diff --git a/server/controllers/api/claim/publish/index.js b/server/controllers/api/claim/publish/index.js index 8def886c..b429e797 100644 --- a/server/controllers/api/claim/publish/index.js +++ b/server/controllers/api/claim/publish/index.js @@ -26,6 +26,7 @@ const claimPublish = ({ body, files, headers, ip, originalUrl, user, tor }, res) logger.info('Publish request:', { ip, headers, + body, }); // check for disabled publishing if (disabled) { @@ -34,17 +35,6 @@ const claimPublish = ({ body, files, headers, ip, originalUrl, user, tor }, res) message: disabledMessage }); } - // check for tor - logger.debug('tor:', tor); - if (tor) { - logger.info('Tor publish request blocked:', ip); - const failureResponse = { - success: 'false', - message: 'Unfortunately this api route is not currently available for tor users. We are working on a solution that will allow tor users to use this endpoint in the future.', - }; - return res.status(403).json(failureResponse); - } - // define variables let channelName, channelId, channelPassword, description, fileName, filePath, fileType, gaStartTime, license, name, nsfw, thumbnail, thumbnailFileName, thumbnailFilePath, thumbnailFileType, title; // record the start time of the request diff --git a/server/lbrynet/index.js b/server/lbrynet/index.js index bab4ede0..4ff64521 100644 --- a/server/lbrynet/index.js +++ b/server/lbrynet/index.js @@ -1,6 +1,6 @@ const axios = require('axios'); const logger = require('winston'); -const { apiHost, apiPort } = require('@config/lbryConfig'); +const { apiHost, apiPort, getTimeout } = require('@config/lbryConfig'); const lbrynetUri = 'http://' + apiHost + ':' + apiPort; const { chooseGaLbrynetPublishLabel, sendGATimingEvent } = require('../utils/googleAnalytics.js'); const handleLbrynetResponse = require('./utils/handleLbrynetResponse.js'); @@ -31,7 +31,10 @@ module.exports = { axios .post(lbrynetUri, { method: 'get', - params: { uri, timeout: 20 }, + params: { + uri, + timeout: getTimeout || 30, + }, }) .then(response => { sendGATimingEvent('lbrynet', 'getClaim', 'GET', gaStartTime, Date.now()); diff --git a/server/middleware/torCheckMiddleware.js b/server/middleware/torCheckMiddleware.js index 3d415417..1b410331 100644 --- a/server/middleware/torCheckMiddleware.js +++ b/server/middleware/torCheckMiddleware.js @@ -13,8 +13,16 @@ const torCheck = (req, res, next) => { }) .then(result => { logger.debug('tor check results:', result); - req['tor'] = (result.length >= 1); // add this to the req object - next(); + if (result.length >= 1) { + logger.info('Tor request blocked:', ip); + const failureResponse = { + success: false, + message: 'Unfortunately this api route is not currently available for tor users. We are working on a solution that will allow tor users to use this endpoint in the future.', + }; + res.status(403).json(failureResponse); + } else { + next(); + } }) .catch(error => { logger.error(error); diff --git a/server/routes/api/index.js b/server/routes/api/index.js index dd278cdd..bb24e5b2 100644 --- a/server/routes/api/index.js +++ b/server/routes/api/index.js @@ -23,27 +23,27 @@ const getBlockedList = require('../../controllers/api/blocked'); module.exports = (app) => { // channel routes - app.get('/api/channel/availability/:name', channelAvailability); - app.get('/api/channel/short-id/:longId/:name', channelShortId); - app.get('/api/channel/data/:channelName/:channelClaimId', channelData); - app.get('/api/channel/claims/:channelName/:channelClaimId/:page', channelClaims); + app.get('/api/channel/availability/:name', torCheckMiddleware, channelAvailability); + app.get('/api/channel/short-id/:longId/:name', torCheckMiddleware, channelShortId); + app.get('/api/channel/data/:channelName/:channelClaimId', torCheckMiddleware, channelData); + app.get('/api/channel/claims/:channelName/:channelClaimId/:page', torCheckMiddleware, channelClaims); // claim routes - app.get('/api/claim/availability/:name', claimAvailability); - app.get('/api/claim/data/:claimName/:claimId', claimData); - app.get('/api/claim/get/:name/:claimId', claimGet); - app.get('/api/claim/list/:name', claimList); - app.post('/api/claim/long-id', claimLongId); // should be a get + app.get('/api/claim/availability/:name', torCheckMiddleware, claimAvailability); + app.get('/api/claim/data/:claimName/:claimId', torCheckMiddleware, claimData); + app.get('/api/claim/get/:name/:claimId', torCheckMiddleware, claimGet); + app.get('/api/claim/list/:name', torCheckMiddleware, claimList); + app.post('/api/claim/long-id', torCheckMiddleware, claimLongId); // note: should be a 'get' app.post('/api/claim/publish', torCheckMiddleware, multipartMiddleware, claimPublish); - app.get('/api/claim/resolve/:name/:claimId', claimResolve); - app.get('/api/claim/short-id/:longId/:name', claimShortId); + app.get('/api/claim/resolve/:name/:claimId', torCheckMiddleware, claimResolve); + app.get('/api/claim/short-id/:longId/:name', torCheckMiddleware, claimShortId); // file routes - app.get('/api/file/availability/:name/:claimId', fileAvailability); + app.get('/api/file/availability/:name/:claimId', torCheckMiddleware, fileAvailability); // user routes - app.put('/api/user/password/', userPassword); + app.put('/api/user/password/', torCheckMiddleware, userPassword); // configs - app.get('/api/config/site/publishing', publishingConfig); + app.get('/api/config/site/publishing', torCheckMiddleware, publishingConfig); // tor - app.get('/api/tor', getTorList); + app.get('/api/tor', torCheckMiddleware, getTorList); // blocked - app.get('/api/blocked', getBlockedList); + app.get('/api/blocked', torCheckMiddleware, getBlockedList); };