Currently, face recognition theory and technology have achieved great success, and face recognition systems have been widely deployed in key fields such as government, finance, military, etc. Similar to other information systems, face recognition systems also face various security issues, among which, face spoofing is one of the most important issues. The so-called face spoofing refers to the use of attack methods such as printing photos, video re-play, and 3D masks to trick the face recognition system into making false decisions, and thus it must be addressed by a face recognition system. The recent progress of face anti-spoofing (FAS) is investigated. Initially, FAS-related concepts are outlined. Then, the main scientific problems of FAS and corresponding solutions, including the advantages and disadvantages of these solutions, are introduced. Next, existing FAS approaches are divided into two folds, i.e., traditional approaches and deep learning-based approaches, and they are depicted in detail, respectively. Moreover, regarding the domain generalization and interpretability issues of deep learning-based FAS, a detailed introduction is given from the perspective of theory and practice. Then, mainstream datasets adopted by FAS are discussed, and evaluation criteria and experimental results based on these datasets are explained as well. Finally, the future research directions are discussed and concluded.