Merge pull request #666 from lbryio/channelWhitelisting

Add channel whitelisting support
2018-10-29 15:56:17 -05:00 · 2018-10-29 15:56:17 -05:00 · c34b4aa66b
commit c34b4aa66b
parent 05d49f2bb4 c92cd75f88
4 changed files with 77 additions and 54 deletions
--- a/cli/defaults/siteConfig.json
+++ b/cli/defaults/siteConfig.json
@ -30,7 +30,8 @@
    "closedRegistration": false,
    "serveOnlyApproved": false,
    "publishOnlyApproved": false,
-    "approvedChannels": []
+    "approvedChannels": [],
+    "publishingChannelWhitelist": []
  },
  "startup": {
    "performChecks": true,
--- a/client/src/containers/AssetInfo/view.jsx
+++ b/client/src/containers/AssetInfo/view.jsx
@ -36,7 +36,7 @@ class AssetInfo extends React.Component {
          </Row>
        )}

-        {claimViews && (
+        {claimViews ? (
          <Row>
            <RowLabeled
              label={
@ -49,7 +49,7 @@ class AssetInfo extends React.Component {
              }
            />
          </Row>
-        )}
+        ) : null}

        <Row>
          <RowLabeled
--- a/server/middleware/autoblockPublishMiddleware.js
+++ b/server/middleware/autoblockPublishMiddleware.js
@ -0,0 +1,71 @@
+const fs = require('fs');
+
+const logger = require('winston');
+const { publishing: { publishingChannelWhitelist } } = require('@config/siteConfig');
+const ipBanFile = './config/ipBan.txt';
+const forbiddenMessage = '<h1>Forbidden</h1>If you are seeing this by mistake, please contact us using <a href="https://chat.lbry.io/">https://chat.lbry.io/</a>';
+
+let ipCounts = {};
+let blockedAddresses = [];
+
+if(fs.existsSync(ipBanFile)) {
+  const lineReader = require('readline').createInterface({
+    input: require('fs').createReadStream(ipBanFile),
+  });
+
+  lineReader.on('line', (line) => {
+    if(line && line !== '') {
+      blockedAddresses.push(line);
+    }
+  });
+}
+
+const autoblockPublishMiddleware = (req, res, next) => {
+  let ip = (req.headers['x-forwarded-for'] || req.connection.remoteAddress).split(/,\s?/)[0];
+
+  if(blockedAddresses.indexOf(ip) !== -1) {
+    res.status(403).send(forbiddenMessage);
+    res.end();
+
+    return;
+  }
+
+  let count = ipCounts[ip] = (ipCounts[ip] || 0) + 1;
+
+  setTimeout(() => {
+    if(ipCounts[ip]) {
+      ipCounts[ip]--;
+      if(ipCounts[ip] === 0) {
+        delete ipCounts[ip];
+      }
+    }
+  }, 600000 /* 10 minute retainer */)
+
+  if(count === 10) {
+    logger.error(`Banning IP: ${ip}`);
+    blockedAddresses.push(ip);
+    res.status(403).send(forbiddenMessage);
+    res.end();
+
+    fs.appendFile(ipBanFile, ip + '\n', () => {});
+  } else {
+    next();
+  }
+}
+
+const autoblockPublishBodyMiddleware = (req, res, next) => {
+  if(req.body && publishingChannelWhitelist) {
+    let ip = (req.headers['x-forwarded-for'] || req.connection.remoteAddress).split(/,\s?/)[0];
+    const { channelName } = req.body;
+
+    if(channelName && publishingChannelWhitelist.indexOf(channelName) !== -1) {
+      delete ipCounts[ip];
+    }
+  }
+  next();
+}
+
+module.exports = {
+  autoblockPublishMiddleware,
+  autoblockPublishBodyMiddleware,
+};
--- a/server/routes/api/index.js
+++ b/server/routes/api/index.js
@ -1,6 +1,5 @@
-const fs = require('fs');
-
 // middleware
+const { autoblockPublishMiddleware, autoblockPublishBodyMiddleware } = require('../../middleware/autoblockPublishMiddleware');
 const multipartMiddleware = require('../../middleware/multipartMiddleware');
 const torCheckMiddleware = require('../../middleware/torCheckMiddleware');
 // route handlers
@ -25,55 +24,7 @@ const getTorList = require('../../controllers/api/tor');
 const getBlockedList = require('../../controllers/api/blocked');
 const getOEmbedData = require('../../controllers/api/oEmbed');

-const logger = require('winston');
-const ipBanFile = './config/ipBan.txt';
-const forbiddenMessage = '<h1>Forbidden</h1>If you are seeing this by mistake, please contact us using <a href="https://chat.lbry.io/">https://chat.lbry.io/</a>';

-let ipCounts = {};
-let blockedAddresses = [];
-
-if(fs.existsSync(ipBanFile)) {
-  const lineReader = require('readline').createInterface({
-    input: require('fs').createReadStream(ipBanFile),
-  });
-
-  lineReader.on('line', (line) => {
-    if(line && line !== '') {
-      blockedAddresses.push(line);
-    }
-  });
-}
-
-const autoblockPublishMiddleware = (req, res, next) => {
-  let ip = (req.headers['x-forwarded-for'] || req.connection.remoteAddress).split(/,\s?/)[0];
-
-  if(blockedAddresses.indexOf(ip) !== -1) {
-    res.status(403).send(forbiddenMessage);
-    res.end();
-
-    return;
-  }
-
-  let count = ipCounts[ip] = (ipCounts[ip] || 0) + 1;
-
-  setTimeout(() => {
-    ipCounts[ip]--;
-    if(ipCounts[ip] === 0) {
-      delete ipCounts[ip];
-    }
-  }, 600000 /* 10 minute retainer */)
-
-  if(count === 10) {
-    logger.error(`Banning IP: ${ip}`);
-    blockedAddresses.push(ip);
-    res.status(403).send(forbiddenMessage);
-    res.end();
-
-    fs.appendFile(ipBanFile, ip + '\n', () => {});
-  } else {
-    next();
-  }
-}

 module.exports = {
  // homepage routes
@ -95,7 +46,7 @@ module.exports = {
  '/api/claim/get/:name/:claimId': { controller: [ torCheckMiddleware, claimGet ] },
  '/api/claim/list/:name': { controller: [ torCheckMiddleware, claimList ] },
  '/api/claim/long-id': { method: 'post', controller: [ torCheckMiddleware, claimLongId ] }, // note: should be a 'get'
-  '/api/claim/publish': { method: 'post', controller: [ torCheckMiddleware, autoblockPublishMiddleware, multipartMiddleware, claimPublish ] },
+  '/api/claim/publish': { method: 'post', controller: [ torCheckMiddleware, autoblockPublishMiddleware, multipartMiddleware, autoblockPublishBodyMiddleware, claimPublish ] },
  '/api/claim/resolve/:name/:claimId': { controller: [ torCheckMiddleware, claimResolve ] },
  '/api/claim/short-id/:longId/:name': { controller: [ torCheckMiddleware, claimShortId ] },
  '/api/claim/views/:claimId': { controller: [ torCheckMiddleware, claimViews ] },