From 67601ea97f0a3981b9af5a0175c70f6ea3690f15 Mon Sep 17 00:00:00 2001 From: bill bittner Date: Wed, 27 Jun 2018 14:23:14 -0700 Subject: [PATCH 01/16] added torCheck to middleware --- .../{routes/utils => middleware}/multipartMiddleware.js | 0 server/middleware/torCheckMiddleware.js | 9 +++++++++ server/routes/api/index.js | 5 +++-- 3 files changed, 12 insertions(+), 2 deletions(-) rename server/{routes/utils => middleware}/multipartMiddleware.js (100%) create mode 100644 server/middleware/torCheckMiddleware.js diff --git a/server/routes/utils/multipartMiddleware.js b/server/middleware/multipartMiddleware.js similarity index 100% rename from server/routes/utils/multipartMiddleware.js rename to server/middleware/multipartMiddleware.js diff --git a/server/middleware/torCheckMiddleware.js b/server/middleware/torCheckMiddleware.js new file mode 100644 index 00000000..df424e3a --- /dev/null +++ b/server/middleware/torCheckMiddleware.js @@ -0,0 +1,9 @@ +const logger = require('winston'); + +const torCheck = (req, res, next) => { // custom logging middleware to log all incoming http requests + const { ip } = req; + logger.debug(`tor check for ${ip}`); + next(); +}; + +module.exports = torCheck; diff --git a/server/routes/api/index.js b/server/routes/api/index.js index 6a89348d..a8bc233c 100644 --- a/server/routes/api/index.js +++ b/server/routes/api/index.js @@ -15,7 +15,8 @@ const fileAvailability = require('../../controllers/api/file/availability'); const userPassword = require('../../controllers/api/user/password'); const publishingConfig = require('../../controllers/api/config/site/publishing'); -const multipartMiddleware = require('../utils/multipartMiddleware'); +const multipartMiddleware = require('../../middleware/multipartMiddleware'); +const torCheckMiddleware = require('../../middleware/torCheckMiddleware'); module.exports = (app) => { // channel routes @@ -30,7 +31,7 @@ module.exports = (app) => { app.get('/api/claim/get/:name/:claimId', claimGet); app.get('/api/claim/list/:name', claimList); app.post('/api/claim/long-id', claimLongId); // should be a get - app.post('/api/claim/publish', multipartMiddleware, claimPublish); + app.post('/api/claim/publish', torCheckMiddleware, multipartMiddleware, claimPublish); app.get('/api/claim/resolve/:name/:claimId', claimResolve); app.get('/api/claim/short-id/:longId/:name', claimShortId); // file routes -- 2.45.2 From 097ef744d701bb113e7786b24d99dc639f31a0e4 Mon Sep 17 00:00:00 2001 From: bill bittner Date: Wed, 27 Jun 2018 15:01:40 -0700 Subject: [PATCH 02/16] updated logging --- server/controllers/api/claim/publish/index.js | 8 ------- server/middleware/torCheckMiddleware.js | 22 +++++++++++++++---- 2 files changed, 18 insertions(+), 12 deletions(-) diff --git a/server/controllers/api/claim/publish/index.js b/server/controllers/api/claim/publish/index.js index 7d42106a..d5f6a312 100644 --- a/server/controllers/api/claim/publish/index.js +++ b/server/controllers/api/claim/publish/index.js @@ -1,5 +1,3 @@ -const logger = require('winston'); - const { details: { host }, publishing: { disabled, disabledMessage } } = require('@config/siteConfig'); const { sendGATimingEvent } = require('../../../../utils/googleAnalytics.js'); @@ -22,12 +20,6 @@ const authenticateUser = require('./authentication.js'); */ const claimPublish = ({ body, files, headers, ip, originalUrl, user }, res) => { - // logging - logger.info('PUBLISH REQUEST:', { - ip, - headers, - body, - }); // check for disabled publishing if (disabled) { return res.status(503).json({ diff --git a/server/middleware/torCheckMiddleware.js b/server/middleware/torCheckMiddleware.js index df424e3a..e6e2a8a2 100644 --- a/server/middleware/torCheckMiddleware.js +++ b/server/middleware/torCheckMiddleware.js @@ -1,9 +1,23 @@ const logger = require('winston'); -const torCheck = (req, res, next) => { // custom logging middleware to log all incoming http requests - const { ip } = req; - logger.debug(`tor check for ${ip}`); - next(); +function ipIsInTorList (ip) { + return true; +} + +const torCheck = ({ ip, headers, body }, res, next) => { + logger.debug(`tor check for:`, { + ip, + headers, + body, + }); + // check the tor node list + if (ipIsInTorList(ip)) { + return res.status('400').json({ + success: 'false', + message: 'Unfortunately this api route is not currently available for tor users. We are working on a solution that will allow tor users to publish in the future.', + }); + }; + return next(); }; module.exports = torCheck; -- 2.45.2 From bcca1e1df2406e0582335fcc524aaabcb5cc778c Mon Sep 17 00:00:00 2001 From: bill bittner Date: Wed, 27 Jun 2018 15:11:25 -0700 Subject: [PATCH 03/16] added a Tor model --- server/middleware/torCheckMiddleware.js | 4 ++-- server/models/index.js | 2 ++ server/models/tor.js | 14 ++++++++++++++ 3 files changed, 18 insertions(+), 2 deletions(-) create mode 100644 server/models/tor.js diff --git a/server/middleware/torCheckMiddleware.js b/server/middleware/torCheckMiddleware.js index e6e2a8a2..50a9e567 100644 --- a/server/middleware/torCheckMiddleware.js +++ b/server/middleware/torCheckMiddleware.js @@ -14,9 +14,9 @@ const torCheck = ({ ip, headers, body }, res, next) => { if (ipIsInTorList(ip)) { return res.status('400').json({ success: 'false', - message: 'Unfortunately this api route is not currently available for tor users. We are working on a solution that will allow tor users to publish in the future.', + message: 'Unfortunately this api route is not currently available for tor users. We are working on a solution that will allow tor users to use this endpoint in the future.', }); - }; + } return next(); }; diff --git a/server/models/index.js b/server/models/index.js index e2011bc8..a13d58ec 100644 --- a/server/models/index.js +++ b/server/models/index.js @@ -8,6 +8,7 @@ const File = require('./file.js'); const Request = require('./request.js'); const User = require('./user.js'); const Blocked = require('./blocked.js'); +const Tor = require('./tor.js'); const {database, username, password} = require('@config/mysqlConfig'); if (!database || !username || !password) { @@ -50,6 +51,7 @@ db['File'] = sequelize.import('File', File); db['Request'] = sequelize.import('Request', Request); db['User'] = sequelize.import('User', User); db['Blocked'] = sequelize.import('Blocked', Blocked); +db['Tor'] = sequelize.import('Tor', Tor); // run model.association for each model in the db object that has an association logger.info('associating db models...'); diff --git a/server/models/tor.js b/server/models/tor.js new file mode 100644 index 00000000..90df0e2b --- /dev/null +++ b/server/models/tor.js @@ -0,0 +1,14 @@ +module.exports = (sequelize, { STRING }) => { + return sequelize.define( + 'Tor', + { + ip: { + type : STRING, + allowNull: false, + }, + }, + { + freezeTableName: true, + } + ); +}; -- 2.45.2 From 6aaa6bd0aa672103f5d9f3117a4ed35ce0bdc70f Mon Sep 17 00:00:00 2001 From: bill bittner Date: Wed, 27 Jun 2018 17:30:26 -0700 Subject: [PATCH 04/16] added an endpoint to update tor node list --- server/controllers/api/tor/index.js | 51 +++++++++++++++++++++++++++++ server/models/tor.js | 6 +++- server/routes/api/index.js | 3 ++ 3 files changed, 59 insertions(+), 1 deletion(-) create mode 100644 server/controllers/api/tor/index.js diff --git a/server/controllers/api/tor/index.js b/server/controllers/api/tor/index.js new file mode 100644 index 00000000..8c354a99 --- /dev/null +++ b/server/controllers/api/tor/index.js @@ -0,0 +1,51 @@ +const logger = require('winston'); +const db = require('../../../models'); + +const ipAddress = '54.236.53.10'; + +/* + + Route to update and return tor exit nodes that can connect to this ip address + +*/ + +const getTorList = (req, res) => { + return fetch(`https://check.torproject.org/api/bulk?ip=${ipAddress}&port=80`) + .then(response => { + return response.json(); + }) + .then( jsonResponse => { + const torList = []; + for (let i = 0; i < jsonResponse.length; i++) { + torList.push({ + address: jsonResponse[i].Address, + fingerprint: jsonResponse[i].Fingerprint, + }); + } + return db.Tor.destroy({ + truncate: true, + }) + .then(() => { + return db.Tor.bulkCreate(torList) + }) + }) + .then(() => { + return db.Tor.findAll({ + attributes: ['address', 'fingerprint'], + }) + .map(el => el.get({ plain: true })); + }) + .then( result => { + logger.debug('number of records', result.length); + res.status(200).json(result); + }) + .catch((error) => { + logger.error(error); + res.status(500).json({ + success: false, + error, + }) + }); +}; + +module.exports = getTorList; diff --git a/server/models/tor.js b/server/models/tor.js index 90df0e2b..008817f0 100644 --- a/server/models/tor.js +++ b/server/models/tor.js @@ -2,10 +2,14 @@ module.exports = (sequelize, { STRING }) => { return sequelize.define( 'Tor', { - ip: { + address: { type : STRING, allowNull: false, }, + fingerprint: { + type : STRING, + allowNull: true, + }, }, { freezeTableName: true, diff --git a/server/routes/api/index.js b/server/routes/api/index.js index a8bc233c..e32dbb8f 100644 --- a/server/routes/api/index.js +++ b/server/routes/api/index.js @@ -14,6 +14,7 @@ const claimShortId = require('../../controllers/api/claim/shortId'); const fileAvailability = require('../../controllers/api/file/availability'); const userPassword = require('../../controllers/api/user/password'); const publishingConfig = require('../../controllers/api/config/site/publishing'); +const getTorList = require('../../controllers/api/tor'); const multipartMiddleware = require('../../middleware/multipartMiddleware'); const torCheckMiddleware = require('../../middleware/torCheckMiddleware'); @@ -40,4 +41,6 @@ module.exports = (app) => { app.put('/api/user/password/', userPassword); // configs app.get('/api/config/site/publishing', publishingConfig); + // tor + app.get('/api/tor', getTorList); }; -- 2.45.2 From a3df21968481dd98e424d1e9af911e64a35498c6 Mon Sep 17 00:00:00 2001 From: bill bittner Date: Wed, 27 Jun 2018 17:39:41 -0700 Subject: [PATCH 05/16] updated tor check to use site ip config --- server/controllers/api/tor/index.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server/controllers/api/tor/index.js b/server/controllers/api/tor/index.js index 8c354a99..c6bab3b9 100644 --- a/server/controllers/api/tor/index.js +++ b/server/controllers/api/tor/index.js @@ -1,7 +1,7 @@ const logger = require('winston'); const db = require('../../../models'); -const ipAddress = '54.236.53.10'; +const { details: { ipAddress } } = require('@config/siteConfig'); /* -- 2.45.2 From aed4e05b24f49af58fb0f8f4e43ee1d9ad725106 Mon Sep 17 00:00:00 2001 From: bill bittner Date: Wed, 27 Jun 2018 17:56:28 -0700 Subject: [PATCH 06/16] fixed findall raw query --- server/controllers/api/tor/index.js | 4 +-- server/middleware/torCheckMiddleware.js | 41 +++++++++++++++---------- 2 files changed, 27 insertions(+), 18 deletions(-) diff --git a/server/controllers/api/tor/index.js b/server/controllers/api/tor/index.js index c6bab3b9..dc95cb31 100644 --- a/server/controllers/api/tor/index.js +++ b/server/controllers/api/tor/index.js @@ -32,8 +32,8 @@ const getTorList = (req, res) => { .then(() => { return db.Tor.findAll({ attributes: ['address', 'fingerprint'], - }) - .map(el => el.get({ plain: true })); + raw: true, + }); }) .then( result => { logger.debug('number of records', result.length); diff --git a/server/middleware/torCheckMiddleware.js b/server/middleware/torCheckMiddleware.js index 50a9e567..bb4d9840 100644 --- a/server/middleware/torCheckMiddleware.js +++ b/server/middleware/torCheckMiddleware.js @@ -1,23 +1,32 @@ const logger = require('winston'); - -function ipIsInTorList (ip) { - return true; -} +const db = require('../models'); const torCheck = ({ ip, headers, body }, res, next) => { - logger.debug(`tor check for:`, { - ip, - headers, - body, - }); - // check the tor node list - if (ipIsInTorList(ip)) { - return res.status('400').json({ - success: 'false', - message: 'Unfortunately this api route is not currently available for tor users. We are working on a solution that will allow tor users to use this endpoint in the future.', + logger.debug(`tor check for: ${ip}`); + return db.Tor.findAll( + { + where: { + address: ip, + }, + raw: true, + }) + .then(result => { + logger.debug('tor check results:', result); + if (result.length >= 1) { + logger.debug('this is a tor ip'); + const failureResponse = { + success: 'false', + message: 'Unfortunately this api route is not currently available for tor users. We are working on a solution that will allow tor users to use this endpoint in the future.', + }; + return res.status(400).json(failureResponse); + } else { + logger.debug('this is not a tor ip'); + return next(); + } + }) + .catch(error => { + logger.error(error); }); - } - return next(); }; module.exports = torCheck; -- 2.45.2 From a46b157fe12432ed9c5a8cf894b08b656e5d86ae Mon Sep 17 00:00:00 2001 From: bill bittner Date: Wed, 27 Jun 2018 18:10:47 -0700 Subject: [PATCH 07/16] added tor middleware response handling --- server/controllers/api/claim/publish/index.js | 14 +++++++++++++- server/middleware/torCheckMiddleware.js | 16 ++++------------ 2 files changed, 17 insertions(+), 13 deletions(-) diff --git a/server/controllers/api/claim/publish/index.js b/server/controllers/api/claim/publish/index.js index d5f6a312..ca958e4b 100644 --- a/server/controllers/api/claim/publish/index.js +++ b/server/controllers/api/claim/publish/index.js @@ -1,3 +1,5 @@ +const logger = require('winston'); + const { details: { host }, publishing: { disabled, disabledMessage } } = require('@config/siteConfig'); const { sendGATimingEvent } = require('../../../../utils/googleAnalytics.js'); @@ -19,7 +21,7 @@ const authenticateUser = require('./authentication.js'); */ -const claimPublish = ({ body, files, headers, ip, originalUrl, user }, res) => { +const claimPublish = ({ body, files, headers, ip, originalUrl, user, tor }, res) => { // check for disabled publishing if (disabled) { return res.status(503).json({ @@ -27,6 +29,16 @@ const claimPublish = ({ body, files, headers, ip, originalUrl, user }, res) => { message: disabledMessage }); } + // check for tor + logger.debug('tor:', tor); + if (tor) { + const failureResponse = { + success: 'false', + message: 'Unfortunately this api route is not currently available for tor users. We are working on a solution that will allow tor users to use this endpoint in the future.', + }; + return res.status(400).json(failureResponse); + } + // define variables let channelName, channelId, channelPassword, description, fileName, filePath, fileType, gaStartTime, license, name, nsfw, thumbnail, thumbnailFileName, thumbnailFilePath, thumbnailFileType, title; // record the start time of the request diff --git a/server/middleware/torCheckMiddleware.js b/server/middleware/torCheckMiddleware.js index bb4d9840..3d415417 100644 --- a/server/middleware/torCheckMiddleware.js +++ b/server/middleware/torCheckMiddleware.js @@ -1,7 +1,8 @@ const logger = require('winston'); const db = require('../models'); -const torCheck = ({ ip, headers, body }, res, next) => { +const torCheck = (req, res, next) => { + const { ip } = req; logger.debug(`tor check for: ${ip}`); return db.Tor.findAll( { @@ -12,17 +13,8 @@ const torCheck = ({ ip, headers, body }, res, next) => { }) .then(result => { logger.debug('tor check results:', result); - if (result.length >= 1) { - logger.debug('this is a tor ip'); - const failureResponse = { - success: 'false', - message: 'Unfortunately this api route is not currently available for tor users. We are working on a solution that will allow tor users to use this endpoint in the future.', - }; - return res.status(400).json(failureResponse); - } else { - logger.debug('this is not a tor ip'); - return next(); - } + req['tor'] = (result.length >= 1); // add this to the req object + next(); }) .catch(error => { logger.error(error); -- 2.45.2 From f5e01840e3d23e1520e16b014151a7a19fa10395 Mon Sep 17 00:00:00 2001 From: bill bittner Date: Wed, 27 Jun 2018 21:27:38 -0700 Subject: [PATCH 08/16] added logging --- server/controllers/api/claim/publish/index.js | 1 + 1 file changed, 1 insertion(+) diff --git a/server/controllers/api/claim/publish/index.js b/server/controllers/api/claim/publish/index.js index ca958e4b..94044031 100644 --- a/server/controllers/api/claim/publish/index.js +++ b/server/controllers/api/claim/publish/index.js @@ -32,6 +32,7 @@ const claimPublish = ({ body, files, headers, ip, originalUrl, user, tor }, res) // check for tor logger.debug('tor:', tor); if (tor) { + logger.info('Tor publish request blocked:', ip); const failureResponse = { success: 'false', message: 'Unfortunately this api route is not currently available for tor users. We are working on a solution that will allow tor users to use this endpoint in the future.', -- 2.45.2 From faf7f5702b54b26363f59e2430bd01e63bac278a Mon Sep 17 00:00:00 2001 From: bill bittner Date: Thu, 28 Jun 2018 09:48:16 -0700 Subject: [PATCH 09/16] changed tor response to 403 --- server/controllers/api/claim/publish/index.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server/controllers/api/claim/publish/index.js b/server/controllers/api/claim/publish/index.js index 94044031..aeb33bae 100644 --- a/server/controllers/api/claim/publish/index.js +++ b/server/controllers/api/claim/publish/index.js @@ -37,7 +37,7 @@ const claimPublish = ({ body, files, headers, ip, originalUrl, user, tor }, res) success: 'false', message: 'Unfortunately this api route is not currently available for tor users. We are working on a solution that will allow tor users to use this endpoint in the future.', }; - return res.status(400).json(failureResponse); + return res.status(403).json(failureResponse); } // define variables -- 2.45.2 From ad23708cd60dc17b5a39e42cc8f2f5a9dcaf024e Mon Sep 17 00:00:00 2001 From: bill bittner Date: Thu, 28 Jun 2018 10:39:46 -0700 Subject: [PATCH 10/16] added Tor list referesh method to model --- index.js | 27 +++++++++++++------ server/controllers/api/tor/index.js | 28 +------------------- server/models/tor.js | 40 ++++++++++++++++++++++++++++- 3 files changed, 59 insertions(+), 36 deletions(-) diff --git a/index.js b/index.js index fb4e362e..32d74ef1 100644 --- a/index.js +++ b/index.js @@ -107,18 +107,29 @@ function Server () { this.initialize(); this.createApp(); this.createServer(); - /* start the server */ - logger.info('getting LBC balance & syncing database...'); - Promise.all([ - this.syncDatabase(), - getWalletBalance(), - ]) - .then(([syncResult, walletBalance]) => { - logger.info('starting LBC balance:', walletBalance); + logger.info(`Syncing database...`); + this.syncDatabase() + .then(() => { + logger.info(`Starting server on ${PORT}...`); return this.server.listen(PORT, () => { logger.info(`Server is listening on PORT ${PORT}`); }) }) + .then(() => { + logger.info(`Getting starting balance`); + logger.info(`Updating blocked list`); + logger.info(`Updating tor node list`); + Promise.all([ + getWalletBalance(), + updateBlockedList(), + updateTorList(), + ]) + }) + .then(([walletBalance, updatedBlockedList, updatedTorList]) => { + logger.info('Starting LBC balance:', walletBalance); + logger.info('Blocked list length:', updatedBlockedList.length); + logger.info('Tor list length:', updatedTorList.length); + }) .catch(error => { if (error.code === 'ECONNREFUSED') { return logger.error('Connection refused. The daemon may not be running.') diff --git a/server/controllers/api/tor/index.js b/server/controllers/api/tor/index.js index dc95cb31..df4c5831 100644 --- a/server/controllers/api/tor/index.js +++ b/server/controllers/api/tor/index.js @@ -1,8 +1,6 @@ const logger = require('winston'); const db = require('../../../models'); -const { details: { ipAddress } } = require('@config/siteConfig'); - /* Route to update and return tor exit nodes that can connect to this ip address @@ -10,31 +8,7 @@ const { details: { ipAddress } } = require('@config/siteConfig'); */ const getTorList = (req, res) => { - return fetch(`https://check.torproject.org/api/bulk?ip=${ipAddress}&port=80`) - .then(response => { - return response.json(); - }) - .then( jsonResponse => { - const torList = []; - for (let i = 0; i < jsonResponse.length; i++) { - torList.push({ - address: jsonResponse[i].Address, - fingerprint: jsonResponse[i].Fingerprint, - }); - } - return db.Tor.destroy({ - truncate: true, - }) - .then(() => { - return db.Tor.bulkCreate(torList) - }) - }) - .then(() => { - return db.Tor.findAll({ - attributes: ['address', 'fingerprint'], - raw: true, - }); - }) + db.Tor.refreshTable() .then( result => { logger.debug('number of records', result.length); res.status(200).json(result); diff --git a/server/models/tor.js b/server/models/tor.js index 008817f0..51541545 100644 --- a/server/models/tor.js +++ b/server/models/tor.js @@ -1,5 +1,7 @@ +const { details: { ipAddress } } = require('@config/siteConfig'); + module.exports = (sequelize, { STRING }) => { - return sequelize.define( + const Tor = sequelize.define( 'Tor', { address: { @@ -15,4 +17,40 @@ module.exports = (sequelize, { STRING }) => { freezeTableName: true, } ); + + Tor.refreshTable = function () { + let torList = []; + return fetch(`https://check.torproject.org/api/bulk?ip=${ipAddress}&port=80`) + .then(response => { + return response.json(); + }) + .then(jsonResponse => { + for (let i = 0; i < jsonResponse.length; i++) { + torList.push({ + address : jsonResponse[i].Address, + fingerprint: jsonResponse[i].Fingerprint, + }); + } + // clear the table + return this.destroy({ + truncate: true, + }); + }) + .then(() => { + // fill the table + return this.bulkCreate(torList); + }) + .then(() => { + // return the new table + return this.findAll({ + attributes: ['address', 'fingerprint'], + raw : true, + }); + }) + .catch(error => { + throw error; + }); + }; + + return Tor; }; -- 2.45.2 From 65f90270e67d7a66271fec3412e5c17b912ec74c Mon Sep 17 00:00:00 2001 From: bill bittner Date: Thu, 28 Jun 2018 10:44:20 -0700 Subject: [PATCH 11/16] removed blocked list refresh from startup flow for testing --- index.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/index.js b/index.js index 32d74ef1..d9358f37 100644 --- a/index.js +++ b/index.js @@ -121,8 +121,8 @@ function Server () { logger.info(`Updating tor node list`); Promise.all([ getWalletBalance(), - updateBlockedList(), - updateTorList(), + [], + db.Tor.refreshTable(), ]) }) .then(([walletBalance, updatedBlockedList, updatedTorList]) => { -- 2.45.2 From 8b24b2f0cb45ee2b523d9583f8e2fa161141321f Mon Sep 17 00:00:00 2001 From: bill bittner Date: Thu, 28 Jun 2018 11:19:24 -0700 Subject: [PATCH 12/16] rearanged startup process --- index.js | 46 +++++++++++++++++++++++++++++----------------- 1 file changed, 29 insertions(+), 17 deletions(-) diff --git a/index.js b/index.js index d9358f37..ab2af386 100644 --- a/index.js +++ b/index.js @@ -97,42 +97,54 @@ function Server () { /* create server */ this.server = http.Server(this.app); }; + this.startServerListening = () => { + logger.info(`Starting server on ${PORT}...`); + return new Promise((resolve, reject) => { + this.server.listen(PORT, () => { + logger.info(`Server is listening on PORT ${PORT}`); + resolve(); + }) + }); + }; this.syncDatabase = () => { + logger.info(`Syncing database...`); return createDatabaseIfNotExists() .then(() => { db.sequelize.sync(); }) }; + this.performChecksAndUpdates = () => { + logger.info(`Getting wallet balance and updating resources`); + return Promise.all([ + getWalletBalance(), + [], + db.Tor.refreshTable(), + ]) + .then(([walletBalance, updatedBlockedList, updatedTorList]) => { + logger.info('Starting LBC balance:', walletBalance); + logger.info('Blocked list length:', updatedBlockedList.length); + logger.info('Tor list length:', updatedTorList.length); + }) + }; this.start = () => { this.initialize(); this.createApp(); this.createServer(); - logger.info(`Syncing database...`); this.syncDatabase() .then(() => { - logger.info(`Starting server on ${PORT}...`); - return this.server.listen(PORT, () => { - logger.info(`Server is listening on PORT ${PORT}`); - }) + return this.startServerListening(); }) .then(() => { - logger.info(`Getting starting balance`); - logger.info(`Updating blocked list`); - logger.info(`Updating tor node list`); - Promise.all([ - getWalletBalance(), - [], - db.Tor.refreshTable(), - ]) + return this.performChecksAndUpdates(); }) - .then(([walletBalance, updatedBlockedList, updatedTorList]) => { - logger.info('Starting LBC balance:', walletBalance); - logger.info('Blocked list length:', updatedBlockedList.length); - logger.info('Tor list length:', updatedTorList.length); + .then(() => { + logger.info('Spee.ch startup is complete.'); }) .catch(error => { if (error.code === 'ECONNREFUSED') { return logger.error('Connection refused. The daemon may not be running.') + } else if (error.code === 'EADDRINUSE') { + return logger.error('Server could not start listening. The port is already in use.'); } else if (error.message) { logger.error(error.message); } -- 2.45.2 From e224926f8bc9da1ec5fae3178715b5dd85444697 Mon Sep 17 00:00:00 2001 From: bill bittner Date: Thu, 28 Jun 2018 11:31:21 -0700 Subject: [PATCH 13/16] added ability to turn off checks/updates via config --- index.js | 36 ++++++++++++++++++++++++++++-------- 1 file changed, 28 insertions(+), 8 deletions(-) diff --git a/index.js b/index.js index ab2af386..d4eb8274 100644 --- a/index.js +++ b/index.js @@ -35,6 +35,10 @@ const speechPassport = require('./server/speechPassport'); const { details: { port: PORT }, auth: { sessionKey }, + startup: { + performChecks, + performUpdates, + }, } = require('@config/siteConfig'); function Server () { @@ -113,17 +117,30 @@ function Server () { db.sequelize.sync(); }) }; - this.performChecksAndUpdates = () => { - logger.info(`Getting wallet balance and updating resources`); + this.performChecks = () => { + if (!performChecks) { + return; + } + logger.info(`Performing checks...`); return Promise.all([ getWalletBalance(), + ]) + .then(([walletBalance]) => { + logger.info('Starting LBC balance:', walletBalance); + }) + }; + this.performUpdates = () => { + if (!performUpdates) { + return; + } + logger.info(`Peforming updates...`); + return Promise.all([ [], db.Tor.refreshTable(), ]) - .then(([walletBalance, updatedBlockedList, updatedTorList]) => { - logger.info('Starting LBC balance:', walletBalance); - logger.info('Blocked list length:', updatedBlockedList.length); - logger.info('Tor list length:', updatedTorList.length); + .then(([updatedBlockedList, updatedTorList]) => { + logger.info('Blocked list updated, length:', updatedBlockedList.length); + logger.info('Tor list updated, length:', updatedTorList.length); }) }; this.start = () => { @@ -135,10 +152,13 @@ function Server () { return this.startServerListening(); }) .then(() => { - return this.performChecksAndUpdates(); + return Promise.all([ + this.performChecks(), + this.performUpdates(), + ]) }) .then(() => { - logger.info('Spee.ch startup is complete.'); + logger.info('Spee.ch startup is complete'); }) .catch(error => { if (error.code === 'ECONNREFUSED') { -- 2.45.2 From 7a0a4820c9ea21df526d3816f65f1d5167476e10 Mon Sep 17 00:00:00 2001 From: bill bittner Date: Thu, 28 Jun 2018 12:30:32 -0700 Subject: [PATCH 14/16] added back publish request logging --- server/controllers/api/claim/publish/index.js | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/server/controllers/api/claim/publish/index.js b/server/controllers/api/claim/publish/index.js index aeb33bae..8def886c 100644 --- a/server/controllers/api/claim/publish/index.js +++ b/server/controllers/api/claim/publish/index.js @@ -22,6 +22,11 @@ const authenticateUser = require('./authentication.js'); */ const claimPublish = ({ body, files, headers, ip, originalUrl, user, tor }, res) => { + // logging + logger.info('Publish request:', { + ip, + headers, + }); // check for disabled publishing if (disabled) { return res.status(503).json({ -- 2.45.2 From d01db5b5dfa355854f5779b0d7357072d77f1067 Mon Sep 17 00:00:00 2001 From: bill bittner Date: Thu, 28 Jun 2018 13:22:52 -0700 Subject: [PATCH 15/16] added body to publish logging --- server/controllers/api/claim/publish/index.js | 1 + 1 file changed, 1 insertion(+) diff --git a/server/controllers/api/claim/publish/index.js b/server/controllers/api/claim/publish/index.js index 8def886c..d56a5f5e 100644 --- a/server/controllers/api/claim/publish/index.js +++ b/server/controllers/api/claim/publish/index.js @@ -26,6 +26,7 @@ const claimPublish = ({ body, files, headers, ip, originalUrl, user, tor }, res) logger.info('Publish request:', { ip, headers, + body, }); // check for disabled publishing if (disabled) { -- 2.45.2 From 60ee901fafe3d3b2c88ad32eeec9e58edd44b403 Mon Sep 17 00:00:00 2001 From: bill bittner Date: Thu, 28 Jun 2018 17:58:51 -0700 Subject: [PATCH 16/16] moved response into middleware --- server/controllers/api/claim/publish/index.js | 11 ------- server/middleware/torCheckMiddleware.js | 12 +++++-- server/routes/api/index.js | 32 +++++++++---------- 3 files changed, 26 insertions(+), 29 deletions(-) diff --git a/server/controllers/api/claim/publish/index.js b/server/controllers/api/claim/publish/index.js index d56a5f5e..b429e797 100644 --- a/server/controllers/api/claim/publish/index.js +++ b/server/controllers/api/claim/publish/index.js @@ -35,17 +35,6 @@ const claimPublish = ({ body, files, headers, ip, originalUrl, user, tor }, res) message: disabledMessage }); } - // check for tor - logger.debug('tor:', tor); - if (tor) { - logger.info('Tor publish request blocked:', ip); - const failureResponse = { - success: 'false', - message: 'Unfortunately this api route is not currently available for tor users. We are working on a solution that will allow tor users to use this endpoint in the future.', - }; - return res.status(403).json(failureResponse); - } - // define variables let channelName, channelId, channelPassword, description, fileName, filePath, fileType, gaStartTime, license, name, nsfw, thumbnail, thumbnailFileName, thumbnailFilePath, thumbnailFileType, title; // record the start time of the request diff --git a/server/middleware/torCheckMiddleware.js b/server/middleware/torCheckMiddleware.js index 3d415417..1b410331 100644 --- a/server/middleware/torCheckMiddleware.js +++ b/server/middleware/torCheckMiddleware.js @@ -13,8 +13,16 @@ const torCheck = (req, res, next) => { }) .then(result => { logger.debug('tor check results:', result); - req['tor'] = (result.length >= 1); // add this to the req object - next(); + if (result.length >= 1) { + logger.info('Tor request blocked:', ip); + const failureResponse = { + success: false, + message: 'Unfortunately this api route is not currently available for tor users. We are working on a solution that will allow tor users to use this endpoint in the future.', + }; + res.status(403).json(failureResponse); + } else { + next(); + } }) .catch(error => { logger.error(error); diff --git a/server/routes/api/index.js b/server/routes/api/index.js index e32dbb8f..b0d10a1a 100644 --- a/server/routes/api/index.js +++ b/server/routes/api/index.js @@ -21,26 +21,26 @@ const torCheckMiddleware = require('../../middleware/torCheckMiddleware'); module.exports = (app) => { // channel routes - app.get('/api/channel/availability/:name', channelAvailability); - app.get('/api/channel/short-id/:longId/:name', channelShortId); - app.get('/api/channel/data/:channelName/:channelClaimId', channelData); - app.get('/api/channel/claims/:channelName/:channelClaimId/:page', channelClaims); + app.get('/api/channel/availability/:name', torCheckMiddleware, channelAvailability); + app.get('/api/channel/short-id/:longId/:name', torCheckMiddleware, channelShortId); + app.get('/api/channel/data/:channelName/:channelClaimId', torCheckMiddleware, channelData); + app.get('/api/channel/claims/:channelName/:channelClaimId/:page', torCheckMiddleware, channelClaims); // claim routes - app.get('/api/claim/availability/:name', claimAvailability); - app.get('/api/claim/blocked-list/', claimBlockedList); - app.get('/api/claim/data/:claimName/:claimId', claimData); - app.get('/api/claim/get/:name/:claimId', claimGet); - app.get('/api/claim/list/:name', claimList); - app.post('/api/claim/long-id', claimLongId); // should be a get + app.get('/api/claim/availability/:name', torCheckMiddleware, claimAvailability); + app.get('/api/claim/blocked-list/', torCheckMiddleware, claimBlockedList); + app.get('/api/claim/data/:claimName/:claimId', torCheckMiddleware, claimData); + app.get('/api/claim/get/:name/:claimId', torCheckMiddleware, claimGet); + app.get('/api/claim/list/:name', torCheckMiddleware, claimList); + app.post('/api/claim/long-id', torCheckMiddleware, claimLongId); // note: should be a 'get' app.post('/api/claim/publish', torCheckMiddleware, multipartMiddleware, claimPublish); - app.get('/api/claim/resolve/:name/:claimId', claimResolve); - app.get('/api/claim/short-id/:longId/:name', claimShortId); + app.get('/api/claim/resolve/:name/:claimId', torCheckMiddleware, claimResolve); + app.get('/api/claim/short-id/:longId/:name', torCheckMiddleware, claimShortId); // file routes - app.get('/api/file/availability/:name/:claimId', fileAvailability); + app.get('/api/file/availability/:name/:claimId', torCheckMiddleware, fileAvailability); // user routes - app.put('/api/user/password/', userPassword); + app.put('/api/user/password/', torCheckMiddleware, userPassword); // configs - app.get('/api/config/site/publishing', publishingConfig); + app.get('/api/config/site/publishing', torCheckMiddleware, publishingConfig); // tor - app.get('/api/tor', getTorList); + app.get('/api/tor', torCheckMiddleware, getTorList); }; -- 2.45.2