fatchan
/
jschan
mirror of https://gitgud.io/fatchan/jschan.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

basic antispam. currently for posting only references #2

Browse Source
merge-requests/208/head
fatchan 5 years ago
parent 00083516ed
commit 0373ba610c
2 changed files with 77 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 11
      controllers/forms.js
  2. 66
      helpers/checks/spamcheck.js

11
controllers/forms.js
Unescape View File

@ -43,6 +43,7 @@ const express = require('express')
, registerAccount = require(__dirname+'/../models/forms/register.js')
, checkPermsMiddleware = require(__dirname+'/../helpers/checks/haspermsmiddleware.js')
, checkPerms = require(__dirname+'/../helpers/checks/hasperms.js')
, spamCheck = require(__dirname+'/../helpers/checks/spamcheck.js')
, paramConverter = require(__dirname+'/../helpers/paramconverter.js')
, banCheck = require(__dirname+'/../helpers/checks/bancheck.js')
, verifyCaptcha = require(__dirname+'/../helpers/captcha/captchaverify.js')
@ -245,6 +246,16 @@ router.post('/board/:board/post', Boards.exists, banCheck, postFiles, paramConve
});
}
const flood = await spamCheck(req, res);
if (flood) {
deleteTempFiles(req).catch(e => console.error);
return res.status(429).render('message', {
'title': 'Too many requests',
'message': 'Flood detected',
'redirect': `/${req.params.board}${req.body.thread ? '/thread/' + req.body.thread + '.html' : ''}`
});
}
try {
await makePost(req, res, next);
} catch (err) {

66
helpers/checks/spamcheck.js
Unescape View File

@ -0,0 +1,66 @@
'use strict';
const Mongo = require(__dirname+'/../../db/db.js')
, Posts = require(__dirname+'/../../db/posts.js')
, msTime = require(__dirname+'/../mstime.js')
, hasPerms = require(__dirname+'/hasperms.js')
module.exports = async (req, res) => {
if (hasPerms(req, res)) {
return false;
}
const ip = req.headers['x-real-ip'] || req.connection.remoteAddress;
const now = Date.now();
const last120id = Mongo.ObjectId.createFromTime(Math.floor((now - (msTime.minute*2))/1000));
const last30id = Mongo.ObjectId.createFromTime(Math.floor((now - (msTime.minute*0.5))/1000));
const last15id = Mongo.ObjectId.createFromTime(Math.floor((now - (msTime.minute*0.25))/1000));
const ors = [];
const contentOr = [];
if (res.locals.numFiles > 0) {
contentOr.push({
'files': {
'$elemMatch': {
'hash': { //any file hash will match, doesnt need to be all
'$in': req.files.file.map(f => f.sha256)
}
}
}
});
}
if (req.body.message) {
contentOr.push({
'nomarkup': req.body.message
})
}
//matching content from any IP in the past 30 seconds
ors.push({
'_id': {
'$gt': last30id
},
'$or': contentOr
});
//matching content from same IP in last 2 minutes
ors.push({
'_id': {
'$gt': last120id
},
'ip': ip,
'$or': contentOr
});
//any posts from same IP in past 15 seconds
ors.push({
'_id': {
'$gt': last15id
},
'ip': ip
})
let flood = await Posts.db.find({
'$or': ors
}).toArray();
return flood.length > 0;
}
Write Preview
Loading…
Cancel
Save