgCaptcha.create();
    req.session.captcha = captcha.text;
    
    res.type('svg');
    res.status(200).send(captcha.data);
});

I use node.js

Thanks very much

Upvotes: 0

Views: 1322

Answers (2)

Devendra Dewangan
Devendra Dewangan

Reputation: 1

This is my code for generating captcha in backend nodejs

exports.getCaptcha = (req, res) => {
    try {
        var captcha = svgCaptcha.create();
        session.captcha = captcha.text;
        return res.status(200).json({ captcha: captcha.data});
    } catch (error) {
        console.error('Error generating captcha:', error);
        return res.status(500).json({ error: 'Failed to generate captcha' });
    }
} 

exports.signin = async (req, res) => {
    try {
            const { username, password } = req.body;
            const captchaInput = req.body.captcha;
            if(captchaInput !== session.captcha)
            {
                return res.status(422).json({
                    error:"Captcha validation failed",
                })
            }
            const user = await User.findOne({where: {username:username,status:1} }); 


            if (!user) {
                return res.status(400).json({
                    error: "Username does not exist"
                });
            } else {
            
                const passwordMatch = await bcrypt.compare(password, user.encry_password);
                if (!passwordMatch) {
                    return res.status(422).json({
                        error: "Username and password do not match"
                    });
                } else {
                    const token = jwt.sign({ id: user.id }, process.env.SECRET_KEY);
                    res.cookie("token", token, { expires: new Date(Date.now() + 999) });

                
                    const { id, name, username, email, mobile_no, role } = user;
                    return res.status(200).json({
                        token,
                        result: { id, name, username, email, mobile_no, role },
                    });
                } 
        }
    } catch (err) {
        res.status(500).json({
            error: "something went wrong "+err,
        });
    }
};

Upvotes: 0

dinhit
dinhit

Reputation: 680

Maybe I'm late here but you can create a unique id for the captcha, then save that uid and captcha text on your server, and send the captcha uid with captcha data on response. So from there users can send request including the captcha text solved from client and the captcha uid in their requests. Then you can just compare it with the stored captcha. Here is what users receive when they get the captcha:

{
    "key": "some kind of uid",
    "content": "<svg your catpcha data></svg>"
}

And here is what they send back:

{
    "ckey": "the captcha uid they received",
    "cvalue": "value of the captcha they solve",
    "some_params": "some values"
}

Upvotes: 1

Related Questions