Ratstail91/kingdombattles
Archived
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added email spamming throttle

Browse Source
This commit is contained in:
Kayne Ruse
2019-05-09 10:14:12 +10:00
parent bbecd3e3bf
commit 366a415c8a
4 changed files with 72 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/accounts.js
+19
View File
@@ -8,6 +8,7 @@ let sendmail = require('sendmail')();
//utilities
let { validateEmail } = require('../common/utilities.js');
let { throttle, isThrottled } = require('../common/throttle.js');
function signup(connection) {
return (req, res) => {
@@ -56,6 +57,15 @@ function signup(connection) {
connection.query(query, [fields.email, fields.username, salt, hash, rand], (err) => {
if (err) throw err;
//prevent too many clicks
if (isThrottled(fields.email)) {
res.status(400).write('signup throttled');
res.end();
return;
}
throttle(fields.email);
//build the verification email
let addr = `http://${process.env.WEB_ADDRESS}/verify?email=${fields.email}&verify=${rand}`;
let msg = 'Hello! Please visit the following address to verify your account: ';
@@ -304,6 +314,15 @@ function passwordRecover(connection) {
let msg = 'Hello! Please visit the following address to set a new password (if you didn\'t request a password recovery, ignore this email): ';
let msgHtml = `<html><body><p>${msg}<a href='${addr}'>${addr}</a></p></body></html>`;
//prevent too many clicks
if (isThrottled(fields.email)) {
res.status(400).write('recover throttled');
res.end();
return;
}
throttle(fields.email);
//send the verification email
sendmail({
from: `passwordrecover@${process.env.WEB_ADDRESS}`,