From ac7c8d04ede57a3a81abaf20781dbbe7b7c7894d Mon Sep 17 00:00:00 2001 From: Kayne Ruse Date: Mon, 15 May 2023 11:33:32 +1000 Subject: [PATCH] Last patch today, I'm happy with this rn --- package-lock.json | 4 ++-- package.json | 2 +- server/auth/signup.js | 2 +- server/utilities/banned-up-addresses-middleware.js | 12 ++++++++++-- 4 files changed, 14 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index 0e7fcdd..b120e05 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "auth-server", - "version": "1.7.7", + "version": "1.7.8", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "auth-server", - "version": "1.7.7", + "version": "1.7.8", "license": "ISC", "dependencies": { "bcryptjs": "^2.4.3", diff --git a/package.json b/package.json index 7d1c099..8af6aba 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "auth-server", - "version": "1.7.7", + "version": "1.7.8", "description": "An API centric auth server. Uses Sequelize and mariaDB by default.", "main": "server/server.js", "scripts": { diff --git a/server/auth/signup.js b/server/auth/signup.js index bf9ddf5..361e440 100644 --- a/server/auth/signup.js +++ b/server/auth/signup.js @@ -22,7 +22,7 @@ const route = async (req, res) => { //script throttle const throttle = await checkThrottle(req.body.email); if (throttle) { - console.warn(`Spam attack detected: ${req.body.email} (${req.body.username})`); + console.warn(`Spam Throttled\t${req.body.email} (${req.body.username})`); return res.status(401).send(throttle); } diff --git a/server/utilities/banned-up-addresses-middleware.js b/server/utilities/banned-up-addresses-middleware.js index c5ebd28..352c593 100644 --- a/server/utilities/banned-up-addresses-middleware.js +++ b/server/utilities/banned-up-addresses-middleware.js @@ -10,16 +10,24 @@ module.exports = async (req, res, next) => { content: address, expiry: { - [Op.gt]: Date.now() + [Op.or]: { + //future or forever + [Op.gt]: Date.now(), + [Op.eq]: null, + } } } }); + //log the access timestamp + const date = new Date(); + if (!!record) { + console.log(`IP blocked\t${address}\t\t\t${date.toTimeString()}`); return res.status(403).send("IP address banned"); } - console.log(`IP ${address}`); + console.log(`IP allowed\t${address}\t\t\t${date.toTimeString()}`); return next(); }; \ No newline at end of file