fatchan
/
jschan
mirror of https://gitgud.io/fatchan/jschan.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ip hash and fix inaccessible ip in report/globalreport for actionhandler

Browse Source
merge-requests/208/head
fatchan 5 years ago
parent 00c9b91dcb
commit 54a13dc945
5 changed files with 10 additions and 6 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      configs/main.json.example
  2. 4
      models/forms/actionhandler.js
  3. 2
      models/forms/globalreportpost.js
  4. 2
      models/forms/reportpost.js
  5. 7
      server.js

1
configs/main.json.example
Unescape View File

@ -3,6 +3,7 @@
"port": 7000,
"sessionSecret": "long random string",
"tripcodeSecret": "long random string",
"ipHashSecret": "long random string",
"cacheTemplates": true,
"refererRegex": "^https?:\\/\\/(?:www\\.)?domain\\.com\\/",
"openGraph": {

4
models/forms/actionhandler.js
Unescape View File

@ -165,7 +165,7 @@ module.exports = async (req, res, next) => {
}
// cannot report and dismiss at same time
if (req.body.report) {
const { message, action, query } = reportPosts(req, res.locals.posts);
const { message, action, query } = reportPosts(req, res, res.locals.posts);
if (action) {
combinedQuery[action] = { ...combinedQuery[action], ...query}
}
@ -179,7 +179,7 @@ module.exports = async (req, res, next) => {
}
// cannot report and dismiss at same time
if (req.body.global_report) {
const { message, action, query } = globalReportPosts(req, res.locals.posts);
const { message, action, query } = globalReportPosts(req, res, res.locals.posts);
if (action) {
combinedQuery[action] = { ...combinedQuery[action], ...query}
}

2
models/forms/globalreportpost.js
Unescape View File

@ -2,7 +2,7 @@
const Posts = require(__dirname+'/../../db/posts.js');
module.exports = (req, posts) => {
module.exports = (req, res, posts) => {
const report = {
'reason': req.body.report_reason,

2
models/forms/reportpost.js
Unescape View File

@ -2,7 +2,7 @@
const Posts = require(__dirname+'/../../db/posts.js');
module.exports = (req, posts) => {
module.exports = (req, res, posts) => {
const report = {
'reason': req.body.report_reason,

7
server.js
Unescape View File

@ -13,7 +13,8 @@ const express = require('express')
, cookieParser = require('cookie-parser')
, configs = require(__dirname+'/configs/main.json')
, refererRegex = new RegExp(configs.refererRegex)
, Mongo = require(__dirname+'/db/db.js');
, Mongo = require(__dirname+'/db/db.js')
, { createHash, randomBytes } = require('crypto');
(async () => {
@ -51,7 +52,9 @@ const express = require('express')
//referer header check
app.use((req, res, next) => {
res.locals.ip = req.headers['x-real-ip'] || req.connection.remoteAddress;
const ip = req.headers['x-real-ip'] || req.connection.remoteAddress
const ipHash = createHash('sha256').update(configs.ipHashSecret + ip).digest('base64');
res.locals.ip = ipHash;
if (req.method !== 'POST') {
return next();
}

Write Preview
Loading…
Cancel
Save