- Create a VAPTCHA unit and obtain
https://v-cn.vaptcha.com/v3.jsto your page.
- Initialize VAPTCHA SDK to the your page.Web。
- After completing the VAPTCHA test, the user gets the
token, and submits it to your server together with the form data.
- After the server gets the
token, verify the validity of the
tokenthrough our verification interface.Confirm validation.
Configuration and interface documentation required for web client to deploy vaptcha.
Compatibility with IE8 + (IE8 and above), chrome, Firefox, Safari, opera, mainstream mobile browsers, embedded WebView on IOS and Android.
Preparation： Create the VAPTCHA unit and obtain the VID.
Please select the nearest resource or download v3.js to the local for use
Load animation Preview:
Important： please execute the initialization function when the page is loaded and trigger the
validate()method through the button. Do not execute the initialization function in the click event of the button, otherwise it will lead to failure of normal verification on the mobile terminal.
- Common parameters
|vid||string||VAPTCHA unit |
|mode||string||Optional values |
|scene||int||Scenario of initiating verification request, Default value:0|
|https||Bool||Protocol type, check if it is https|
|area||string||VAPTCHA node area. The default value is auto. The optional values are auto,sea,Na,CN|
|Click mode||style||Optional||Button style,|
|Click mode||color||Optional||Button color|
|Embedded mode||guide||Optional||Bool||Whether to display the operation prompt text at the bottom of the picture, default display|
For Click Mode only. Perform the initialization operation and insert the button or picture into the container in the configuration parameters. The sample code is as follows：
For monitoring verification events. The supported events are as follows:
passevent, triggered when verification is passed
closeevent, triggered when the verification pop-up window is closed
For Invisible mode only. The developer decides when to call this method for verification, such as calling this method when the form is submitted.
Usage: After the initialization of the
VAPTCHA instance, the user clicks the login button to execute the
validate() method to perform the verification. When the verification succeeds, the verification pass event is triggered.
tokenis validate for 3 minutes, and then interface returns to empty. It is recommended that users tell whether the VAPTCHA verification has passed or not based on whether the
For all modes, and it is recommended to use this interface to obtain verification results. To obtain the verification result, return
token. Since the token can only be used once, the
token will be empty after calling the
getServerToken interface to obtain the
If you initiate a request by submitting the form directly, it is recommended to use this function to add server, token values to the form
This function is used to add two
input tags named
vaptcha_token to the form, as follows
The function receives a parameter as the container for storing the
inputtag.The default value is the
containecontainer in the parameter configuration, it is required when using the invisible mode. The
inputwill be added to the configured container, and the parameter type is
For all modes. VAPTCHA reset operation, for example, it can be called when login fails.
notice: Please download the ios.html and v3.js from the folder /www in DEMO and replace with your resource address.
- n the .h file of your iOS App project, import the framework's dependent libraries and if compatibility issues occur when using third-party components, please use the native
webviewto you (where human-machine verification is required) and set the
webviewto be invisible.
- Add the js
userContentControllerproperty of the
- When needed, display the
webviewand load the business page and configure the parameters
langaccording to the format
- Obtain verification data through
WKScriptMessageHandlerprotocol callback method:
- The return of
bodyattribute of the above
messageis a string. The string shows information such as whether the verification is passed. It is necessary to implement the follow-up operations of user verification pass, fail or cancel here. The specific fields are:
notice: Please download the android.html and v3.js from the folder /www in DEMO and replace with your resource address.
- set the permissions for network connection permissions In the configuration file:
webviewto the layout file (where VAPTCHA is required), set the
android:visibility="invisible"）, and set it to
visiblewhen in use.
- First call
webview, and then call the following methods where VAPTCHA is required
webviewload the business logic page and configure the parameters
langaccording to the format.
webviewto transparent and turn off hardware acceleration
The method with the fixed name（
signal）needs to be implemented in the interface. The string parameters here return the information such as whether the verification passes and the user clicks close. The subsequent operations of user verification pass, fail or cancel need to be implemented here. The specific fields are
Back end deployment
Description of the interface and returned results verified by the serve. 服务端 SDK 地址：https://github.com/vaptcha
Request url: The
server obtained after successful front-end verification, such as HTTPS: / / *. Vaptcha.net/verify.
Note: please add *. Vaptcha.com and *. Vaptcha.net to server whitelists
|scene||Scenario ID of VAPTCHA unit,e.g: 0|
|ip||Get the user's |
|userid||Only the EV is available. The user's |
When the verification score is low or there are some points deducted, the webmaster can customize the processing strategy, such as allowing the user to verify the mobile phone, email, etc.
Score deduction description
|0||Verification frequency too high|
|1||Device change frequency is too high|
|2||Frequent remote login|
|3||Cookie is empty|
|4||Submit via proxy device and code printing|
Note: Multiple deduction items are separated by
,. Such as：
Register and verify the user's common devices through VAPTCHA ， and register up to 5 devices for each user, which is supported by PC / mobile terminal. It can be used for password free login, security supplementary verification or other scenarios customized by the webmaster.
Note: the VA[TCHA token used in verification can only be used after Confirm Verification
Query whether the user device has been registered through the user ID and token, and return the login times and the latest login time.
/device to the
serverparameter obtained after the front-end verification is successful. For example, the front-end server is
https://*.vaptcha.net/verify, and the final URL is
|token||string||Y||VAPTCHA 验证 Token|
Add up to 5 associated devices for the current user. Whether to register devices can be determined by the station master or let vaptcha automatically judge. It is recommended to register only devices with valid identity verification, such as SMS / email verification.
/deviceto the front-end server parameter.
|id||string||Y||User ID when registering the device|
|regedit||int||N||1 registers the current device, and 0 automatically determines whether to register by VAPTCHA|
Delete the most recently logged in device of the current user
|id||string||Y||User ID when registering the device|