fatchan
/
jschan
mirror of https://gitgud.io/fatchan/jschan.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #47 from fatchan/dev

Browse Source 
perms parameter cache, ratelimits and db destructure
merge-requests/208/head
Tom 5 years ago committed by GitHub
parent bfe685bbe0 ddb037b20d
commit a72f112854
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
27 changed files with 92 additions and 75 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 36
      db/captchas.js
  2. 14
      db/index.js
  3. 37
      db/ratelimits.js
  4. 10
      gulpfile.js
  5. 7
      helpers/captcha/captchaverify.js
  6. 6
      helpers/checks/haspermsmiddleware.js
  7. 3
      models/forms/actionhandler.js
  8. 2
      models/forms/addnews.js
  9. 2
      models/forms/banposter.js
  10. 4
      models/forms/changeboardsettings.js
  11. 2
      models/forms/changepassword.js
  12. 2
      models/forms/create.js
  13. 2
      models/forms/deletebanners.js
  14. 4
      models/forms/deleteboard.js
  15. 2
      models/forms/deletenews.js
  16. 3
      models/forms/deletepost.js
  17. 2
      models/forms/deletepostsfiles.js
  18. 2
      models/forms/edit-post.js
  19. 2
      models/forms/globalreportpost.js
  20. 2
      models/forms/login.js
  21. 5
      models/forms/makepost.js
  22. 2
      models/forms/register.js
  23. 2
      models/forms/removebans.js
  24. 2
      models/forms/reportpost.js
  25. 2
      models/forms/uploadbanners.js
  26. 8
      models/pages/captcha.js
  27. 2
      server.js

36
db/captchas.js
Unescape View File

@ -1,15 +1,11 @@
'use strict';
const Mongo = require(__dirname+'/db.js')
, db = Mongo.client.db('jschan')
, captcha = db.collection('captcha')
, ratelimit = db.collection('ratelimit')
, db = Mongo.client.db('jschan').collection('captcha');
module.exports = {
captcha,
ratelimit,
db,
findOne: (id) => {
return captcha.findOne({ '_id': id });
@ -29,34 +25,8 @@ module.exports = {
});
},
resetQuota: (ip) => {
return ratelimit.deleteOne({ '_id': ip });
},
incrmentQuota: (ip) => {
return ratelimit.findOneAndUpdate(
{
'_id': ip
},
{
'$inc': {
'sequence_value': 1
},
'$setOnInsert': {
'expireAt': new Date()
}
},
{
'upsert': true
}
).then(r => { return r.value ? r.value.sequence_value : 0 });
},
deleteAll: () => {
return Promise.all([
captcha.deleteMany({}),
ratelimit.deleteMany({})
]);
return captcha.deleteMany({});
},
}

14
db/index.js
Unescape View File

@ -0,0 +1,14 @@
'use strict';
module.exports = {
Posts: require(__dirname+'/posts.js'),
Boards: require(__dirname+'/boards.js'),
Accounts: require(__dirname+'/accounts.js'),
Bans: require(__dirname+'/bans.js'),
Captchas: require(__dirname+'/captchas.js'),
Files: require(__dirname+'/files.js'),
News: require(__dirname+'/news.js'),
Ratelimits: require(__dirname+'/ratelimits.js')
}

37
db/ratelimits.js
Unescape View File

@ -0,0 +1,37 @@
'use strict';
const Mongo = require(__dirname+'/db.js')
, db = Mongo.client.db('jschan').collection('ratelimit');
module.exports = {
db,
resetQuota: (ip) => {
return db.deleteOne({ '_id': ip });
},
incrmentQuota: (ip, amount) => {
return db.findOneAndUpdate(
{
'_id': ip
},
{
'$inc': {
'sequence_value': amount
},
'$setOnInsert': {
'expireAt': new Date()
}
},
{
'upsert': true
}
).then(r => { return r.value ? r.value.sequence_value : 0 });
},
deleteAll: () => {
return ratelimit.deleteMany({});
},
}

10
gulpfile.js
Unescape View File

@ -27,12 +27,14 @@ async function wipe() {
, Posts = require(__dirname+'/db/posts.js')
, Bans = require(__dirname+'/db/bans.js')
, Captchas = require(__dirname+'/db/captchas.js')
, Ratelimits = require(__dirname+'/db/ratelimits.js')
, Accounts = require(__dirname+'/db/accounts.js')
, Files = require(__dirname+'/db/files.js');
//wipe db shit
await Promise.all([
Captchas.deleteAll(),
Ratelimits.deleteAll(),
Accounts.deleteAll(),
Posts.deleteAll(),
Boards.deleteAll(),
@ -85,13 +87,13 @@ async function wipe() {
//add indexes - should profiled and changed at some point if necessary
, Boards.db.createIndex({ips: 1, pph:1, sequence_value:1})
, Bans.db.dropIndexes()
, Captchas.captcha.dropIndexes()
, Captchas.ratelimit.dropIndexes()
, Captchas.db.dropIndexes()
, Ratelimits.db.dropIndexes()
, Posts.db.dropIndexes()
, Files.db.createIndex({ 'count': 1 })
, Bans.db.createIndex({ "expireAt": 1 }, { expireAfterSeconds: 0 }) //custom expiry, i.e. it will expire when current date > than this date
, Captchas.captcha.createIndex({ "expireAt": 1 }, { expireAfterSeconds: 300 }) //captchas valid for 5 minutes
, Captchas.ratelimit.createIndex({ "expireAt": 1 }, { expireAfterSeconds: 60 }) //per minute captcha ratelimit
, Captchas.db.createIndex({ "expireAt": 1 }, { expireAfterSeconds: 300 }) //captchas valid for 5 minutes
, Ratelimits.db.createIndex({ "expireAt": 1 }, { expireAfterSeconds: 60 }) //per minute captcha ratelimit
, Posts.db.createIndex({ 'postId': 1,'board': 1,})
, Posts.db.createIndex({ 'board': 1, 'thread': 1, 'bumped': -1 })
, Posts.db.createIndex({ 'board': 1, 'reports.0': 1 }, { 'partialFilterExpression': { 'reports.0': { '$exists': true } } })

7
helpers/captcha/captchaverify.js
Unescape View File

@ -1,7 +1,8 @@
'use strict';
const Captchas = require(__dirname+'/../../db/captchas.js')
, Mongo = require(__dirname+'/../../db/db.js')
, Ratelimits = require(__dirname+'/../../db/ratelimits.js')
, { ObjectId } = require(__dirname+'/../../db/db.js')
, remove = require('fs-extra').remove
, uploadDirectory = require(__dirname+'/../files/uploadDirectory.js');
@ -37,7 +38,7 @@ module.exports = async (req, res, next) => {
// try to get the captcha from the DB
let captcha;
try {
const captchaMongoId = Mongo.ObjectId(captchaId);
const captchaMongoId = ObjectId(captchaId);
captcha = await Captchas.findOneAndDelete(captchaMongoId, input);
} catch (err) {
return next(err);
@ -54,7 +55,7 @@ module.exports = async (req, res, next) => {
//it was correct, so delete the file, the cookie and reset their quota
res.clearCookie('captchaid');
await Promise.all([
Captchas.resetQuota(res.locals.ip),
Ratelimits.resetQuota(res.locals.ip),
remove(`${uploadDirectory}captcha/${captchaId}.jpg`)
]);

6
helpers/checks/haspermsmiddleware.js
Unescape View File

@ -1,8 +1,10 @@
'use strict';
const cache = {};
module.exports = (requiredLevel) => {
return function(req, res, next) {
return cache[requiredLevel] || (function(req, res, next) {
if (res.locals.permLevel > requiredLevel) {
return res.status(403).render('message', {
'title': 'Forbidden',
@ -11,6 +13,6 @@ module.exports = (requiredLevel) => {
});
}
next();
}
})
}

3
models/forms/actionhandler.js
Unescape View File

@ -1,7 +1,6 @@
'use strict';
const Posts = require(__dirname+'/../../db/posts.js')
, Boards = require(__dirname+'/../../db/boards.js')
const { Posts, Boards } = require(__dirname+'/../../db/')
, Mongo = require(__dirname+'/../../db/db.js')
, banPoster = require(__dirname+'/banposter.js')
, deletePosts = require(__dirname+'/deletepost.js')

2
models/forms/addnews.js
Unescape View File

@ -1,6 +1,6 @@
'use strict';
const News = require(__dirname+'/../../db/news.js')
const { News } = require(__dirname+'/../../db/')
, uploadDirectory = require(__dirname+'/../../helpers/files/uploadDirectory.js')
, { buildNews } = require(__dirname+'/../../helpers/build.js')
, linkQuotes = require(__dirname+'/../../helpers/posting/quotes.js')

2
models/forms/banposter.js
Unescape View File

@ -1,6 +1,6 @@
'use strict';
const Bans = require(__dirname+'/../../db/bans.js')
const { Bans } = require(__dirname+'/../../db/')
module.exports = async (req, res, next) => {

4
models/forms/changeboardsettings.js
Unescape View File

@ -1,8 +1,6 @@
'use strict';
const Boards = require(__dirname+'/../../db/boards.js')
, Posts = require(__dirname+'/../../db/posts.js')
, Accounts = require(__dirname+'/../../db/accounts.js')
const { Boards, Posts, Accounts } = require(__dirname+'/../../db/')
, uploadDirectory = require(__dirname+'/../../helpers/files/uploadDirectory.js')
, { buildHomepage, buildCatalog, buildBoardMultiple } = require(__dirname+'/../../helpers/build.js')
, { remove } = require('fs-extra')

2
models/forms/changepassword.js
Unescape View File

@ -1,7 +1,7 @@
'use strict';
const bcrypt = require('bcrypt')
, Accounts = require(__dirname+'/../../db/accounts.js');
, { Accounts } = require(__dirname+'/../../db/');
module.exports = async (req, res, next) => {

2
models/forms/create.js
Unescape View File

@ -1,6 +1,6 @@
'use strict';
const Boards = require(__dirname+'/../../db/boards.js');
const { Boards } = require(__dirname+'/../../db/');
module.exports = async (req, res, next) => {

2
models/forms/deletebanners.js
Unescape View File

@ -2,7 +2,7 @@
const { remove } = require('fs-extra')
, uploadDirectory = require(__dirname+'/../../helpers/files/uploadDirectory.js')
, Boards = require(__dirname+'/../../db/boards.js')
, { Boards } = require(__dirname+'/../../db/')
, { buildBanners } = require(__dirname+'/../../helpers/build.js')
module.exports = async (req, res, next) => {

4
models/forms/deleteboard.js
Unescape View File

@ -1,8 +1,6 @@
'use strict';
const Boards = require(__dirname+'/../../db/boards.js')
, Posts = require(__dirname+'/../../db/posts.js')
, Bans = require(__dirname+'/../../db/bans.js')
const { Boards, Posts, Bans } = require(__dirname+'/../../db/')
, deletePosts = require(__dirname+'/deletepost.js')
, uploadDirectory = require(__dirname+'/../../helpers/files/uploadDirectory.js')
, { remove } = require('fs-extra');

2
models/forms/deletenews.js
Unescape View File

@ -1,6 +1,6 @@
'use strict';
const News = require(__dirname+'/../../db/news.js')
const { News } = require(__dirname+'/../../db/')
, { buildNews } = require(__dirname+'/../../helpers/build.js')
module.exports = async (req, res, next) => {

3
models/forms/deletepost.js
Unescape View File

@ -3,8 +3,7 @@
const uploadDirectory = require(__dirname+'/../../helpers/files/uploadDirectory.js')
, { remove } = require('fs-extra')
, Mongo = require(__dirname+'/../../db/db.js')
, Posts = require(__dirname+'/../../db/posts.js')
, Files = require(__dirname+'/../../db/files.js')
, { Posts, Files } = require(__dirname+'/../../db/')
, linkQuotes = require(__dirname+'/../../helpers/posting/quotes.js')
, simpleMarkdown = require(__dirname+'/../../helpers/posting/markdown.js')
, sanitize = require('sanitize-html')

2
models/forms/deletepostsfiles.js
Unescape View File

@ -1,7 +1,7 @@
'use strict';
const { remove } = require('fs-extra')
, Files = require(__dirname+'/../../db/files.js')
, { Files } = require(__dirname+'/../../db/')
, uploadDirectory = require(__dirname+'/../../helpers/files/uploadDirectory.js')
module.exports = async (posts, unlinkOnly) => {

2
models/forms/edit-post.js
Unescape View File

@ -1,6 +1,6 @@
'use strict';
const Posts = require(__dirname+'/../../db/posts.js');
const { Posts } = require(__dirname+'/../../db/');
module.exports = async (req, res, next) => {

2
models/forms/globalreportpost.js
Unescape View File

@ -1,6 +1,6 @@
'use strict';
const Posts = require(__dirname+'/../../db/posts.js');
const { Posts } = require(__dirname+'/../../db/');
module.exports = (req, res, posts) => {

2
models/forms/login.js
Unescape View File

@ -1,7 +1,7 @@
'use strict';
const bcrypt = require('bcrypt')
, Accounts = require(__dirname+'/../../db/accounts.js');
, { Accounts } = require(__dirname+'/../../db/');
module.exports = async (req, res, next) => {

5
models/forms/makepost.js
Unescape View File

@ -5,10 +5,7 @@ const path = require('path')
, { remove, pathExists } = require('fs-extra')
, uploadDirectory = require(__dirname+'/../../helpers/files/uploadDirectory.js')
, Mongo = require(__dirname+'/../../db/db.js')
, Posts = require(__dirname+'/../../db/posts.js')
, Boards = require(__dirname+'/../../db/boards.js')
, Files = require(__dirname+'/../../db/files.js')
, Bans = require(__dirname+'/../../db/bans.js')
, { Posts, Boards, Files, Bans } = require(__dirname+'/../../db/')
, getTripCode = require(__dirname+'/../../helpers/posting/tripcode.js')
, linkQuotes = require(__dirname+'/../../helpers/posting/quotes.js')
, escape = require(__dirname+'/../../helpers/posting/escape.js')

2
models/forms/register.js
Unescape View File

@ -1,7 +1,7 @@
'use strict';
const bcrypt = require('bcrypt')
, Accounts = require(__dirname+'/../../db/accounts.js');
, { Accounts } = require(__dirname+'/../../db/');
module.exports = async (req, res, next) => {

2
models/forms/removebans.js
Unescape View File

@ -1,6 +1,6 @@
'use strict';
const Bans = require(__dirname+'/../../db/bans.js');
const { Bans } = require(__dirname+'/../../db/');
module.exports = async (req, res, next) => {

2
models/forms/reportpost.js
Unescape View File

@ -1,6 +1,6 @@
'use strict';
const Posts = require(__dirname+'/../../db/posts.js');
const { Posts } = require(__dirname+'/../../db/');
module.exports = (req, res, posts) => {

2
models/forms/uploadbanners.js
Unescape View File

@ -7,7 +7,7 @@ const path = require('path')
, fileCheckMimeType = require(__dirname+'/../../helpers/files/mimetypes.js')
, imageIdentify = require(__dirname+'/../../helpers/files/imageidentify.js')
, deleteTempFiles = require(__dirname+'/../../helpers/files/deletetempfiles.js')
, Boards = require(__dirname+'/../../db/boards.js')
, { Boards } = require(__dirname+'/../../db/')
, { buildBanners } = require(__dirname+'/../../helpers/build.js')
module.exports = async (req, res, next) => {

8
models/pages/captcha.js
Unescape View File

@ -1,15 +1,15 @@
'use strict';
const Captchas = require(__dirname+'/../../db/captchas.js')
const { Captchas, Ratelimits } = require(__dirname+'/../../db/ratelimits.js')
, generateCaptcha = require(__dirname+'/../../helpers/captcha/captchagenerate.js');
module.exports = async (req, res, next) => {
let captchaId;
try {
const ratelimit = await Captchas.incrmentQuota(res.locals.ip);
if (ratelimit > 12) { // 12 per minute = 1 per 5 seconds within a minute (with burst)
return res.status(429).redirect(`/img/ratelimit.png`);
const ratelimit = await Ratelimits.incrmentQuota(res.locals.ip, 10);
if (ratelimit > 100) {
return res.status(429).redirect('/img/ratelimit.png');
}
const text = Math.random().toString(36).substr(2,6);
captchaId = await Captchas.insertOne(text).then(r => r.insertedId); //get id of document as filename and captchaid

2
server.js
Unescape View File

@ -14,7 +14,7 @@ const express = require('express')
, configs = require(__dirname+'/configs/main.json')
, refererRegex = new RegExp(configs.refererRegex)
, Mongo = require(__dirname+'/db/db.js')
, { createHash, randomBytes } = require('crypto');
, { createHash } = require('crypto');
(async () => {

Write Preview
Loading…
Cancel
Save