Dinawo/CDN-APP-INSIDER
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
de8c5ccb84371270880bf53600ad01e1f6b3d5b9
CDN-APP-INSIDER/models/banModel.js
Dinawo de8c5ccb84
Some checks failed
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone Build is failing
Details
Update v1.1.1-beta1
2025-06-14 22:01:39 +02:00

74 lines
2.2 KiB
JavaScript
Raw Blame History

const fs = require('fs');
const path = require('path');
const { suspiciousLogger } = require('../config/logs');
const BAN_LEVELS = [10, 30, 60, Infinity];
const SUSPICIOUS_REQUEST_LIMIT = 5;
const BAN_FILE_PATH = path.join(__dirname, '..', 'data', 'banUser.json');
const logAndBanSuspiciousActivity = async (req, res, next) => {
const ip = req.headers['cf-connecting-ip'] || req.headers['x-forwarded-for'] || req.connection.remoteAddress;
const url = `${req.protocol}://${req.get('host')}${req.originalUrl}`;
// Skip monitoring for localhost/local IPs
const localIps = ['127.0.0.1', '::1', 'localhost', '::ffff:127.0.0.1'];
if (localIps.includes(ip)) {
next();
return;
}
// Skip monitoring for Chrome DevTools requests
if (req.originalUrl.includes('.well-known/appspecific/com.chrome.devtools.json')) {
next();
return;
}
// Skip monitoring for specific endpoints
if (req.originalUrl === '/auth/activedirectory' || req.originalUrl === '/favicon.ico') {
next();
return;
}
let bans;
try {
if (!fs.existsSync(BAN_FILE_PATH)) {
fs.writeFileSync(BAN_FILE_PATH, JSON.stringify({}));
}
bans = JSON.parse(fs.readFileSync(BAN_FILE_PATH));
} catch (err) {
bans = {};
}
let ban = bans[ip];
if (ban) {
const timeSinceLastRequest = Date.now() - ban.lastRequestTime;
if (timeSinceLastRequest < 60 * 1000) {
ban.suspiciousRequestCount++;
} else {
ban.suspiciousRequestCount = 1;
}
if (ban.suspiciousRequestCount >= SUSPICIOUS_REQUEST_LIMIT) {
ban.level++;
ban.suspiciousRequestCount = 0;
ban.banUntil = Date.now() + BAN_LEVELS[ban.level % BAN_LEVELS.length] * 60 * 1000;
}
ban.lastRequestTime = Date.now();
} else {
bans[ip] = { level: 0, banUntil: Date.now(), suspiciousRequestCount: 1, lastRequestTime: Date.now() };
ban = bans[ip];
}
fs.writeFileSync(BAN_FILE_PATH, JSON.stringify(bans));
if (ban && Date.now() < ban.banUntil) {
res.status(403).json({ message: 'You are banned. Please try again later.' });
return;
}
suspiciousLogger.info(`Suspicious request from IP: ${ip} tried to access ${req.method} ${url}`);
next();
};
module.exports = { logAndBanSuspiciousActivity };
Reference in New Issue View Git Blame Copy Permalink