jusax23/actions-test
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

small fixes

Browse source
This commit is contained in:
jusax23 2023-03-02 00:08:21 +01:00
parent 1fbe8d69cb
commit 3b40cc05c3
Signed by: jusax23
GPG key ID: 499E2AA870C1CD41
2 changed files with 7 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
src/api/post.ts
View file

@ -9,6 +9,7 @@ import { db } from "../sys/db.js"
import { sha256 } from "../sys/crypto.js";
import { get64, uts } from "../sys/tools.js";
import { addShutdownTask } from "nman";
import { suspectRequest } from "../sys/bruteforce.js";
let acts = importActs as { [key: string]: Act };
@ -17,7 +18,7 @@ let tempTokens: { [key: string]: postClient } = {};
export const addPostMethods = (server: express.Express) => {
for (const act in acts) {
let methode = acts[act];
server.post("/api/" + act, async (req, res) => {
server.post("/api/" + act, async (req: suspectRequest, res) => {
debug("POST", "reveived:", req.body);
const aws = (state: string, data: any) => {
res.status(state == "error" ? 400 : 200);
@ -31,11 +32,12 @@ export const addPostMethods = (server: express.Express) => {
if (tempTokens[auth.token] != null) {
client = tempTokens[auth.token];
} else {
if(req.suspect)req.suspect();
aws("error", "token");
return;
}
} else if (auth?.params?.name != null && auth?.params?.accountKey != null && typeof auth?.params?.name == "string" && typeof auth?.params?.accountKey == "string") {
client = new postClient(req.socket.remoteAddress ?? "");
client = new postClient(req.ip);
client.name = auth?.params?.name;
client.server = "localhost";
let accountKey = auth?.params?.accountKey;
@ -48,7 +50,7 @@ export const addPostMethods = (server: express.Express) => {
.query(db);
if (query.length == 0 || query[0].accountKey != sha256((query[0].accountKeySalt ?? '') + accountKey)) {
client.suspect();
if(req.suspect)req.suspect();
aws("error", "auth");
return;
}

4
src/sys/bruteforce.ts
View file

@ -4,7 +4,7 @@ import { uts } from "./tools.js";
import express from "express";
const timeout = 10;
const deleteater = 600;
const deleteafter = 600;
const maxSus = 100;
var bruteforcedata: { [key: string]: { n: number, t: number } } = {};
@ -29,7 +29,7 @@ var bruteforcedatacleaner = setInterval(async () => {
var utst = uts();
let keys = Object.keys(bruteforcedata);
for (var i = 0; i < keys.length; i++) {
if (utst - bruteforcedata[keys[i]].t > deleteater) {
if (utst - bruteforcedata[keys[i]].t > deleteafter) {
log("Bruteforce Protection", "remove ip: ", keys[i]);
delete bruteforcedata[keys[i]];
}