EdiWang
diff --git a/‎README.md‎
Lines changed: 178 additions & 12 deletions b/‎README.md‎
Lines changed: 178 additions & 12 deletions
diff --git a/‎src/Edi.Captcha.SampleApp/Controllers/StatelessController.cs‎
Lines changed: 43 additions & 0 deletions b/‎src/Edi.Captcha.SampleApp/Controllers/StatelessController.cs‎
Lines changed: 43 additions & 0 deletions
diff --git a/‎src/Edi.Captcha.SampleApp/Models/StatelessHomeModel.cs‎
Lines changed: 12 additions & 0 deletions b/‎src/Edi.Captcha.SampleApp/Models/StatelessHomeModel.cs‎
Lines changed: 12 additions & 0 deletions
diff --git a/‎src/Edi.Captcha.SampleApp/Startup.cs‎
Lines changed: 8 additions & 0 deletions b/‎src/Edi.Captcha.SampleApp/Startup.cs‎
Lines changed: 8 additions & 0 deletions
diff --git a/‎src/Edi.Captcha.SampleApp/Views/Stateless/Index.cshtml‎
Lines changed: 88 additions & 0 deletions b/‎src/Edi.Captcha.SampleApp/Views/Stateless/Index.cshtml‎
Lines changed: 88 additions & 0 deletions
diff --git a/‎src/Edi.Captcha.Tests/Edi.Captcha.Tests.csproj‎
Lines changed: 1 addition & 1 deletion b/‎src/Edi.Captcha.Tests/Edi.Captcha.Tests.csproj‎
Lines changed: 1 addition & 1 deletion
@@ -1,4 +1,4 @@
-# Edi.Captcha.AspNetCore
+# Edi.Captcha.AspNetCore
 The Captcha module used in my blog
 
 [![.NET](https://github.com/EdiWang/Edi.Captcha.AspNetCore/actions/workflows/dotnet.yml/badge.svg)](https://github.com/EdiWang/Edi.Captcha.AspNetCore/actions/workflows/dotnet.yml)
@@ -8,9 +8,7 @@ The Captcha module used in my blog
 [main-nuget]: https://www.nuget.org/packages/Edi.Captcha/
 [main-nuget-badge]: https://img.shields.io/nuget/v/Edi.Captcha.svg?style=flat-square&label=nuget
 
-## Usage
-
-### 0. Install from NuGet
+## Install
 
 NuGet Package Manager
 ```
@@ -23,6 +21,8 @@ or .NET CLI
 dotnet add package Edi.Captcha
 ```
 
+## Session-Based Captcha (Traditional Approach)
+
 ### 1. Register in DI
 
 ```csharp
@@ -186,18 +186,184 @@ public async Task<IActionResult> SomeAction(YourModelWithCaptchaCode model)
 }
 ```
 
-Refer to https://edi.wang/post/2018/10/13/generate-captcha-code-aspnet-core
 
-## 免责申明
+## Stateless Captcha (Recommended for Scalable Applications)
+
+**Advantages of Stateless Captcha:**
+- ✅ Works in clustered/load-balanced environments
+- ✅ No server-side session storage required
+- ✅ Built-in expiration through encryption
+- ✅ Secure token-based validation
+- ✅ Better scalability
+- ✅ Single API call for both token and image
+
+### 1. Register in DI
+
+```csharp
+services.AddStatelessCaptcha();
+```
+
+or with custom options:
+
+```csharp
+services.AddStatelessCaptcha(options =>
+{
+    options.Letters = "2346789ABCDGHKMNPRUVWXYZ";
+    options.CodeLength = 4;
+    options.TokenExpiration = TimeSpan.FromMinutes(5);
+});
+```
+
+### 2. Create Model with Token Support
 
-此项目(Edi.Captcha.AspNetCore)及其配套组件均为免费开源的产品，仅用于学习交流，并且不直接向中国提供服务，中国访客请于下载后立即删除。
+```csharp
+public class StatelessHomeModel
+{
+    [Required]
+    [StringLength(4)]
+    public string CaptchaCode { get; set; }
+    
+    public string CaptchaToken { get; set; }
+}
+```
 
-任何中国境内的组织及个人不得使用此项目(Edi.Captcha.AspNetCore)及其配套组件构建任何形式的面向中国境内访客的网站或服务。
+### 3. Example Controller
 
-不可用于任何违反中华人民共和国(含台湾省)或使用者所在地区法律法规的用途。
+```csharp
+using Edi.Captcha.SampleApp.Models;
+using Microsoft.AspNetCore.Mvc;
+using System;
+using System.Diagnostics;
 
-因为作者即本人仅完成代码的开发和开源活动(开源即任何人都可以下载使用)，从未参与访客的任何运营和盈利活动。
+namespace Edi.Captcha.SampleApp.Controllers;
 
-且不知晓访客后续将程序源代码用于何种用途，故访客使用过程中所带来的任何法律责任即由访客自己承担。
+public class StatelessController(IStatelessCaptcha captcha) : Controller
+{
+    public IActionResult Index()
+    {
+        return View(new StatelessHomeModel());
+    }
 
-[《开源软件有漏洞，作者需要负责吗？是的！》](https://go.edi.wang/aka/os251)
+    [HttpPost]
+    public IActionResult Index(StatelessHomeModel model)
+    {
+        if (ModelState.IsValid)
+        {
+            bool isValidCaptcha = captcha.Validate(model.CaptchaCode, model.CaptchaToken);
+            return Content(isValidCaptcha ? "Success - Stateless captcha validated!" : "Invalid captcha code");
+        }
+
+        return BadRequest();
+    }
+
+    [Route("get-stateless-captcha")]
+    public IActionResult GetStatelessCaptcha()
+    {
+        var result = captcha.GenerateCaptcha(100, 36);
+        
+        return Json(new { 
+            token = result.Token, 
+            imageBase64 = Convert.ToBase64String(result.ImageBytes)
+        });
+    }
+
+    [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
+    public IActionResult Error()
+    {
+        return View(new ErrorViewModel { RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier });
+    }
+}
+```
+
+### 4. Example View
+
+```razor
+@model StatelessHomeModel
+@{
+    ViewData["Title"] = "Stateless Captcha Example";
+}
+
+<div class="text-center">
+    <h1 class="display-4">Stateless Captcha Example</h1>
+    <p>This example shows how to use stateless captcha that works in clustered environments.</p>
+</div>
+
+<div class="row">
+    <div class="col-md-6 offset-md-3">
+        <div class="card">
+            <div class="card-header">
+                <h5>Stateless Captcha Form</h5>
+            </div>
+            <div class="card-body">
+                <form asp-action="Index" method="post" id="stateless-form">
+                    <div class="form-group mb-3">
+                        <label>Captcha Image:</label>
+                        <div class="d-flex align-items-center">
+                            <img id="captcha-image" src="" alt="Captcha" class="me-2" style="border: 1px solid #ccc;" />
+                            <button type="button" class="btn btn-sm btn-outline-secondary" onclick="refreshCaptcha()">
+                                🔄 Refresh
+                            </button>
+                        </div>
+                        <small class="form-text text-muted">Click refresh to get a new captcha</small>
+                    </div>
+
+                    <div class="form-group mb-3">
+                        <label asp-for="CaptchaCode">Enter Captcha Code:</label>
+                        <input asp-for="CaptchaCode" class="form-control" placeholder="Enter the code from image" autocomplete="off" />
+                        <span asp-validation-for="CaptchaCode" class="text-danger"></span>
+                    </div>
+
+                    <input type="hidden" asp-for="CaptchaToken" id="captcha-token" />
+
+                    <div class="form-group">
+                        <button type="submit" class="btn btn-primary">Submit</button>
+                        <a asp-controller="Home" asp-action="Index" class="btn btn-secondary">Session-based Example</a>
+                    </div>
+                </form>
+
+                <div class="mt-4">
+                    <h6>Advantages of Stateless Captcha:</h6>
+                    <ul class="small">
+                        <li>✅ Works in clustered/load-balanced environments</li>
+                        <li>✅ No server-side session storage required</li>
+                        <li>✅ Built-in expiration through encryption</li>
+                        <li>✅ Secure token-based validation</li>
+                        <li>✅ Better scalability</li>
+                        <li>✅ Single API call for both token and image</li>
+                    </ul>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+
+<script>
+    async function refreshCaptcha() {
+        try {
+            const response = await fetch('/get-stateless-captcha');
+            const data = await response.json();
+            
+            // Set the token for validation
+            document.getElementById('captcha-token').value = data.token;
+            
+            // Set the image source using base64 data
+            document.getElementById('captcha-image').src = `data:image/png;base64,${data.imageBase64}`;
+            
+            // Clear the input
+            document.getElementById('CaptchaCode').value = '';
+        } catch (error) {
+            console.error('Error refreshing captcha:', error);
+            alert('Failed to load captcha. Please try again.');
+        }
+    }
+
+    // Initialize captcha on page load
+    document.addEventListener('DOMContentLoaded', function() {
+        refreshCaptcha();
+    });
+</script>
+
+@section Scripts {
+    @{await Html.RenderPartialAsync("_ValidationScriptsPartial");}
+}
+```
@@ -0,0 +1,43 @@
+using Edi.Captcha.SampleApp.Models;
+using Microsoft.AspNetCore.Mvc;
+using System;
+using System.Diagnostics;
+
+namespace Edi.Captcha.SampleApp.Controllers;
+
+public class StatelessController(IStatelessCaptcha captcha) : Controller
+{
+    public IActionResult Index()
+    {
+        return View(new StatelessHomeModel());
+    }
+
+    [HttpPost]
+    public IActionResult Index(StatelessHomeModel model)
+    {
+        if (ModelState.IsValid)
+        {
+            bool isValidCaptcha = captcha.Validate(model.CaptchaCode, model.CaptchaToken);
+            return Content(isValidCaptcha ? "Success - Stateless captcha validated!" : "Invalid captcha code");
+        }
+
+        return BadRequest();
+    }
+
+    [Route("get-stateless-captcha")]
+    public IActionResult GetStatelessCaptcha()
+    {
+        var result = captcha.GenerateCaptcha(100, 36);
+        
+        return Json(new { 
+            token = result.Token, 
+            imageBase64 = Convert.ToBase64String(result.ImageBytes)
+        });
+    }
+
+    [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
+    public IActionResult Error()
+    {
+        return View(new ErrorViewModel { RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier });
+    }
+}
@@ -0,0 +1,12 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace Edi.Captcha.SampleApp.Models;
+
+public class StatelessHomeModel
+{
+    [Required]
+    [StringLength(4)]
+    public string CaptchaCode { get; set; }
+    
+    public string CaptchaToken { get; set; }
+}
@@ -38,6 +38,14 @@ public void ConfigureServices(IServiceCollection services)
             //option.DrawLines = false;
             option.BlockedCodes = [magic1, magic2];
         });
+
+        // For stateless approach (recommended)
+        services.AddStatelessCaptcha(options =>
+        {
+            options.Letters = "2346789ABCDGHKMNPRUVWXYZ";
+            options.CodeLength = 4;
+            options.TokenExpiration = TimeSpan.FromMinutes(5);
+        });
     }
 
     public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
 
@@ -0,0 +1,88 @@
+@model StatelessHomeModel
+@{
+    ViewData["Title"] = "Stateless Captcha Example";
+}
+
+<div class="text-center">
+    <h1 class="display-4">Stateless Captcha Example</h1>
+    <p>This example shows how to use stateless captcha that works in clustered environments.</p>
+</div>
+
+<div class="row">
+    <div class="col-md-6 offset-md-3">
+        <div class="card">
+            <div class="card-header">
+                <h5>Stateless Captcha Form</h5>
+            </div>
+            <div class="card-body">
+                <form asp-action="Index" method="post" id="stateless-form">
+                    <div class="form-group mb-3">
+                        <label>Captcha Image:</label>
+                        <div class="d-flex align-items-center">
+                            <img id="captcha-image" src="" alt="Captcha" class="me-2" style="border: 1px solid #ccc;" />
+                            <button type="button" class="btn btn-sm btn-outline-secondary" onclick="refreshCaptcha()">
+                                🔄 Refresh
+                            </button>
+                        </div>
+                        <small class="form-text text-muted">Click refresh to get a new captcha</small>
+                    </div>
+
+                    <div class="form-group mb-3">
+                        <label asp-for="CaptchaCode">Enter Captcha Code:</label>
+                        <input asp-for="CaptchaCode" class="form-control" placeholder="Enter the code from image" autocomplete="off" />
+                        <span asp-validation-for="CaptchaCode" class="text-danger"></span>
+                    </div>
+
+                    <input type="hidden" asp-for="CaptchaToken" id="captcha-token" />
+
+                    <div class="form-group">
+                        <button type="submit" class="btn btn-primary">Submit</button>
+                        <a asp-controller="Home" asp-action="Index" class="btn btn-secondary">Session-based Example</a>
+                    </div>
+                </form>
+
+                <div class="mt-4">
+                    <h6>Advantages of Stateless Captcha:</h6>
+                    <ul class="small">
+                        <li>✅ Works in clustered/load-balanced environments</li>
+                        <li>✅ No server-side session storage required</li>
+                        <li>✅ Built-in expiration through encryption</li>
+                        <li>✅ Secure token-based validation</li>
+                        <li>✅ Better scalability</li>
+                        <li>✅ Single API call for both token and image</li>
+                    </ul>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+
+<script>
+    async function refreshCaptcha() {
+        try {
+            const response = await fetch('/get-stateless-captcha');
+            const data = await response.json();
+            
+            // Set the token for validation
+            document.getElementById('captcha-token').value = data.token;
+            
+            // Set the image source using base64 data
+            document.getElementById('captcha-image').src = `data:image/png;base64,${data.imageBase64}`;
+            
+            // Clear the input
+            document.getElementById('CaptchaCode').value = '';
+        } catch (error) {
+            console.error('Error refreshing captcha:', error);
+            alert('Failed to load captcha. Please try again.');
+        }
+    }
+
+    // Initialize captcha on page load
+    document.addEventListener('DOMContentLoaded', function() {
+        refreshCaptcha();
+    });
+</script>
+
+@section Scripts {
+    @{await Html.RenderPartialAsync("_ValidationScriptsPartial");}
+}
@@ -7,7 +7,7 @@
     <PackageReference Include="NUnit" Version="4.4.0" />
     <PackageReference Include="Moq" Version="4.20.72" />
     <PackageReference Include="NUnit3TestAdapter" Version="5.1.0" />
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.14.1" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="18.0.0" />
   </ItemGroup>
   <ItemGroup>
     <ProjectReference Include="..\Edi.Captcha\Edi.Captcha.csproj" />