问题
I would like to implement a captcha inside my Devise login form after, X failed login attempts ( say 3 )
Has anyone attempted this? The only idea I have is storing the failed attempts in a session, then after X failed attempts the view login page would be complemented with the captcha
This is not failsafe:
- user can reset session
- perhaps sessions do not work, which renders this idea useless.
Is there a good solid way to do this with Devise?
回答1:
You could store the number of attempts for a given user ID in a cache store (or even persist, depending on the volume of traffic to your site). Then after X number of attempts, render that partial based on the user's email address.
You would tie it together by doing a check in view or controller for if a key/value pair is set for a given user ID / email address. If it is and it's greater than your threshold, show the captcha.
来源:https://stackoverflow.com/questions/19368055/devise-add-captcha-to-login-page-after-x-failed-logins