With the development of Internet technology, graphical verification codes (CAPTCHA) are widely used in website login, registration, password retrieval and other places where user identity needs to be verified. It graphically displays some questions and answers, numbers, letters, etc. for users to judge, thereby preventing robots from registering and violently cracking passwords. This article will introduce how to implement image verification code using Node.js.
- Installation dependencies
There are many third-party modules in Node.js that can be used to generate graphical verification codes. This article will use the svg-captcha module , which can generate verification code images in SVG format. Execute the following command in the terminal to install it:
npm install svg-captcha
- Create a basic project structure
Create a app.js file in the working directory and public folder, public folder is used to store verification code images. The following is the directory structure:
- app.js
- public
- captcha.svgIn the app.js file, introduce the svg-captcha module and create an Express instance:
const express = require('express')
const svgCaptcha = require('svg-captcha')
const app = express()
// 其他代码- Create route
In order to implement the image verification code, you need to create a route to generate the verification code image. Create a route /captcha in the app.js file:
app.get('/captcha', (req, res) => {
const captcha = svgCaptcha.create()
res.type('svg')
res.status(200)
res.send(captcha.data)
})In this route, call the svgCaptcha.create() function Generate a random verification code string and corresponding SVG image, and then send it to the client.
- Add logic
In order for the generated verification code to match the verification code returned by the client, the generated verification code string needs to be saved in the session and Validation occurs when the client submits the form. Add the following logic in the route:
app.get('/captcha', (req, res) => {
const captcha = svgCaptcha.create()
req.session.captcha = captcha.text
res.type('svg')
res.status(200)
res.send(captcha.data)
})
app.post('/login', (req, res) => {
const { username, password, captcha } = req.body
const expectedCaptcha = req.session.captcha
if (expectedCaptcha === captcha) {
// 验证码正确,进行登录操作
} else {
// 验证码错误,返回错误提示
}
}) Save the generated verification code string in the session in the /captcha route, and then compare the verification code string with the one when the user submits the form The verification codes entered by the user are compared. If they are the same, it is judged that the verification is successful and subsequent operations are performed.
- Start the server
After completing the above steps, execute the following command to start the server:
node app.js
Then access http in the browser: //localhost:3000/captcha, you should be able to see the generated verification code image. Enter the verification code in the login form and submit the form for subsequent operations.
Summary
It is not difficult to implement image verification code using Node.js. It only requires a third-party module to complete. However, in order to improve the security of the verification code, you need to pay attention to the following points:
- The generated verification code string should be complex enough and try to contain uppercase and lowercase letters, numbers, and special characters.
- The validity period of the verification code should be limited, usually about 5 minutes, to prevent the attacker from saving the verification code and trying continuously during the validity period.
- Verification codes should be randomly generated to avoid prediction and copying.
- Session should be used to save the verification code string, and the verification code should not be stored directly in the client or server cache.
The above is the detailed content of Nodejs implements image verification code. For more information, please follow other related articles on the PHP Chinese website!
CSS IDs vs Classes: which is better for accessibility?May 10, 2025 am 12:02 AMClassesarebetterforaccessibilityinwebdevelopment.1)Classescanbeappliedtomultipleelements,ensuringconsistentstylesandbehaviors,whichaidsuserswithdisabilities.2)TheyfacilitatetheuseofARIAattributesacrossgroupsofelements,enhancinguserexperience.3)Classe
CSS: Understanding the Difference Between Class and ID SelectorsMay 09, 2025 pm 06:13 PMClassselectorsarereusableformultipleelements,whileIDselectorsareuniqueandusedonceperpage.1)Classes,denotedbyaperiod(.),areidealforstylingmultipleelementslikebuttons.2)IDs,denotedbyahash(#),areperfectforuniqueelementslikeanavigationmenu.3)IDshavehighe
CSS Styling: Choosing Between Class and ID SelectorsMay 09, 2025 pm 06:09 PMIn CSS style, the class selector or ID selector should be selected according to the project requirements: 1) The class selector is suitable for reuse and is suitable for the same style of multiple elements; 2) The ID selector is suitable for unique elements and has higher priority, but should be used with caution to avoid maintenance difficulties.
HTML5: LimitationsMay 09, 2025 pm 05:57 PMHTML5hasseverallimitationsincludinglackofsupportforadvancedgraphics,basicformvalidation,cross-browsercompatibilityissues,performanceimpacts,andsecurityconcerns.1)Forcomplexgraphics,HTML5'scanvasisinsufficient,requiringlibrarieslikeWebGLorThree.js.2)I
CSS: Is one style more priority than another?May 09, 2025 pm 05:33 PMYes,onestylecanhavemoreprioritythananotherinCSSduetospecificityandthecascade.1)Specificityactsasascoringsystemwheremorespecificselectorshavehigherpriority.2)Thecascadedeterminesstyleapplicationorder,withlaterrulesoverridingearlieronesofequalspecifici
What are the significant goals of the HTML5 specification?May 09, 2025 pm 05:25 PMThesignificantgoalsofHTML5aretoenhancemultimediasupport,ensurehumanreadability,maintainconsistencyacrossdevices,andensurebackwardcompatibility.1)HTML5improvesmultimediawithnativeelementslikeand.2)ItusessemanticelementsforbetterreadabilityandSEO.3)Its
What are the limitations of React?May 02, 2025 am 12:26 AMReact'slimitationsinclude:1)asteeplearningcurveduetoitsvastecosystem,2)SEOchallengeswithclient-siderendering,3)potentialperformanceissuesinlargeapplications,4)complexstatemanagementasappsgrow,and5)theneedtokeepupwithitsrapidevolution.Thesefactorsshou
React's Learning Curve: Challenges for New DevelopersMay 02, 2025 am 12:24 AMReactischallengingforbeginnersduetoitssteeplearningcurveandparadigmshifttocomponent-basedarchitecture.1)Startwithofficialdocumentationforasolidfoundation.2)UnderstandJSXandhowtoembedJavaScriptwithinit.3)Learntousefunctionalcomponentswithhooksforstate
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.
SublimeText3 Linux new version
SublimeText3 Linux latest version
SAP NetWeaver Server Adapter for Eclipse
Integrate Eclipse with SAP NetWeaver application server.
