Dinawo/CDN-APP-INSIDER
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update user data handling in UserIDMiddlewareAD.js and refactor getUserData function
Some checks failed
continuous-integration/drone/push Build is failing
Details

Browse Source
This commit is contained in:
.dinawo
2024-04-17 17:00:04 +02:00
parent 7a02f2682c
commit 06b1936840
9 changed files with 163 additions and 118 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
models/banModel.js Normal file
View File

@@ -0,0 +1,60 @@
const fs = require('fs');
const path = require('path');
const { suspiciousLogger } = require('../config/logs');
const BAN_LEVELS = [10, 30, 60, Infinity];
const SUSPICIOUS_REQUEST_LIMIT = 5;
const BAN_FILE_PATH = path.join(__dirname, '..', 'data', 'banUser.json');
const logAndBanSuspiciousActivity = async (req, res, next) => {
const ip = req.headers['cf-connecting-ip'] || req.headers['x-forwarded-for'] || req.connection.remoteAddress;
const url = `${req.protocol}://${req.get('host')}${req.originalUrl}`;
if (req.originalUrl === '/auth/activedirectory', "/favicon.ico" && req.method === 'POST') {
next();
return;
}
let bans;
try {
if (!fs.existsSync(BAN_FILE_PATH)) {
fs.writeFileSync(BAN_FILE_PATH, JSON.stringify({}));
}
bans = JSON.parse(fs.readFileSync(BAN_FILE_PATH));
} catch (err) {
bans = {};
}
let ban = bans[ip];
if (ban) {
const timeSinceLastRequest = Date.now() - ban.lastRequestTime;
if (timeSinceLastRequest < 60 * 1000) {
ban.suspiciousRequestCount++;
} else {
ban.suspiciousRequestCount = 1;
}
if (ban.suspiciousRequestCount >= SUSPICIOUS_REQUEST_LIMIT) {
ban.level++;
ban.suspiciousRequestCount = 0;
ban.banUntil = Date.now() + BAN_LEVELS[ban.level % BAN_LEVELS.length] * 60 * 1000;
}
ban.lastRequestTime = Date.now();
} else {
bans[ip] = { level: 0, banUntil: Date.now(), suspiciousRequestCount: 1, lastRequestTime: Date.now() };
ban = bans[ip];
}
fs.writeFileSync(BAN_FILE_PATH, JSON.stringify(bans));
if (ban && Date.now() < ban.banUntil) {
res.status(403).json({ message: 'You are banned. Please try again later.' });
return;
}
suspiciousLogger.info(`Suspicious request from IP: ${ip} tried to access ${req.method} ${url}`);
next();
};
module.exports = { logAndBanSuspiciousActivity };