This is a Captcha gem for Rails Applications. It runs an ImageMagick command to draw Captcha image - so it has NO performance issues or memory leak issues. There is NO: RMagick
Idea by: https://ruby-china.org/topics/20558#reply4
- Only need
ImageMagick
, NoRMagick
, Nomini_magick
; - For Rails Application;
- Simple, Easy to use;
- File Caching for performance.
- ImageMagick 6.9+
sudo apt-get install imagemagick ghostscript
brew install imagemagick ghostscript
Security Notice!
You need change your application Session store from CookieStore
(Rails default) to backend store location
for avoid Session Replay Attacks security issue.
config/initializers/session_store.rb
Rails.application.config.session_store :redis_session_store, { ... }
Put rucaptcha in your Gemfile
:
gem 'rucaptcha'
Create config/initializers/rucaptcha.rb
RuCaptcha.configure do
# Number of chars, default: 4
self.len = 4
# Image font size, default: 45
self.font_size = 45
# Cache generated images in file store, this is config files limit, default: 100
# set 0 to disable file cache.
self.cache_limit = 100
# Custom captcha code expire time if you need, default: 2 minutes
# self.expires_in = 120
# Color style, default: :colorful, allows: [:colorful, :black_white]
# self.style = :colorful
end
Edit config/routes.rb
, add the following code:
Rails.application.routes.draw do
...
mount RuCaptcha::Engine => "/rucaptcha"
...
end
Controller app/controller/account_controller.rb
class AccountController < ApplicationController
def create
@user = User.new(params[:user])
if verify_rucaptcha?(@user) && @user.save
redirect_to root_path, notice: 'Sign up successed.'
else
render 'account/new'
end
end
end
View app/views/account/new.html.erb
<form>
...
<div class="form-group">
<%= rucaptcha_input_tag(class: 'form-control', placeholder: 'Input Captcha') %>
<%= rucaptcha_image_tag(alt: 'Captcha') %>
</div>
...
</form>
And if you are use Devise, you can read this to add validation: RuCaptcha with Devise.
for RSpec
describe 'sign up and login', type: :feature do
before do
allow_any_instance_of(ActionController::Base).to receive(:verify_rucaptcha?).and_return(true)
end
it { ... }
end
for MiniTest
class ActionDispatch::IntegrationTest
def sign_in(user)
ActionController::Base.any_instance.stubs(:verify_rucaptcha?).returns(true)
post user_session_path \
'user[email]' => user.email,
'user[password]' => user.password
end
end