Fix IP ban and add logging (#642)

This commit is contained in:
Shawn K 2018-10-19 14:36:51 -05:00 committed by GitHub
parent 5266f5bd7c
commit 5c2a33250e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -21,15 +21,18 @@ const getTorList = require('../../controllers/api/tor');
const getBlockedList = require('../../controllers/api/blocked'); const getBlockedList = require('../../controllers/api/blocked');
const getOEmbedData = require('../../controllers/api/oEmbed'); const getOEmbedData = require('../../controllers/api/oEmbed');
const logger = require('winston');
const forbiddenMessage = '<h1>Forbidden</h1>If you are seeing this by mistake, please contact us using <a href="https://chat.lbry.io/">https://chat.lbry.io/</a>'; const forbiddenMessage = '<h1>Forbidden</h1>If you are seeing this by mistake, please contact us using <a href="https://chat.lbry.io/">https://chat.lbry.io/</a>';
let ipCounts = {}; let ipCounts = {};
let blockedAddresses = []; let blockedAddresses = [];
const autoblockPublishMiddleware = (req, res, next) => { const autoblockPublishMiddleware = (req, res, next) => {
let ip = (req.headers['x-forwarded-for'] || req.connection.remoteAddress).split(/,\s?/); let ip = (req.headers['x-forwarded-for'] || req.connection.remoteAddress).split(/,\s?/)[0];
if(blockedAddresses.indexOf(ip) !== -1) { if(blockedAddresses.indexOf(ip) !== -1) {
logger.warn(`Banned IP publish attempt: ${ip}`);
res.status(403).send(forbiddenMessage); res.status(403).send(forbiddenMessage);
res.end(); res.end();
@ -46,6 +49,7 @@ const autoblockPublishMiddleware = (req, res, next) => {
}, 600000 /* 10 minute retainer */) }, 600000 /* 10 minute retainer */)
if(count === 10) { if(count === 10) {
logger.error(`Banning IP: ${ip}`);
blockedAddresses.push(ip); blockedAddresses.push(ip);
res.status(403).send(forbiddenMessage); res.status(403).send(forbiddenMessage);
res.end(); res.end();