使用谷歌reCaptcha（2.0版本）做人机验证

百度百科:

         CMU设计了一个名叫reCAPTCHA的强大系统，让他们的电脑去向人类求助。具体做法是：将OCR软件无法识别的文字扫描图传给世界各大网站，用以替换原来的验证码图片；那些网站的用户在正确识别出这些文字之后，其答案便会被传回CMU。

使用前需注意: 
1.reCaptcha官网网站为:https://developers.google.com/recaptcha/(需要*)
2.在国内使用的话,需要将demo中所有的www.google.com替换成www.recaptcha.net不然无法使用reCAPTCHA
3.使用reCaptcha需要去注册google账号,并且去https://www.google.com/recaptcha/admin里面去创建秘钥对()稍等我会标注出来)

reCaptcha方式选择:
1.显示
2.隐式
3.Android

实践第一种(显示):
1.创建google账号,访问https://www.google.com/recaptcha/admin创建秘钥对

2.前端:
 

<!DOCTYPE html>
<html lang="en">
<head>
    <title></title>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <script src='https://www.recaptcha.net/recaptcha/api.js'></script>
</head>
<body>

<form action="/check" method="post">
     <!-- 公钥 -->
    <div class="g-recaptcha" data-sitekey="6Ldnn3cUAAAAANS1T-9rfBL7z6lDnaZj5RXdhApc"></div>
    <p><button class="btn btn-primary" type="submit">Register</button>
</form>
</body>
</html>

3.服务端
 

    @RequestMapping("/check")
    @ResponseBody
    public String check(HttpServletRequest request) {
        String checkCode = request.getParameter("g-recaptcha-response");
        Map<String, Object> map = new HashMap<>();
        // 私钥
        map.put("secret", "6Ldnn3cUAAAAADcNDxCOnw_oBV_k0JsvdBMF-KEI");
        map.put("response", checkCode);
        String json = MyHttpRequest.sendPost("https://www.recaptcha.net/recaptcha/api/siteverify", map, "UTF-8");
        return json;
    }

实践第二种(隐式):
1.去创建秘钥对,步骤一样,只不过是这里选择项,选择改成第二个了,然后获取新的秘钥对

2.前端
 

<html>
<head>
    <title>reCAPTCHA demo: Simple page</title>
    <script src="https://www.recaptcha.net/recaptcha/api.js" async defer></script>
    <script>
        function onSubmit(token) {
            document.getElementById("demo-form").submit();
        }
    </script>
</head>
<body>
<form id='demo-form' action="/check2" method="POST">
    <!-- data-sitekey 需要填写公钥 -->
    <button class="g-recaptcha" data-sitekey="6LfcoXcUAAAAAC0jA5m50z4C0a7Zggrk6sUvgVKs" data-callback='onSubmit'>Submit</button>
    <br/>
</form>
</body>
</html>

3.服务端
 

    @RequestMapping("/check2")
    @ResponseBody
    public String check2(HttpServletRequest request) {
        String checkCode = request.getParameter("g-recaptcha-response");
        Map<String, Object> map = new HashMap<>();
        // 私钥
        map.put("secret", "6LfcoXcUAAAAAE-G2qDI19ZR5r96sY_f5i6mVWNi");
        map.put("response", checkCode);
        String json = MyHttpRequest.sendPost("https://www.recaptcha.net/recaptcha/api/siteverify", map, "UTF-8");
        return json;
    }

第一种效果:

 第二种效果:


服务端调用https://www.recaptcha.net/recaptcha/api/siteverify,返回来的错误码:
 

Error code	Description
missing-input-secret	The secret parameter is missing.
invalid-input-secret	The secret parameter is invalid or malformed.
missing-input-response	The response parameter is missing.
invalid-input-response	The response parameter is invalid or malformed.
bad-request	The request is invalid or malformed.