Unity Captcha is a gem that uses two levels of Captcha:
These two levels, functioning in harmony, create a secure and engaging captcha experience.
Inspired by Dr. Jill Bolte Taylor's research on brain hemispheres. Learn more: TED Talk
Add this line to your application's Gemfile:
gem 'unity-captcha'
And then execute:
$ bundle
Or install it yourself as:
$ gem install unity-captcha
captcha_for HelperThe gem now provides a simple captcha_for helper that automatically adds all required assets and markup:
<%= form_tag(send_invite_path, method: :post, id: "mc-form") do %>
<%= label_tag :friend_email, "Email" %>
<%= text_field_tag :friend_email %>
<%= captcha_for %>
<%= submit_tag "Send Invitation" %>
<% end %>
In your controller:
class InviteController < ApplicationController
def send_invite
@captcha = Unity::Captcha::Captcha.decrypt(params[:captcha_secret])
unless @captcha.correct?(params[:captcha])
redirect_to invite_url, alert: "Please enter the correct captcha value."
else
# Process your form...
redirect_to success_url, notice: "Form submitted successfully!"
end
end
end
Works with form builders like simple_form:
<%= simple_form_for(@invite, html: {id: 'mc-form'}) do |f| %>
<%= f.input :email %>
<%= captcha_for(f) %>
<%= f.button :submit %>
<% end %>
<%= captcha_for(f, {
# Canvas appearance
label: 'Draw the shape to verify:',
canvas_id: 'my-custom-canvas',
form_id: 'my-form-id',
html_options: { class: 'custom-canvas', style: 'border: 3px solid #333' },
# Shape options
shapes: ['triangle', 'x', 'rectangle', 'circle', 'check'],
# Messages
error_msg: 'Not quite right, try again.',
success_msg: 'Perfect! Form submitted.',
# Asset options
skip_jquery: true, # Skip jQuery if you already include it
# Form submission
action_path: custom_submit_path
}) %>
The following shapes are available (you can use any subset):
'triangle', 'x', 'rectangle', 'circle', 'check', 'caret', 'zigzag',
'arrow', 'leftbracket', 'rightbracket', 'v', 'delete', 'star', 'pigtail'
Unity Captcha combines:
Both must be correct for the form to submit, providing dual-layer security.
For more control or custom implementations, you can use the traditional approach:
# Controller
def new
@captcha = Unity::Captcha::Captcha.new
end
<%# View %>
<%= form_tag(submit_path, method: :post, id: "mc-form") do %>
<%# Math captcha %>
<%= label_tag :captcha, @captcha.question %>
<%= text_field_tag :captcha %>
<%= hidden_field_tag :captcha_secret, @captcha.encrypt %>
<%# Drawing captcha %>
<p>Please draw the shape: <a onclick="window.location.reload()" href="#">(new shape)</a></p>
<canvas id="mc-canvas"></canvas>
<%= hidden_field_tag 'mc-action', submit_path %>
<%= submit_tag "Submit" %>
<% end %>
<%# Initialize JavaScript %>
<script>
jQuery(document).ready(function($) {
$('#mc-form').motionCaptcha({
shapes: ['triangle', 'x', 'rectangle', 'circle', 'check']
});
});
</script>
Make sure to include the required assets:
<%= javascript_include_tag "jquery.min" %>
<%= stylesheet_link_tag "jquery.motionCaptcha.1.0" %>
<%= javascript_include_tag "jquery.motionCaptcha.1.0", "jquery.placeholder.1.1.1.min" %>
After checking out the repo, run bin/setup to install dependencies. You can also run bin/console for an interactive prompt.
To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release.
Bug reports and pull requests are welcome on GitHub at https://github.com/papayalabs/unity-captcha. Contributors are expected to adhere to the Contributor Covenant code of conduct.
The gem is available as open source under the terms of the MIT License.
FAQs
Unknown package
We found that unity-captcha demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
AGENTS.md is a fast-growing open format giving AI coding agents a shared, predictable way to understand project setup, style, and workflows.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.