Flask-WTF
在pycharm中安装完flask_wtf后,我们可以创建一个POST传参的模板
from flask_wtf import FlaskFormfrom wtforms import StringField, SubmitFieldfrom wtforms.validators import DataRequiredclass check_codeForm(FlaskForm):verify_code = StringField('验证码', validators=[DataRequired()])submit = SubmitField('提交')
这个模板涵盖了两个参数,一个是用户输入验证码的值,一个是用户点击提交。
导入Pillow库和random库用来生成随机数和将其变为图片
import osfrom random import randintfrom PIL import Image, ImageDraw, ImageFont
随机四个字符作为验证码
def get_random_code(lls):c = []for i in range(lls):s = 'QWERTYUIO123456PASDFGHJKLZXCVBNM7890'c.append(choice(s))print(c)return c
建立一个画板
def generate_captcha(width=140, height=60, length=4):img = Image.new("RGB", (width, height), (250, 250, 250))draw = ImageDraw.Draw(img)
确定使用的字体以及大小
font = ImageFont.truetype(os.path.dirname(__file__) + '/Nightmare-Maker.ttf', size=36)将字体进行画在画板上
cs = get_random_code(4)text = ''s = -1for i in range(length):draw.text((width * 0.20 * (s + 1.5), height * 0.3), cs[i], font=font, fill=get_random_color())text = text + cs[i]s = s + 1
加入随机的线条
for i in range(30):x1 = randint(0, 140)y1 = randint(0, 60)x2 = randint(0, 140)y2 = randint(0, 60)y1), (x2, y2)),width=randint(0, 3),fill=get_random_color())
加入高斯模糊和滤镜(radius的数值不要太高)
img = img.filter(ImageFilter.GaussianBlur(radius=0.7))img = img.filter(ImageFilter.FIND_EDGES)
最终效果
这里是B9SY
完整代码
import osfrom random import randint, choicefrom PIL import Image, ImageDraw, ImageFont, ImageFilterdef get_random_color():return randint(120, 200), randint(120, 200), randint(120, 200)def get_random_code(lls):c = []for i in range(lls):s = 'QWERTYUIO123456PASDFGHJKLZXCVBNM7890'c.append(choice(s))print(c)return cdef generate_captcha(width=140, height=60, length=4):img = Image.new("RGB", (width, height), (250, 250, 250))draw = ImageDraw.Draw(img)font = ImageFont.truetype(os.path.dirname(__file__) + '/Nightmare-Maker.ttf', size=36)cs = get_random_code(4)text = ''s = -1for i in range(length):draw.text((width * 0.20 * (s + 1.5), height * 0.3), cs[i], font=font, fill=get_random_color())text = text + cs[i]s = s + 1for i in range(30):x1 = randint(0, 140)y1 = randint(0, 60)x2 = randint(0, 140)y2 = randint(0, 60)draw.line(((x1, y1), (x2, y2)),width=randint(0, 3),fill=get_random_color())img = img.filter(ImageFilter.GaussianBlur(radius=0.7))img = img.filter(ImageFilter.FIND_EDGES)print(text)return text, imggenerate_captcha()
设计一个初始页面来发放cookie和建立字典来存放验证码
@app.route('/')def setcooke():resp = make_response("cookie以下发")ussww = md5(str(time()).encode('utf-8')).hexdigest()resp.set_cookie("userid", ussww)users_info[ussww] = ['ON', 'NULL']return resp
建立一个页面来检查验证码
.route('/check_code', methods=['GET', 'POST'])def check_code():form = check_codeForm()resp = make_response(render_template('check_code.html', form=form))cookes = request.cookies.get('userid')if request.method == 'POST':if users_info[cookes][1] != str(form.verify_code.data).replace('n', ''):print(users_info[cookes][1])print("不相等")if users_info[cookes][1] == str(form.verify_code.data).replace('n', ''):print("相等")return resp
检查POST传参
if request.method == 'POST':if users_info[ussww][1] != str(form.verify_code.data).replace('n', ''):print("不相等")if users_info[ussww][1] == str(form.verify_code.data).replace('n', ''):print("相等")
再写一个生成验证码的页面
@app.route('/codes')def chek_doe():cookes = request.cookies.get('userid')users_info[cookes][1], img = yanzhengma.generate_captcha()buffer = BytesIO()img.save(buffer, "JPEG")buf_bytes = buffer.getvalue()response = make_response(buf_bytes)response.headers['Content-Type'] = 'image/jpg'return response
这里将获取到了验证码存到cookie对应的字典里,然后图片放入内存并作表头返回
输入验证码并检测的页面
<form action="/check_code" method="post">{{ form.verify_code.label }}{{ form.verify_code }}{{ form.submit }}<img src="{{url_for('chek_doe')}}"></form>
测试效果
整体代码
from datetime import timefrom hashlib import md5from io import BytesIOfrom flask import Flask, render_template, request, make_responseimport configimport yanzhengmafrom key_code_form import check_codeFormapp = Flask(__name__)app.config["SECRET_KEY"] = '123456'app.config.from_object(config)app.debug = Falseusers_info = {}def setcooke():resp = make_response("cookie下发")ussww = md5(str(time()).encode('utf-8')).hexdigest()resp.set_cookie("userid", ussww)users_info[ussww] = ['ON', 'NULL']return respdef check_code():form = check_codeForm()resp = make_response(render_template('check_code.html', form=form))cookes = request.cookies.get('userid')if request.method == 'POST':if users_info[cookes][1] != str(form.verify_code.data).replace('n', ''):print(users_info[cookes][1])print("不相等")if users_info[cookes][1] == str(form.verify_code.data).replace('n', ''):print("相等")return respdef chek_doe():cookes = request.cookies.get('userid')users_info[cookes][1], img = yanzhengma.generate_captcha()buffer = BytesIO()img.save(buffer, "JPEG")buf_bytes = buffer.getvalue()response = make_response(buf_bytes)response.headers['Content-Type'] = 'image/jpg'return responseif __name__ == '__main__':app.run(host="0.0.0.0",port=5555)
地址|北京市海淀区奥北科技园20号楼5层
原文始发于微信公众号(大学生网络安全尖锋训练营):【学习园地】Flask(2)验证码
免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论