mrtolouei/laravel-math-captcha
Composer 安装命令:
composer require mrtolouei/laravel-math-captcha
包简介
Single-use CAPTCHA for Laravel with anti-replay protection
README 文档
README
A stateless, lightweight math-based CAPTCHA package for Laravel that generates a simple arithmetic challenge as an image and verifies it via signed payloads.
No database, cache, or filesystem is required.
Table of contents
- Features
- Requirements
- Installation
- Configuration
- Usage
- Example Controller
- Testing
- Advanced Usage
- Security Notes
- Contributions
- License
Features
- Stateless: no DB, cache, or filesystem dependency.
- Uses Laravel APP_KEY for secure HMAC signing.
- Configurable math range and image appearance.
- Simple one-time-use CAPTCHA (answer embedded in signed hash).
- Ready for Laravel 10+.
- Fully testable with PHPUnit.
Requirements
- PHP ≥ 8.1
- Laravel ≥ 10
- GD extension enabled (
php-gd) - Composer
Installation
Install via Composer:
composer require mrtolouei/laravel-math-captcha
Publish configuration file:
php artisan vendor:publish --provider="Mrtolouei\MatchCaptcha\CaptchaServiceProvider" --tag="config"
This will create:
config/captcha.php
Configuration
config/captcha.php contains two main sections:
Image
'image' => [ 'width' => 160, // Width in pixels 'height' => 60, // Height in pixels 'font' => 5, // GD built-in font (1-5) 'bg' => [245,247,250], // Background color RGB 'fg' => [30,30,30], // Foreground/text color RGB ],
Math Expression
'math' => [ 'min' => env('CAPTCHA_MATH_MIN', 1), // Minimum number 'max' => env('CAPTCHA_MATH_MAX', 9), // Maximum number ],
- Increasing the
min/maxrange makes CAPTCHA harder. - You can also use
.envfor environment-specific values.
Usage
Generating a CAPTCHA
use Mrtolouei\MatchCaptcha\CaptchaManager; $manager = new CaptchaManager(); $result = $manager->generate(); /* $result is an instance of CaptchaGenerateResult: $result->image // Base64-encoded PNG $result->hash // Signed payload with the answer */
Display in Blade
<img src="{{ $captcha->image }}" alt="CAPTCHA"> <input type="text" name="captcha_answer"> <input type="hidden" name="captcha_hash" value="{{ $captcha->hash }}">
Verifying CAPTCHA
$valid = $manager->verify($request->input('captcha_answer'), $request->input('captcha_hash')); if ($valid) { // CAPTCHA passed } else { // CAPTCHA failed }
⚠ Note: This CAPTCHA is stateless, so there is no anti-replay mechanism. Each CAPTCHA is single-use in logic only; after verification, the hash can be reused unless you implement additional storage/cache.
Example Controller
namespace App\Http\Controllers; use Illuminate\Http\Request; use Mrtolouei\MatchCaptcha\CaptchaManager; class ContactController extends Controller { protected CaptchaManager $captcha; public function __construct(CaptchaManager $captcha) { $this->captcha = $captcha; } public function showForm() { $captcha = $this->captcha->generate(); return view('contact.form', compact('captcha')); } public function submit(Request $request) { $request->validate([ 'captcha_answer' => 'required', 'captcha_hash' => 'required', ]); if (! $this->captcha->verify($request->captcha_answer, $request->captcha_hash)) { return back()->withErrors(['captcha_answer' => 'CAPTCHA verification failed.']); } // Process the form... } }
Testing
This package uses PHPUnit 10 and Orchestra Testbench for Laravel integration.
Run tests:
composer install
vendor/bin/phpunit
Unit Tests Covered
- CAPTCHA generation returns valid image and hash.
- Correct answers pass verification.
- Wrong answers fail verification.
- Tampered hashes fail verification.
- Math expression respects configured
min/max.
Advanced Usage
- Customize image width, height, font, and colors via config.
- Adjust math difficulty by setting
.envvariables:
CAPTCHA_MATH_MIN=1
CAPTCHA_MATH_MAX=20
- Extend
CaptchaManagerto implement custom operators (e.g., multiplication).
Security Notes
- The security of this CAPTCHA relies on Laravel
APP_KEYsecrecy. - It is stateless: you may want to implement replay prevention using cache or DB if required.
- Increasing math range improves bot-resistance but may reduce readability.
Contributions
PRs, issues, stars are welcome!
- For bugs: open a GitHub issue.
- For features: fork and submit a PR.
- Follow PSR-12 coding style.
License
This package is open-sourced software licensed under the MIT license.
mrtolouei/laravel-math-captcha 适用场景与选型建议
mrtolouei/laravel-math-captcha 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 0 次下载、GitHub Stars 达 1, 最近一次更新时间为 2026 年 01 月 24 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「security」 「captcha」 「laravel」 「one-time」 「stateless」 「anti-replay」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 mrtolouei/laravel-math-captcha 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 mrtolouei/laravel-math-captcha 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 mrtolouei/laravel-math-captcha 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Diese Contao 4 Erweiterung stellt Google reCAPTCHA V2 in Form eines neuen Formularfeldes im Formulargenerator bereit. This extension provides Google reCAPTCHA V2 in the form of a new form field in the form generator of Contao Open Source CMS.
Provide a way to secure accesses to all routes of an symfony application.
Two Captcha
It's a barebone security class written on PHP
Laravel 5 Securimage helper
Contao CMS integrity check for some files
统计信息
- 总下载量: 0
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 1
- 点击次数: 31
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2026-01-24