This page will show you how to deploy GeeTest CAPTCHA V4 with the mainstream back-end coding languages.
When the user passes the challenge on the front end, a batch of parameters related to the CAPTCHA will be generated. The user’s request will bring these parameters to the back end, and the back-end API will upload these parameters to the secondary verification API to confirm whether the verification is valid.
Generally, it only needs to deal with the return value when the verification succeeds and the verification fails. Also, the abnormal return value only occurs when the client does not request the correct method.
1 Example of successful verification return
{ "status": "success", //request status "result": "success", //the result of secondary verification "reason": "", // the explaination of result "captcha_args": { // verify the output parameters "used_type": "slide", "user_ip": "127.0.0.1", "lot_number": "4dc3cfc2cdff448cad8d13107198d473", "scene": "反爬虫 anti crawler", "referer": "http://127.0.0.1:8077/" // ... } }
2 Example of validation failure return
{ "status": "success", //request status "result": "fail", //the result of secondary verification "reason": "pass_token expire", // the explaination of result "captcha_args": { // verify the output parameters ... } }
# 2. Get the verification parameters passed from the front end after user verification lot_number = self.get_argument('lot_number', '') captcha_output = self.get_argument('captcha_output', '') pass_token = self.get_argument('pass_token', '') gen_time = self.get_argument('gen_time', '')
# 3. Generate signature # Using standard hmac algorithms to generate signatures, using the user's current verification serial number lot_number as the original message, and the client's verification private key as the key # Using sha256 hash algorithm to hash message and key in one direction to generate the final signature lotnumber_bytes = lot_number.encode() prikey_bytes = captcha_key.encode() sign_token = hmac.new(prikey_bytes, lotnumber_bytes, digestmod='SHA256').hexdigest()
# 4. Upload verification parameters to the second verification interface of GeeTest to verify the user verification status query = { "lot_number": lot_number, "captcha_output": captcha_output, "pass_token": pass_token, "gen_time": gen_time, "sign_token": sign_token, }
# captcha_idParameter is recommended to be placed after url, so that when an exception is requested, it can be quickly located in the log according to the id url = api_server + '/validate' + '?captcha_id={}'.format(captcha_id)
# Pay attention to handling interface exceptions, and make corresponding exception handling when requesting GeeTest secondary verification interface exceptions or response status is not 200 # Guarantee that the business process will not be blocked by interface request timeout or service non-response try: res = requests.post(url, query) assert res.status_code == 200 gt_msg = json.loads(res.text) except Exception as e: gt_msg = {'result': 'success', 'reason': 'request geetest api fail'}
# 5. According to the user authentication status returned by GeeTest, the website owner conducts his own business logic if gt_msg['result'] == 'success': self.write({'login': 'success', 'reason': gt_msg['reason']}) else: self.write({'login': 'fail', 'reason': gt_msg['reason']})
简体中文
