added discord api limiting
This commit is contained in:
@@ -6,31 +6,63 @@ import (
|
||||
"time"
|
||||
|
||||
"git.haelnorr.com/h/golib/hws"
|
||||
"github.com/pkg/errors"
|
||||
"github.com/uptrace/bun"
|
||||
|
||||
"git.haelnorr.com/h/oslstats/internal/config"
|
||||
"git.haelnorr.com/h/oslstats/internal/db"
|
||||
"git.haelnorr.com/h/oslstats/internal/session"
|
||||
"git.haelnorr.com/h/oslstats/internal/store"
|
||||
"git.haelnorr.com/h/oslstats/internal/view/page"
|
||||
"github.com/uptrace/bun"
|
||||
)
|
||||
|
||||
func Register(
|
||||
server *hws.Server,
|
||||
conn *bun.DB,
|
||||
cfg *config.Config,
|
||||
store *session.Store,
|
||||
store *store.Store,
|
||||
) http.Handler {
|
||||
return http.HandlerFunc(
|
||||
func(w http.ResponseWriter, r *http.Request) {
|
||||
attempts, exceeded, track := store.TrackRedirect(r, "/register", 3)
|
||||
|
||||
if exceeded {
|
||||
err := errors.Errorf(
|
||||
"registration redirect loop detected after %d attempts | ip=%s ua=%s path=%s first_seen=%s ssl=%t",
|
||||
attempts,
|
||||
track.IP,
|
||||
track.UserAgent,
|
||||
track.Path,
|
||||
track.FirstSeen.Format("2006-01-02T15:04:05Z07:00"),
|
||||
cfg.HWSAuth.SSL,
|
||||
)
|
||||
|
||||
store.ClearRedirectTrack(r, "/register")
|
||||
|
||||
throwError(
|
||||
server,
|
||||
w,
|
||||
r,
|
||||
http.StatusBadRequest,
|
||||
"Registration failed: Cookies appear to be blocked or disabled. Please enable cookies in your browser and try again. If this problem persists, try a different browser or contact support.",
|
||||
err,
|
||||
"warn",
|
||||
)
|
||||
return
|
||||
}
|
||||
|
||||
sessionCookie, err := r.Cookie("registration_session")
|
||||
if err != nil {
|
||||
http.Redirect(w, r, "/login", http.StatusSeeOther)
|
||||
return
|
||||
}
|
||||
details, ok := store.GetRegistrationSession(sessionCookie.Value)
|
||||
ok = false
|
||||
if !ok {
|
||||
http.Redirect(w, r, "/login", http.StatusSeeOther)
|
||||
return
|
||||
}
|
||||
|
||||
store.ClearRedirectTrack(r, "/register")
|
||||
ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
|
||||
defer cancel()
|
||||
tx, err := conn.BeginTx(ctx, nil)
|
||||
@@ -65,12 +97,11 @@ func IsUsernameUnique(
|
||||
server *hws.Server,
|
||||
conn *bun.DB,
|
||||
cfg *config.Config,
|
||||
store *session.Store,
|
||||
store *store.Store,
|
||||
) http.Handler {
|
||||
return http.HandlerFunc(
|
||||
func(w http.ResponseWriter, r *http.Request) {
|
||||
username := r.FormValue("username")
|
||||
// check if its unique
|
||||
ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
|
||||
defer cancel()
|
||||
tx, err := conn.BeginTx(ctx, nil)
|
||||
|
||||
Reference in New Issue
Block a user