# Captcha Lib

The Captcha Lib creates a random number of 4 digits and signs it with a hash-key. The random number will be presented as an image to the user as part of a HTML form. The captcha form elements are generated by a JSON payload like this:

<pre>
{
    "signature": "f0d41d3647a88edc4c73509b62c0b4e57787bd07",
    "timestamp_create": 1711395119031,
    "life_time": 600,
    "captcha_data_uri": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAGQAAAAmCAIAAAC9EKlkAAAEHklEQVR4n..."
}
</pre>

The captcha image itself is sent as a data-uri-image. Validity is checked by the captcha string sent back to the server with the hash-key and the timestamp of the captchas creation time.

The Lib consists of four elements:

1. **captcha_func** _External Method_: collection of all python functions and global variables (secret_key, font-path etc.)
2. **captcha_create** _Python Script_: calls captcha_create() from captcha_func
3. **captcha_validate** _Python Script_: calls captcha_validate() from captcha_func
4. **captcha_html** _TAL-Template_: displays a form using async calls of captcha_create and captcha_validate

The TAL-Templates is considered as working example form that contains the HTML elements and JS-functions that are needed to integrate the functionality to your own forms.

The following ZMS configuration properties are used by the Captcha Lib:

1. `ZMS.captcha.secret_key`: secret key for signinng the captcha
2. `ZMS.captcha.life_time`: life time of the captcha
3. `ZMS.captcha.font_path`: os path of the applied font
4. `ZMS.captcha.log_path`: os path of the log file (log file is needed for preventing captcha flooding)
