add rate limit for login and registration, update module names
This commit is contained in:
parent
9e754b0733
commit
c72b6792e9
10 changed files with 56 additions and 43 deletions
|
@ -3,14 +3,15 @@ package admin
|
|||
import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"hacklab.nilfm.cc/felt/admin/util"
|
||||
"hacklab.nilfm.cc/felt/models"
|
||||
"hacklab.nilfm.cc/felt/mongodb"
|
||||
"hacklab.nilfm.cc/quartzgun/auth"
|
||||
. "hacklab.nilfm.cc/quartzgun/middleware"
|
||||
"hacklab.nilfm.cc/quartzgun/renderer"
|
||||
"hacklab.nilfm.cc/quartzgun/router"
|
||||
. "hacklab.nilfm.cc/quartzgun/util"
|
||||
"forge.lightcrystal.systems/nilix/felt/admin/util"
|
||||
"forge.lightcrystal.systems/nilix/felt/models"
|
||||
"forge.lightcrystal.systems/nilix/felt/mongodb"
|
||||
"forge.lightcrystal.systems/nilix/quartzgun/auth"
|
||||
. "forge.lightcrystal.systems/nilix/quartzgun/middleware"
|
||||
"forge.lightcrystal.systems/nilix/quartzgun/rateLimiter"
|
||||
"forge.lightcrystal.systems/nilix/quartzgun/renderer"
|
||||
"forge.lightcrystal.systems/nilix/quartzgun/router"
|
||||
. "forge.lightcrystal.systems/nilix/quartzgun/util"
|
||||
"html/template"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
|
@ -203,9 +204,9 @@ func apiUploadImg(next http.Handler, dbAdapter mongodb.DbAdapter, uploads, uploa
|
|||
// get file data from multipart form
|
||||
header := f.File["file"][0]
|
||||
if strings.Contains(header.Filename, "/") {
|
||||
w.WriteHeader(422)
|
||||
next.ServeHTTP(w, req)
|
||||
return
|
||||
w.WriteHeader(422)
|
||||
next.ServeHTTP(w, req)
|
||||
return
|
||||
}
|
||||
file, err := header.Open()
|
||||
if err != nil {
|
||||
|
@ -324,9 +325,9 @@ func apiDeleteImage(next http.Handler, uploads string, uploadType string, udb au
|
|||
// if the file exists, delete it and return 201
|
||||
filename := urlParams["file"]
|
||||
if strings.Contains(filename, "/") {
|
||||
w.WriteHeader(422)
|
||||
next.ServeHTTP(w, req)
|
||||
return
|
||||
w.WriteHeader(422)
|
||||
next.ServeHTTP(w, req)
|
||||
return
|
||||
}
|
||||
fullPath := filepath.Join(uploads, tableName, uploadType, filename)
|
||||
s, err := os.Stat(fullPath)
|
||||
|
@ -353,9 +354,15 @@ func CreateAdminInterface(udb auth.UserStore, dbAdapter mongodb.DbAdapter, uploa
|
|||
// create quartzgun router
|
||||
rtr := &router.Router{Fallback: *template.Must(template.ParseFiles("templates/error.html"))}
|
||||
|
||||
rl := rateLimiter.IpRateLimiter{
|
||||
Data: map[string]*rateLimiter.RateLimitData{},
|
||||
Seconds: 5,
|
||||
AttemptsAllowed: 5,
|
||||
}
|
||||
|
||||
scopes := map[string]string{}
|
||||
|
||||
rtr.Post("/api/auth/", Provision(udb, 84))
|
||||
rtr.Post("/api/auth/", Throttle(Provision(udb, 84), rl.RateLimit))
|
||||
|
||||
// table management
|
||||
rtr.Get("/api/table/", Validate(apiGetTableList(renderer.JSON("tableList"), udb), udb, scopes))
|
||||
|
|
|
@ -2,8 +2,8 @@ package util
|
|||
|
||||
import (
|
||||
"encoding/base64"
|
||||
"hacklab.nilfm.cc/felt/models"
|
||||
"hacklab.nilfm.cc/quartzgun/auth"
|
||||
"forge.lightcrystal.systems/nilix/felt/models"
|
||||
"forge.lightcrystal.systems/nilix/quartzgun/auth"
|
||||
"net/http"
|
||||
"strings"
|
||||
)
|
||||
|
|
|
@ -2,8 +2,8 @@ package cmd
|
|||
|
||||
import (
|
||||
"fmt"
|
||||
"hacklab.nilfm.cc/felt/register"
|
||||
"hacklab.nilfm.cc/quartzgun/auth"
|
||||
"forge.lightcrystal.systems/nilix/felt/register"
|
||||
"forge.lightcrystal.systems/nilix/quartzgun/auth"
|
||||
"strconv"
|
||||
"time"
|
||||
)
|
||||
|
|
|
@ -8,7 +8,7 @@ import (
|
|||
"strconv"
|
||||
"strings"
|
||||
|
||||
"hacklab.nilfm.cc/quartzgun/cookie"
|
||||
"forge.lightcrystal.systems/nilix/quartzgun/cookie"
|
||||
)
|
||||
|
||||
type Config struct {
|
||||
|
|
|
@ -7,13 +7,13 @@ import (
|
|||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"forge.lightcrystal.systems/nilix/felt/admin"
|
||||
"forge.lightcrystal.systems/nilix/felt/models"
|
||||
"forge.lightcrystal.systems/nilix/felt/mongodb"
|
||||
"forge.lightcrystal.systems/nilix/felt/register"
|
||||
"forge.lightcrystal.systems/nilix/quartzgun/auth"
|
||||
"forge.lightcrystal.systems/nilix/quartzgun/renderer"
|
||||
"golang.org/x/time/rate"
|
||||
"hacklab.nilfm.cc/felt/admin"
|
||||
"hacklab.nilfm.cc/felt/models"
|
||||
"hacklab.nilfm.cc/felt/mongodb"
|
||||
"hacklab.nilfm.cc/felt/register"
|
||||
"hacklab.nilfm.cc/quartzgun/auth"
|
||||
"hacklab.nilfm.cc/quartzgun/renderer"
|
||||
"io/ioutil"
|
||||
"log"
|
||||
"net/http"
|
||||
|
|
4
go.mod
4
go.mod
|
@ -1,11 +1,11 @@
|
|||
module hacklab.nilfm.cc/felt
|
||||
module forge.lightcrystal.systems/nilix/felt
|
||||
|
||||
go 1.19
|
||||
|
||||
require (
|
||||
forge.lightcrystal.systems/nilix/quartzgun v0.4.2
|
||||
go.mongodb.org/mongo-driver v1.12.0
|
||||
golang.org/x/time v0.1.0
|
||||
hacklab.nilfm.cc/quartzgun v0.3.2
|
||||
nhooyr.io/websocket v1.8.7
|
||||
)
|
||||
|
||||
|
|
4
go.sum
4
go.sum
|
@ -1,3 +1,5 @@
|
|||
forge.lightcrystal.systems/nilix/quartzgun v0.4.2 h1:S4ae33noQ+ilMvAKNh50KfwLb+SQqeXKZSoWMRsjEoM=
|
||||
forge.lightcrystal.systems/nilix/quartzgun v0.4.2/go.mod h1:hIXDh7AKtAVekjR6RIFW94d/c7cCQbyh8mzaTmP/pM8=
|
||||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
||||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
|
@ -106,7 +108,5 @@ gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8
|
|||
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10=
|
||||
gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
hacklab.nilfm.cc/quartzgun v0.3.2 h1:PmRFZ/IgsXVWyNn1iOsQ/ZeMnOQIQy0PzFakhXBdZoU=
|
||||
hacklab.nilfm.cc/quartzgun v0.3.2/go.mod h1:P6qK4HB0CD/xfyRq8wdEGevAPFDDmv0KCaESSvv93LU=
|
||||
nhooyr.io/websocket v1.8.7 h1:usjR2uOr/zjjkVMy0lW+PPohFok7PCow5sDjLgX4P4g=
|
||||
nhooyr.io/websocket v1.8.7/go.mod h1:B70DZP8IakI65RVQ51MsWP/8jndNma26DVA/nFSCgW0=
|
||||
|
|
12
main.go
12
main.go
|
@ -2,12 +2,12 @@ package main
|
|||
|
||||
import (
|
||||
"context"
|
||||
"hacklab.nilfm.cc/felt/cmd"
|
||||
"hacklab.nilfm.cc/felt/config"
|
||||
"hacklab.nilfm.cc/felt/gametable"
|
||||
"hacklab.nilfm.cc/felt/mongodb"
|
||||
"hacklab.nilfm.cc/felt/register"
|
||||
"hacklab.nilfm.cc/quartzgun/indentalUserDB"
|
||||
"forge.lightcrystal.systems/nilix/felt/cmd"
|
||||
"forge.lightcrystal.systems/nilix/felt/config"
|
||||
"forge.lightcrystal.systems/nilix/felt/gametable"
|
||||
"forge.lightcrystal.systems/nilix/felt/mongodb"
|
||||
"forge.lightcrystal.systems/nilix/felt/register"
|
||||
"forge.lightcrystal.systems/nilix/quartzgun/indentalUserDB"
|
||||
"log"
|
||||
"net"
|
||||
"net/http"
|
||||
|
|
|
@ -4,11 +4,11 @@ import (
|
|||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"forge.lightcrystal.systems/nilix/felt/models"
|
||||
"go.mongodb.org/mongo-driver/bson"
|
||||
"go.mongodb.org/mongo-driver/bson/primitive"
|
||||
"go.mongodb.org/mongo-driver/mongo"
|
||||
"go.mongodb.org/mongo-driver/mongo/options"
|
||||
"hacklab.nilfm.cc/felt/models"
|
||||
"time"
|
||||
)
|
||||
|
||||
|
|
|
@ -9,10 +9,12 @@ import (
|
|||
"strconv"
|
||||
"time"
|
||||
|
||||
"hacklab.nilfm.cc/quartzgun/auth"
|
||||
"hacklab.nilfm.cc/quartzgun/renderer"
|
||||
"hacklab.nilfm.cc/quartzgun/router"
|
||||
"hacklab.nilfm.cc/quartzgun/util"
|
||||
"forge.lightcrystal.systems/nilix/quartzgun/auth"
|
||||
. "forge.lightcrystal.systems/nilix/quartzgun/middleware"
|
||||
"forge.lightcrystal.systems/nilix/quartzgun/rateLimiter"
|
||||
"forge.lightcrystal.systems/nilix/quartzgun/renderer"
|
||||
"forge.lightcrystal.systems/nilix/quartzgun/router"
|
||||
"forge.lightcrystal.systems/nilix/quartzgun/util"
|
||||
)
|
||||
|
||||
type SymmetricCrypto interface {
|
||||
|
@ -105,9 +107,13 @@ func WithUserStoreAndCrypto(next http.Handler, udb auth.UserStore, crypto Symmet
|
|||
|
||||
func CreateRegistrationInterface(udb auth.UserStore, crypto SymmetricCrypto) http.Handler {
|
||||
rtr := &router.Router{Fallback: *template.Must(template.ParseFiles("templates/error.html"))}
|
||||
rl := rateLimiter.IndiscriminateRateLimiter{
|
||||
Seconds: 5,
|
||||
AttemptsAllowed: 5,
|
||||
}
|
||||
|
||||
rtr.Get(`/(?P<cipher>\S+)`, WithCrypto(renderer.Template("templates/register.html"), crypto))
|
||||
rtr.Post(`/(?P<cipher>\S+)`, WithUserStoreAndCrypto(renderer.Template("templates/registered.html"), udb, crypto))
|
||||
rtr.Get(`/(?P<cipher>\S+)`, Throttle(WithCrypto(renderer.Template("templates/register.html"), crypto), rl.RateLimit))
|
||||
rtr.Post(`/(?P<cipher>\S+)`, Throttle(WithUserStoreAndCrypto(renderer.Template("templates/registered.html"), udb, crypto), rl.RateLimit))
|
||||
|
||||
return http.HandlerFunc(rtr.ServeHTTP)
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue