Of Stack

Laravel5.2 uses Captcha to generate verification code to realize login (session giant pit)

  • 2021-08-31 07:22:32
  • OfStack

Recently, a friend asked me to help me get the verification code of laravel, so I studied it a little. (I almost forgot how to use laravel)

First of all, I don't need to go into details about installing laravel. My version is 5.2. 45 (note: middleware can be loaded automatically for laravel versions above 5.2. 6), which is quite important.

After installation, you need to use composer to load your Captcha by adding the line "gregwar/captcha": "1.*" to the require array in your composer. json. Then, run the line composer update using cmd in your project root directory. In this way, if you come, you will install this library or middleware. After that, you can write your code impudently.

php: (I won't go into details about the specific route, only write the key code) 


public function captcha($tmp)
{  // That generates the verification code picture Builder Object, configure the corresponding properties 
  $builder = new CaptchaBuilder;
  // You can set the width, height and font of the picture 
  $builder->build($width = 100, $height = 40, $font = null);
  // Get the content of the verification code 
  $phrase = $builder->getPhrase();
  // Save the contents in session
  Session::flash('milkcaptcha', $phrase);
  // Generate a picture 
  header("Cache-Control: no-cache, must-revalidate");
  header('Content-Type: image/jpeg');
  $builder->output();
}

Invoke of blade template: 


<img src="{{url('/captcha/1')}}" alt="" onclick="this.src='{{url('/captcha')}}/'+Math.random()" width="100" height="40" border="0">

If you think this is the end, you are really too yang too simple. When you verify it, you will find that everything is wrong.

Isn't it sour? Because in laravel 5.2, all session can't cross controllers and methods, if so, session will be regenerated, and the default session needs to pass through middleware. Don't worry, the next way is the solution. At present, I know there are two solutions, its 1 is to build a middleware, and then all the session stored in it, but a little trouble, then I introduce a simple method, in your laravel\ app\ Http\ Kernel.php file $middleware add the following code: 


\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
\Illuminate\Cookie\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,

After that, you can use session with confidence. This is the way to verify the verification code under, 


public function login_data()
{
  $userInput = \Request::get('captcha');
  if (Session::get('milkcaptcha') == $userInput) {
    // The user enters the verification code correctly and verifies your own password user name 
    echo 1;
  } else {
    // The user entered the verification code incorrectly 
    echo 2;
  }
}

Finally, I had to spit out the official document of laravel, and I didn't explain this kind of pit in advance. It is estimated that I am worried that the developer's development is too satisfactory.

Summarize

Related articles: