1
0
mirror of https://github.com/spacebarchat/server.git synced 2024-11-25 03:33:33 +01:00

Add register ratelimit

This commit is contained in:
TheArcaneBrony 2022-09-17 15:31:20 +02:00 committed by Madeline
parent f5671775ef
commit 3227933f28
6 changed files with 34 additions and 5 deletions

View File

@ -1,2 +1,3 @@
assets assets
dist dist
node_modules

View File

@ -13,6 +13,8 @@
"EMAIL_ALREADY_REGISTERED": "Email is already registered", "EMAIL_ALREADY_REGISTERED": "Email is already registered",
"DATE_OF_BIRTH_UNDERAGE": "You need to be {{years}} years or older", "DATE_OF_BIRTH_UNDERAGE": "You need to be {{years}} years or older",
"CONSENT_REQUIRED": "You must agree to the Terms of Service and Privacy Policy.", "CONSENT_REQUIRED": "You must agree to the Terms of Service and Privacy Policy.",
"USERNAME_TOO_MANY_USERS": "Too many users have this username, please try another" "USERNAME_TOO_MANY_USERS": "Too many users have this username, please try another",
"GUESTS_DISABLED": "Guest users are disabled",
"TOO_MANY_REGISTRATIONS": "Too many registrations, please try again later"
} }
} }

View File

@ -17,6 +17,7 @@ import {
} from "@fosscord/api"; } from "@fosscord/api";
import bcrypt from "bcrypt"; import bcrypt from "bcrypt";
import { HTTPError } from "lambert-server"; import { HTTPError } from "lambert-server";
import { MoreThan } from "typeorm";
const router: Router = Router(); const router: Router = Router();
@ -25,7 +26,7 @@ router.post(
route({ body: "RegisterSchema" }), route({ body: "RegisterSchema" }),
async (req: Request, res: Response) => { async (req: Request, res: Response) => {
const body = req.body as RegisterSchema; const body = req.body as RegisterSchema;
const { register, security } = Config.get(); const { register, security, limits } = Config.get();
const ip = getIpAdress(req); const ip = getIpAdress(req);
// email will be slightly modified version of the user supplied email -> e.g. protection against GMail Trick // email will be slightly modified version of the user supplied email -> e.g. protection against GMail Trick
@ -198,6 +199,19 @@ router.post(
}); });
} }
if (
limits.absoluteRate.register.enabled &&
(await User.count({ where: { created_at: MoreThan(new Date(Date.now() - limits.absoluteRate.register.window)) } }))
>= limits.absoluteRate.register.limit
) {
console.log(
`Global register ratelimit exceeded for ${getIpAdress(req)}, ${req.body.username}, ${req.body.invite || "No invite given"}`
);
throw FieldErrors({
email: { code: "TOO_MANY_REGISTRATIONS", message: req.t("auth:register.TOO_MANY_REGISTRATIONS") }
});
}
const user = await User.register({ ...body, req }); const user = await User.register({ ...body, req });
if (body.invite) { if (body.invite) {

View File

@ -1,4 +1,4 @@
import { ChannelLimits, GuildLimits, MessageLimits, RateLimits, UserLimits } from "."; import { ChannelLimits, GlobalRateLimits, GuildLimits, MessageLimits, RateLimits, UserLimits } from ".";
export class LimitsConfiguration { export class LimitsConfiguration {
user: UserLimits = new UserLimits(); user: UserLimits = new UserLimits();
@ -6,4 +6,5 @@ export class LimitsConfiguration {
message: MessageLimits = new MessageLimits(); message: MessageLimits = new MessageLimits();
channel: ChannelLimits = new ChannelLimits(); channel: ChannelLimits = new ChannelLimits();
rate: RateLimits = new RateLimits(); rate: RateLimits = new RateLimits();
absoluteRate: GlobalRateLimits = new GlobalRateLimits();
} }

View File

@ -0,0 +1,10 @@
export class GlobalRateLimits {
register: GlobalRateLimit = { limit: 25, window: 60 * 60 * 1000, enabled: true };
sendMessage: GlobalRateLimit = { limit: 50, window: 60 * 1000, enabled: true };
}
export class GlobalRateLimit {
limit: number = 100;
window: number = 60 * 60 * 1000;
enabled: boolean = true;
}

View File

@ -1,4 +1,5 @@
export * from "./ChannelLimits"; export * from "./ChannelLimits";
export * from "./GlobalRateLimits";
export * from "./GuildLimits"; export * from "./GuildLimits";
export * from "./MessageLimits"; export * from "./MessageLimits";
export * from "./RateLimits"; export * from "./RateLimits";