diff options
author | Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> | 2021-06-27 23:14:13 +0200 |
---|---|---|
committer | Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> | 2021-06-27 23:14:13 +0200 |
commit | ea676ddd0351bdf5949c19aeead2fdaeb668dcbf (patch) | |
tree | 621eed227e07720a73e6b08493693885593e19f2 /src/routes | |
parent | :bug: fix empty message bug for attachments (diff) | |
download | server-ea676ddd0351bdf5949c19aeead2fdaeb668dcbf.tar.xz |
:lock: register proxy ip check
Diffstat (limited to 'src/routes')
-rw-r--r-- | src/routes/auth/register.ts | 19 | ||||
-rw-r--r-- | src/routes/guilds/#guild_id/bans.ts | 2 |
2 files changed, 16 insertions, 5 deletions
diff --git a/src/routes/auth/register.ts b/src/routes/auth/register.ts index 49a3bd6c..f39206f2 100644 --- a/src/routes/auth/register.ts +++ b/src/routes/auth/register.ts @@ -4,6 +4,8 @@ import bcrypt from "bcrypt"; import { check, Email, EMAIL_REGEX, FieldErrors, Length } from "../../util/instanceOf"; import "missing-native-js-functions"; import { generateToken } from "./login"; +import { getIpAdress, IPAnalysis, isProxy } from "../../util/ipAddress"; +import { HTTPError } from "lambert-server"; const router: Router = Router(); @@ -34,7 +36,19 @@ router.post( gift_code_sku_id, // ? what is this captcha_key } = req.body; - console.log("register", req.body.email, req.body.username, req.headers["cf-connecting-ip"]); + + // get register Config + const { register, security } = Config.get(); + const ip = getIpAdress(req); + + if (register.blockProxies) { + if (isProxy(await IPAnalysis(ip))) { + console.log(`proxy ${ip} blocked from registration`); + throw new HTTPError("Your IP is blocked from registration"); + } + } + + console.log("register", req.body.email, req.body.username, ip); // TODO: automatically join invite // TODO: gift_code_sku_id? // TODO: check password strength @@ -51,9 +65,6 @@ router.post( // discriminator will be randomly generated let discriminator = ""; - // get register Config - const { register, security } = Config.get(); - // check if registration is allowed if (!register.allowNewRegistration) { throw FieldErrors({ diff --git a/src/routes/guilds/#guild_id/bans.ts b/src/routes/guilds/#guild_id/bans.ts index 87d2e7f8..cf6a059b 100644 --- a/src/routes/guilds/#guild_id/bans.ts +++ b/src/routes/guilds/#guild_id/bans.ts @@ -1,7 +1,7 @@ import { Request, Response, Router } from "express"; import { BanModel, getPermission, GuildBanAddEvent, GuildBanRemoveEvent, GuildModel, toObject } from "@fosscord/server-util"; import { HTTPError } from "lambert-server"; -import { getIpAdress } from "../../../middlewares/GlobalRateLimit"; +import { getIpAdress } from "../../../util/ipAddress"; import { BanCreateSchema } from "../../../schema/Ban"; import { emitEvent } from "../../../util/Event"; import { check } from "../../../util/instanceOf"; |