How to Implement CAPTCHA in ASP.NET Core Using DNTCaptcha.Core

September 06, 2022

Meta Description: Learn step-by-step how to integrate DNTCaptcha.Core in ASP.NET Core. This tutorial covers project setup, configuration, models, controllers, and validation to secure your login and registration forms.

Introduction

CAPTCHA is an essential security feature in modern web applications. It helps differentiate between human users and bots, protecting your website from automated attacks like DDoS, spam registrations, and brute-force login attempts.

In this tutorial, we will learn how to implement DNTCaptcha.Core in ASP.NET Core with a simple example. By the end, you’ll know how to add CAPTCHA to your login page and validate it effectively.

CAPTCHA in ASP.NET Core

Why Use CAPTCHA?

Without CAPTCHA, your website is vulnerable to:
- Automated bots spamming login and registration forms
- DDoS attacks where bots flood requests to overload servers
- Fake accounts being generated in bulk

That’s why it’s commonly used in Login, Registration, and Forgot Password pages.

Steps to Implement CAPTCHA in ASP.NET Core

1. Create a New ASP.NET Core Project

Open Visual Studio → Create a new project → Select ASP.NET Core Web App (Model-View-Controller).
Name it WebCaptcha, choose .NET Core 3.1 (or later), and disable Docker (optional).

2. Install DNTCaptcha.Core Package

Run the following command in the NuGet Package Manager Console:

Install-Package DNTCaptcha.Core

3. Add TagHelper to _ViewImports.cshtml

Open _ViewImports.cshtml and add:

@addTagHelper *, DNTCaptcha.Core

4. Create a Login Model

Inside Models/LoginViewModel.cs:


public class LoginViewModel
{
    public string Username { get; set; }
    public string Password { get; set; }
}

5. Add Controller and Action Method

Inside Controllers/PortalController.cs:


using DNTCaptcha.Core;

public class PortalController : Controller
{
    [HttpGet]
    public IActionResult Login()
    {
        return View();
    }

    [HttpPost]
    [ValidateDNTCaptcha(ErrorMessage = "Please enter valid CAPTCHA")]
    public IActionResult Login(LoginViewModel model)
    {
        if (ModelState.IsValid)
        {
            // Do login logic here
            return RedirectToAction("Index", "Home");
        }
        return View(model);
    }
}

6. Register DNTCaptcha Service in Startup.cs

In ConfigureServices() method of Startup.cs:


services.AddDNTCaptcha(options =>
{
    options.UseCookieStorageProvider()
           .ShowThousandsSeparators(false);
});

7. Add CAPTCHA to the Login View

Inside Views/Portal/Login.cshtml:


<form asp-action="Login" method="post">
    <input type="text" name="Username" placeholder="Username" />
    <input type="password" name="Password" placeholder="Password" />

    <dnt-captcha asp-captcha-generator-max="99999"
                 asp-captcha-generator-min="11111"
                 asp-captcha-generator-language="English"
                 asp-captcha-generator-display-mode="NumberToWord"
                 asp-validation-error-message="Please enter the CAPTCHA correctly!"
                 asp-refresh-button-class="fas fa-redo btn-sm">
    </dnt-captcha>

    <button type="submit">Login</button>
</form>

8. Verify CAPTCHA on Post Request

DNTCaptcha provides two ways:

Option 1: Using [ValidateDNTCaptcha] Attribute
Simply add the attribute to your POST method.

Option 2: Using IDNTCaptchaValidatorService:


private readonly IDNTCaptchaValidatorService _validatorService;

public PortalController(IDNTCaptchaValidatorService validatorService)
{
    _validatorService = validatorService;
}

[HttpPost]
public IActionResult Login(LoginViewModel model)
{
    if (!_validatorService.HasRequestValidCaptchaEntry(Language.English, DisplayMode.ShowDigits))
    {
        ModelState.AddModelError("CaptchaInputText", "Invalid CAPTCHA!");
        return View(model);
    }

    // login logic
    return RedirectToAction("Index", "Home");
}

Conclusion

Adding CAPTCHA in ASP.NET Core using DNTCaptcha.Core is simple yet effective. It strengthens your app against bots, fake registrations, and brute-force attacks.

If you are new to ASP.NET, don’t miss reading our detailed 👉 ASP.NET Tutorial for Beginners

For developers interested in MVC patterns, 👉 ASP.NET MVC Tutorial

You can also explore career insights in 👉 Exploring the World of Web Development Jobs

For more on security and authentication, 👉 Navigating the Digital Banking Era

And if you want to see how technology drives progress, don’t miss 👉 The Power of Innovation


Post a Comment

2 Comments

  1. AnonymousSeptember 6, 2022 at 3:17 PM

    Best Article for captcha in .net core

    ReplyDelete
  2. AnonymousOctober 30, 2022 at 4:06 PM

    interesting for new developers in core

    ReplyDelete