Add channel whitelisting support
This commit is contained in:
parent
05d49f2bb4
commit
a1ab73bd77
4 changed files with 81 additions and 54 deletions
|
@ -30,7 +30,8 @@
|
|||
"closedRegistration": false,
|
||||
"serveOnlyApproved": false,
|
||||
"publishOnlyApproved": false,
|
||||
"approvedChannels": []
|
||||
"approvedChannels": [],
|
||||
"publishingChannelWhitelist": []
|
||||
},
|
||||
"startup": {
|
||||
"performChecks": true,
|
||||
|
|
|
@ -36,7 +36,7 @@ class AssetInfo extends React.Component {
|
|||
</Row>
|
||||
)}
|
||||
|
||||
{claimViews && (
|
||||
{claimViews ? (
|
||||
<Row>
|
||||
<RowLabeled
|
||||
label={
|
||||
|
@ -49,7 +49,7 @@ class AssetInfo extends React.Component {
|
|||
}
|
||||
/>
|
||||
</Row>
|
||||
)}
|
||||
) : null}
|
||||
|
||||
<Row>
|
||||
<RowLabeled
|
||||
|
|
75
server/middleware/autoblockPublishMiddleware.js
Normal file
75
server/middleware/autoblockPublishMiddleware.js
Normal file
|
@ -0,0 +1,75 @@
|
|||
const fs = require('fs');
|
||||
|
||||
const logger = require('winston');
|
||||
const { publishing: { publishingChannelWhitelist } } = require('@config/siteConfig');
|
||||
const ipBanFile = './config/ipBan.txt';
|
||||
const forbiddenMessage = '<h1>Forbidden</h1>If you are seeing this by mistake, please contact us using <a href="https://chat.lbry.io/">https://chat.lbry.io/</a>';
|
||||
|
||||
let ipCounts = {};
|
||||
let blockedAddresses = [];
|
||||
|
||||
if(fs.existsSync(ipBanFile)) {
|
||||
const lineReader = require('readline').createInterface({
|
||||
input: require('fs').createReadStream(ipBanFile),
|
||||
});
|
||||
|
||||
lineReader.on('line', (line) => {
|
||||
if(line && line !== '') {
|
||||
blockedAddresses.push(line);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
const autoblockPublishMiddleware = (req, res, next) => {
|
||||
let ip = (req.headers['x-forwarded-for'] || req.connection.remoteAddress).split(/,\s?/)[0];
|
||||
|
||||
if(blockedAddresses.indexOf(ip) !== -1) {
|
||||
res.status(403).send(forbiddenMessage);
|
||||
res.end();
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
let count = ipCounts[ip] = (ipCounts[ip] || 0) + 1;
|
||||
|
||||
setTimeout(() => {
|
||||
if(ipCounts[ip]) {
|
||||
ipCounts[ip]--;
|
||||
if(ipCounts[ip] === 0) {
|
||||
delete ipCounts[ip];
|
||||
}
|
||||
}
|
||||
}, 600000 /* 10 minute retainer */)
|
||||
|
||||
if(count === 10) {
|
||||
logger.error(`Banning IP: ${ip}`);
|
||||
blockedAddresses.push(ip);
|
||||
res.status(403).send(forbiddenMessage);
|
||||
res.end();
|
||||
|
||||
fs.appendFile(ipBanFile, ip + '\n', () => {});
|
||||
} else {
|
||||
next();
|
||||
}
|
||||
}
|
||||
|
||||
const autoblockPublishBodyMiddleware = (req, res, next) => {
|
||||
console.log('REQUEST BODY', req.body)
|
||||
if(req.body && publishingChannelWhitelist) {
|
||||
let ip = (req.headers['x-forwarded-for'] || req.connection.remoteAddress).split(/,\s?/)[0];
|
||||
|
||||
const { channelName } = req.body;
|
||||
|
||||
console.log(channelName, publishingChannelWhitelist.indexOf(channelName) !== -1)
|
||||
if(channelName && publishingChannelWhitelist.indexOf(channelName) !== -1) {
|
||||
console.log('whitelisted channelName')
|
||||
delete ipCounts[ip];
|
||||
}
|
||||
}
|
||||
next();
|
||||
}
|
||||
|
||||
module.exports = {
|
||||
autoblockPublishMiddleware,
|
||||
autoblockPublishBodyMiddleware,
|
||||
};
|
|
@ -1,6 +1,5 @@
|
|||
const fs = require('fs');
|
||||
|
||||
// middleware
|
||||
const { autoblockPublishMiddleware, autoblockPublishBodyMiddleware } = require('../../middleware/autoblockPublishMiddleware');
|
||||
const multipartMiddleware = require('../../middleware/multipartMiddleware');
|
||||
const torCheckMiddleware = require('../../middleware/torCheckMiddleware');
|
||||
// route handlers
|
||||
|
@ -25,55 +24,7 @@ const getTorList = require('../../controllers/api/tor');
|
|||
const getBlockedList = require('../../controllers/api/blocked');
|
||||
const getOEmbedData = require('../../controllers/api/oEmbed');
|
||||
|
||||
const logger = require('winston');
|
||||
const ipBanFile = './config/ipBan.txt';
|
||||
const forbiddenMessage = '<h1>Forbidden</h1>If you are seeing this by mistake, please contact us using <a href="https://chat.lbry.io/">https://chat.lbry.io/</a>';
|
||||
|
||||
let ipCounts = {};
|
||||
let blockedAddresses = [];
|
||||
|
||||
if(fs.existsSync(ipBanFile)) {
|
||||
const lineReader = require('readline').createInterface({
|
||||
input: require('fs').createReadStream(ipBanFile),
|
||||
});
|
||||
|
||||
lineReader.on('line', (line) => {
|
||||
if(line && line !== '') {
|
||||
blockedAddresses.push(line);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
const autoblockPublishMiddleware = (req, res, next) => {
|
||||
let ip = (req.headers['x-forwarded-for'] || req.connection.remoteAddress).split(/,\s?/)[0];
|
||||
|
||||
if(blockedAddresses.indexOf(ip) !== -1) {
|
||||
res.status(403).send(forbiddenMessage);
|
||||
res.end();
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
let count = ipCounts[ip] = (ipCounts[ip] || 0) + 1;
|
||||
|
||||
setTimeout(() => {
|
||||
ipCounts[ip]--;
|
||||
if(ipCounts[ip] === 0) {
|
||||
delete ipCounts[ip];
|
||||
}
|
||||
}, 600000 /* 10 minute retainer */)
|
||||
|
||||
if(count === 10) {
|
||||
logger.error(`Banning IP: ${ip}`);
|
||||
blockedAddresses.push(ip);
|
||||
res.status(403).send(forbiddenMessage);
|
||||
res.end();
|
||||
|
||||
fs.appendFile(ipBanFile, ip + '\n', () => {});
|
||||
} else {
|
||||
next();
|
||||
}
|
||||
}
|
||||
|
||||
module.exports = {
|
||||
// homepage routes
|
||||
|
@ -95,7 +46,7 @@ module.exports = {
|
|||
'/api/claim/get/:name/:claimId': { controller: [ torCheckMiddleware, claimGet ] },
|
||||
'/api/claim/list/:name': { controller: [ torCheckMiddleware, claimList ] },
|
||||
'/api/claim/long-id': { method: 'post', controller: [ torCheckMiddleware, claimLongId ] }, // note: should be a 'get'
|
||||
'/api/claim/publish': { method: 'post', controller: [ torCheckMiddleware, autoblockPublishMiddleware, multipartMiddleware, claimPublish ] },
|
||||
'/api/claim/publish': { method: 'post', controller: [ torCheckMiddleware, autoblockPublishMiddleware, multipartMiddleware, autoblockPublishBodyMiddleware, claimPublish ] },
|
||||
'/api/claim/resolve/:name/:claimId': { controller: [ torCheckMiddleware, claimResolve ] },
|
||||
'/api/claim/short-id/:longId/:name': { controller: [ torCheckMiddleware, claimShortId ] },
|
||||
'/api/claim/views/:claimId': { controller: [ torCheckMiddleware, claimViews ] },
|
||||
|
|
Loading…
Add table
Reference in a new issue