npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

als-captcha

v2.1.0

Published

Advanced CAPTCHA library

Downloads

36

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

alexsorkinalexsorkin

Keywords

captchasecurityimage-captchaaudio-captchabot-detectionnodejsanti-botmath-captchaweb-security

Readme

als-captcha

als-captcha is a Node.js library for generating and validating a simple yet effective captcha. It employs a combination of image recognition with noise and tilt, basic math problem solving, and several other strategies to differentiate between human users and bots.

Installation

To install als-captcha, use npm:

npm i als-captcha

Basic Usage

const Captcha = require('als-captcha');
const captcha = new Captcha() // dafult params and eng language for audio

// create captcha
app.get('/captcha', async (req, res) => {
    const captchaHtml = await captcha.create(req,res,true) // last parameter include audio
    res.send(`<!DOCTYPE html>
<html lang="en">
<head>
   <title>HEllo</title>
</head>

<body>
    <form>
        ${captchaHtml}
    </form>
<body>
</html>
`);
});

// validate captcha
app.post('/submit-captcha', (req, res) => {
    if (catpcha.valid(req)) res.send("right");
    else res.send("wrong");
});

Security Strategies

als-captcha uses multiple strategies to enhance security:

  • Image Recognition Challenge: A captcha image with noise, tilt, and bot-unfriendly font.
  • Math Problem Solving: A basic math problem that must be solved correctly, ensuring complete text recognition.
  • Hidden importantInfo Field: Remains empty and is used to detect bots that might fill it.
  • Bot Detection through onchange Event: If the onchange event does not trigger, the bot field retains its default value, indicating a bot.
  • Timestamp and Screen Dimension Check: Captures the time taken to complete the captcha and multiplies the screen's color depth with its width to generate a unique number, which helps in bot detection.

Advanced Usage

Configuration includes 3 parts:

  • params(Object) - the parameters for captcha class
    • first parameter in constructor
  • lang(String) - the language for audio
    • second parameter in constructor
    • default 'eng', available: eng,ru,he
  • cookieOptions (Object) - options for cookie
    • available as instance.cookieOptions
  • prefix (String): Optional. A prefix for cookie names with encrypted values. Default is 's:'.
  • cryptOptions (Object): Optional. An object for initiating encryption.
    • defaults are: {algorithm: 'aes-256-cbc',ivLength: 16,secretFilePath: './secret'}
      • You can provide any of keys, the other will be replaced with defaults more information for encryption on als-crypt

Parameters

The parameters includes:

  • logger(Function): function for logging errors. Default console.log
  • maxAge (Number): captcha life time (after this time, captcha outdated). Default is 10 minutes
  • filePath (String): The place for saving captcha tokens start. Default join(__dirname, 'captcha-start')

Example for custom cofiguration:

const logs = []
const captcha = new Captcha({
    logger:(...e) => logs.push(e),
    maxAge:1000*60*30,
    filePath:'./captcha-start'
})

Language - lang

The Captcha class using als-math-audio-composer for composing audio for captcha. By default the language is english (eng). At the moment, available languages are:

  • eng - english
  • ru - russian
  • he - hebrew

als-math-audio-composer using sync method to read the files and than caching it. You can cache all needed sounds on init like this:

const captcha = new Captcha({},'ru') // Set Russian as the captcha language
captcha.audioComposer.cacheAll() // Optionally pre-cache all audio files for faster response

Cookie settings

The Captcha using crypted cookies for storing token and captcha result. By default cookies sent with the folowing options:

{ 
    path: '/', 
    secure: true, 
    httpOnly: true, 
    maxAge:60*10, 
    sameSite:'lax' 
}

The configuraton builded with als-cookie-options and you can change it. Here is the example how to change:

const captcha = new Captcha()
captcha.cookieOptions.sameSite = 'strict'