rainbownapkin/canopy
1
0
Fork 0
Code Issues 5 Pull requests Projects Releases Packages Wiki Activity Actions

Finished up with IP-Ban functionality on the back-end. Just need to finish up with UI.

Browse source
This commit is contained in:
rainbow napkin 2025-01-01 17:36:43 -05:00
parent 756c42ceaa
commit 977e8e1e2e
16 changed files with 284 additions and 67 deletions
Download patch file Download diff file Expand all files Collapse all files

178
src/schemas/user/userBanSchema.js
View file

@ -18,6 +18,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.*/
const {mongoose} = require('mongoose');
//Local Imports
const hashUtil = require('../../utils/hashUtils');
const {userModel} = require('./userSchema');
const userBanSchema = new mongoose.Schema({
@ -25,16 +26,20 @@ const userBanSchema = new mongoose.Schema({
type: mongoose.SchemaTypes.ObjectID,
ref: "user"
},
//To be used in future when ip-hashing/better session tracking is implemented
ips: {
type: [mongoose.SchemaTypes.String],
required: false
plaintext: {
type: [mongoose.SchemaTypes.String],
required: false
},
hashed: {
type: [mongoose.SchemaTypes.String],
required: false
}
},
//To be used in future when alt-detection has been implemented
alts: {
alts: [{
type: mongoose.SchemaTypes.ObjectID,
ref: "user"
},
}],
deletedNames: {
type: [mongoose.SchemaTypes.String],
required: false
@ -58,15 +63,92 @@ const userBanSchema = new mongoose.Schema({
}
});
userBanSchema.statics.checkBanByIP = async function(ip){
//Get hash of ip
const ipHash = hashUtil.hashIP(ip);
//Get all bans
const banDB = await this.find({});
//Create null variable to hold any found ban
let foundBan = null;
//For every ban
for(ban of banDB){
//Create empty list to hold unmatched hashes in the advent that we match one
let tempHashes = [];
//Create flag to throw to save tempHashes in the advent that we have matches we dont want to save as hashes
let saveBan = false;
//For every plaintext IP in the ban
for(ipIndex in ban.ips.plaintext){
//Get the current ip
const curIP = ban.ips.plaintext[ipIndex];
//Check the current IP against the given ip
if(ip == curIP){
//If it matches we found the ban
foundBan = ban;
}
}
//For every hashed IP in the ban
for(ipIndex in ban.ips.hashed){
//Get the current ip hash
const curHash = ban.ips.hashed[ipIndex];
//Check the current hash against the given hash
if(ipHash == curHash){
//If it matches we found the ban
foundBan = ban;
//Push the match to plaintext IPs so we know who the fucker is
ban.ips.plaintext.push(ip);
//Throw the save ban flag to save the ban
saveBan = true;
//Otherwise
}else{
//Keep the hash since it hasn't been matched yet
tempHashes.push(curHash);
}
}
//If we matched a hashed ip and we need to save it as plaintext
if(saveBan){
//Keep unmatched hashes
ban.ips.hashed = tempHashes;
//Save the current ban
await ban.save();
}
}
return foundBan;
}
userBanSchema.statics.checkBanByUserDoc = async function(userDB){
const banDB = await this.find({});
var foundBan = null;
banDB.forEach((ban) => {
if(ban.user != null){
//if we found a match
if(ban.user.toString() == userDB._id.toString()){
//Set found ban
foundBan = ban;
}
//For each banned alt
for(altIndex in ban.alts){
//get current alt
const alt = ban.alts[altIndex];
//if the alt matches our user
if(alt._id.toString() == userDB._id.toString()){
//Set found ban
foundBan = ban;
}
}
}
});
@ -99,7 +181,7 @@ userBanSchema.statics.checkProcessedBans = async function(user){
return foundBan;
}
userBanSchema.statics.banByUserDoc = async function(userDB, permanent, expirationDays){
userBanSchema.statics.banByUserDoc = async function(userDB, permanent, expirationDays, ipBan = false){
//Prevent missing users
if(userDB == null){
throw new Error("User not found")
@ -110,6 +192,7 @@ userBanSchema.statics.banByUserDoc = async function(userDB, permanent, expiratio
throw new Error("User already banned");
}
//Verify time to expire/delete depending on action
if(expirationDays < 0){
throw new Error("Expiration Days must be a positive integer!");
}else if(expirationDays < 30 && permanent){
@ -118,20 +201,65 @@ userBanSchema.statics.banByUserDoc = async function(userDB, permanent, expiratio
throw new Error("Expiration/Deletion date cannot be longer than half a year out from the original ban date.");
}
//Log the user out
if(permanent){
await userDB.killAllSessions(`Your account has been permanently banned, and will be nuked from the database in ${expirationDays} day(s).`);
}else{
await userDB.killAllSessions(`Your account has been temporarily banned, and will be reinstated in: ${expirationDays} day(s).`);
}
await banSessions(userDB);
//Add the ban to the database
return await this.create({user: userDB._id, permanent, expirationDays});
const banDB = await this.create({user: userDB._id, permanent, expirationDays});
//If we're banning the users IP
if(ipBan){
//Scrape IP's from current user into the ban record
await scrapeUserIPs(userDB);
//Populate the users alts
await userDB.populate('alts');
//For each of the users alts
for(altIndex in userDB.alts){
//Add the current alt to the ban record
banDB.alts.push(userDB.alts[altIndex]._id);
//Scrape out the IPs from the current alt into the ban record
await scrapeUserIPs(userDB.alts[altIndex]);
//Kill all of alts sessions
await banSessions(userDB.alts[altIndex]);
}
//Save commited IP information to the ban record
await banDB.save();
async function scrapeUserIPs(curRecord){
//For each hashed ip on record for this user
for(hashIndex in curRecord.recentIPs){
//Look for any occurance of the current hash
const foundHash = banDB.ips.hashed.indexOf(curRecord.recentIPs[hashIndex].ipHash);
//If its not listed in the ban record
if(foundHash == -1){
//Add it to the list of hashed IPs for this ban
banDB.ips.hashed.push(curRecord.recentIPs[hashIndex].ipHash);
}
}
}
}
//return the ban record
return banDB;
async function banSessions(user){
//Log the user out
if(permanent){
await user.killAllSessions(`Your account has been permanently banned, and will be nuked from the database in ${expirationDays} day(s).`);
}else{
await user.killAllSessions(`Your account has been temporarily banned, and will be reinstated in: ${expirationDays} day(s).`);
}
}
}
userBanSchema.statics.ban = async function(user, permanent, expirationDays){
userBanSchema.statics.ban = async function(user, permanent, expirationDays, ipBan){
const userDB = await userModel.findOne({user: user.user});
return this.banByUserDoc(userDB, permanent, expirationDays);
return this.banByUserDoc(userDB, permanent, expirationDays, ipBan);
}
userBanSchema.statics.unbanByUserDoc = async function(userDB){
@ -217,6 +345,7 @@ userBanSchema.statics.getBans = async function(){
userBanSchema.statics.processExpiredBans = async function(){
const banDB = await this.find({});
//Firem all off all at once seperately without waiting for one another
banDB.forEach(async (ban) => {
//This ban was already processed, and it's user has been deleted. There is no more to be done...
if(ban.user == null){
@ -227,14 +356,27 @@ userBanSchema.statics.processExpiredBans = async function(){
if(ban.getDaysUntilExpiration() <= 0){
//If the ban is permanent
if(ban.permanent){
//Populate the user field
//Populate the user and alt fields
await ban.populate('user');
await ban.populate('alts');
//Add the name to our deleted names list
ban.deletedNames.push(ban.user.user);
//Hey hey hey, goodbye!
await userModel.deleteOne({_id: ban.user._id});
//Empty out the reference
ban.user = null;
//For every alt
for(alt of ban.alts){
//Add the alts name to the deleted names list
ban.deletedNames.push(alt.user);
//Motherfuckin' Kablewie!
await userModel.deleteOne({_id: alt._id});
}
//Clear out the alts array
ban.alts = [];
//Save the ban
await ban.save();
}else{
@ -242,7 +384,7 @@ userBanSchema.statics.processExpiredBans = async function(){
await this.deleteOne({_id: ban._id});
}
}
})
});
}
//methods