Fixed IP-Hashing and Alt Detection behind Reverse Proxies
This commit is contained in:
parent
46a7e9e067
commit
8b6aa69c51
7 changed files with 42 additions and 10 deletions
|
|
@ -38,6 +38,9 @@ module.exports.post = async function(req, res){
|
|||
//Get sanatized/validated data
|
||||
const {email, pass} = matchedData(req);
|
||||
|
||||
//If we're proxied use passthrough IP
|
||||
const ip = config.proxied ? req.headers['x-forwarded-for'] : req.ip;
|
||||
|
||||
//Check to make sure the user is logged in
|
||||
if(req.session.user == null){
|
||||
errorHandler(res, "Invalid user!");
|
||||
|
|
@ -56,7 +59,7 @@ module.exports.post = async function(req, res){
|
|||
}
|
||||
|
||||
//Generate the password reset link
|
||||
const requestDB = await emailChangeModel.create({user: userDB._id, newEmail: email, ipHash: req.ip});
|
||||
const requestDB = await emailChangeModel.create({user: userDB._id, newEmail: email, ipHash: ip});
|
||||
|
||||
//Don't wait on mailer to get back to the browser
|
||||
res.sendStatus(200);
|
||||
|
|
|
|||
|
|
@ -40,6 +40,9 @@ module.exports.post = async function(req, res){
|
|||
//Verify Altcha Payload
|
||||
const verified = await altchaUtils.verify(req.body.verification);
|
||||
|
||||
//If we're proxied use passthrough IP
|
||||
const ip = config.proxied ? req.headers['x-forwarded-for'] : req.ip;
|
||||
|
||||
//If altcha verification failed
|
||||
if(!verified){
|
||||
return errorHandler(res, 'Altcha verification failed, Please refresh the page!', 'unauthorized');
|
||||
|
|
@ -63,7 +66,7 @@ module.exports.post = async function(req, res){
|
|||
}
|
||||
|
||||
//Generate the password reset link
|
||||
const requestDB = await passwordResetModel.create({user: userDB._id, ipHash: req.ip});
|
||||
const requestDB = await passwordResetModel.create({user: userDB._id, ipHash: ip});
|
||||
|
||||
//Send the reset url via email
|
||||
const mailInfo = await mailUtils.mailem(
|
||||
|
|
|
|||
|
|
@ -43,6 +43,10 @@ module.exports.post = async function(req, res){
|
|||
return errorHandler(res, 'Altcha verification failed, Please refresh the page!', 'unauthorized');
|
||||
}
|
||||
|
||||
|
||||
//If we're proxied use passthrough IP
|
||||
const ip = config.proxied ? req.headers['x-forwarded-for'] : req.ip;
|
||||
|
||||
//Would prefer to stick this in userModel.statics.register() but we end up with circular dependencies >:(
|
||||
const nukedBans = await userBanModel.checkProcessedBans(user.user);
|
||||
|
||||
|
|
@ -53,7 +57,7 @@ module.exports.post = async function(req, res){
|
|||
}
|
||||
|
||||
//Look for ban by IP
|
||||
const ipBanDB = await userBanModel.checkBanByIP(req.ip);
|
||||
const ipBanDB = await userBanModel.checkBanByIP(ip);
|
||||
|
||||
//If this ip is randy bobandy
|
||||
if(ipBanDB != null){
|
||||
|
|
@ -68,7 +72,9 @@ module.exports.post = async function(req, res){
|
|||
return errorHandler(res, banMsg.join('<br>'), 'unauthorized');
|
||||
}
|
||||
|
||||
await userModel.register(user, req.ip);
|
||||
//Register off of given IP
|
||||
await userModel.register(user, ip);
|
||||
|
||||
return res.sendStatus(200);
|
||||
}else{
|
||||
res.status(400);
|
||||
|
|
|
|||
|
|
@ -34,6 +34,9 @@ module.exports.post = async function(req, res){
|
|||
//Find user from input
|
||||
const userDB = await userModel.findOne({user});
|
||||
|
||||
//If we're proxied use passthrough IP
|
||||
const ip = config.proxied ? req.headers['x-forwarded-for'] : req.ip;
|
||||
|
||||
//If there is no user
|
||||
if(userDB == null){
|
||||
//Scream
|
||||
|
|
@ -41,7 +44,7 @@ module.exports.post = async function(req, res){
|
|||
}
|
||||
|
||||
//Generate the password reset link
|
||||
const requestDB = await passwordResetModel.create({user: userDB._id, ipHash: req.ip});
|
||||
const requestDB = await passwordResetModel.create({user: userDB._id, ipHash: ip});
|
||||
|
||||
//send URL
|
||||
res.status(200);
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue