Make quotas ip based.
Clients now can not bypass quota by having more than 1 client
This commit is contained in:
Wolfy 2020-04-07 13:03:36 -04:00
parent 237139d715
commit dda2549a14
4 changed files with 58 additions and 29 deletions

View File

@ -1,6 +1,3 @@
const quotas = require('../Quotas');
const RateLimit = require('./RateLimit.js').RateLimit;
const RateLimitChain = require('./RateLimit.js').RateLimitChain;
const Room = require("./Room.js"); const Room = require("./Room.js");
require('node-json-color-stringify'); require('node-json-color-stringify');
class Client extends EventEmitter { class Client extends EventEmitter {
@ -17,19 +14,6 @@ class Client extends EventEmitter {
this.ip = (req.connection.remoteAddress).replace("::ffff:", ""); this.ip = (req.connection.remoteAddress).replace("::ffff:", "");
this.destroied = false; this.destroied = false;
this.bindEventListeners(); this.bindEventListeners();
this.quotas = {
//note: new limiter(2000, { allowance:3000, max:24000, maxHistLen:3}),
chat: {
lobby: new RateLimitChain(quotas.chat.lobby.amount, quotas.chat.lobby.time),
normal: new RateLimitChain(quotas.chat.normal.amount, quotas.chat.normal.time),
insane: new RateLimitChain(quotas.chat.insane.amount, quotas.chat.insane.time)
},
name: new RateLimitChain(quotas.name.amount, quotas.name.time),
room: new RateLimit(quotas.room.time),
chown: new RateLimitChain(quotas.chown.amount, quotas.chown.time),
cursor: new RateLimit(quotas.cursor.time),
kickban: new RateLimitChain(quotas.kickban.amount, quotas.kickban.time),
}
require('./Message.js')(this); require('./Message.js')(this);
} }
isConnected() { isConnected() {

View File

@ -1,4 +1,5 @@
const quotas = require('../Quotas'); const NoteQuotas = require('../Quotas');
let quotas;
const User = require("./User.js"); const User = require("./User.js");
module.exports = (cl) => { module.exports = (cl) => {
cl.once("hi", () => { cl.once("hi", () => {
@ -12,6 +13,7 @@ module.exports = (cl) => {
msg.v = "Beta"; msg.v = "Beta";
cl.sendArray([msg]) cl.sendArray([msg])
cl.user = data; cl.user = data;
quotas = cl.server.connections[cl.user._id].quotas;
}) })
}) })
cl.on("t", msg => { cl.on("t", msg => {
@ -23,24 +25,24 @@ module.exports = (cl) => {
}]) }])
}) })
cl.on("ch", msg => { cl.on("ch", msg => {
if (!cl.quotas.room.attempt()) return; if (!quotas.room.attempt()) return;
if (!msg.hasOwnProperty("set") || !msg.set) msg.set = {}; if (!msg.hasOwnProperty("set") || !msg.set) msg.set = {};
if (msg.hasOwnProperty("_id") && typeof msg._id == "string") { if (msg.hasOwnProperty("_id") && typeof msg._id == "string") {
if (msg._id.length > 512) return; if (msg._id.length > 512) return;
cl.setChannel(msg._id, msg.set); cl.setChannel(msg._id, msg.set);
if (cl.channel.isLobby(cl.channel._id)) { if (cl.channel.isLobby(cl.channel._id)) {
cl.sendArray([{m: 'nq', allowance: quotas.note.lobby.allowance, max: quotas.note.lobby.max, maxHistLen: quotas.note.lobby.maxHistLen}]) cl.sendArray([{m: 'nq', allowance: NoteQuotas.note.lobby.allowance, max: NoteQuotas.note.lobby.max, maxHistLen: NoteQuotas.note.lobby.maxHistLen}])
} else { } else {
if (!(cl.user._id == cl.channel.crown.userId)) { if (!(cl.user._id == cl.channel.crown.userId)) {
cl.sendArray([{m: 'nq', allowance: quotas.note.normal.allowance, max: quotas.note.normal.max, maxHistLen: quotas.note.normal.maxHistLen}]) cl.sendArray([{m: 'nq', allowance: NoteQuotas.note.normal.allowance, max: NoteQuotas.note.normal.max, maxHistLen: NoteQuotas.note.normal.maxHistLen}])
} else { } else {
cl.sendArray([{m: 'nq', allowance: quotas.note.insane.allowance, max: quotas.note.insane.max, maxHistLen: quotas.note.insane.maxHistLen}]) cl.sendArray([{m: 'nq', allowance: NoteQuotas.note.insane.allowance, max: NoteQuotas.note.insane.max, maxHistLen: NoteQuotas.note.insane.maxHistLen}])
} }
} }
} }
}) })
cl.on("m", msg => { cl.on("m", msg => {
if (!cl.quotas.cursor.attempt()) return; if (!quotas.cursor.attempt()) return;
if (!(cl.channel && cl.participantId)) return; if (!(cl.channel && cl.participantId)) return;
if (!msg.hasOwnProperty("x")) msg.x = null; if (!msg.hasOwnProperty("x")) msg.x = null;
if (!msg.hasOwnProperty("y")) msg.y = null; if (!msg.hasOwnProperty("y")) msg.y = null;
@ -50,7 +52,7 @@ module.exports = (cl) => {
}) })
cl.on("chown", msg => { cl.on("chown", msg => {
if (!cl.quotas.chown.attempt()) return; if (!quotas.chown.attempt()) return;
if (!(cl.channel && cl.participantId)) return; if (!(cl.channel && cl.participantId)) return;
//console.log((Date.now() - cl.channel.crown.time)) //console.log((Date.now() - cl.channel.crown.time))
//console.log(!(cl.channel.crown.userId != cl.user._id), !((Date.now() - cl.channel.crown.time) > 15000)); //console.log(!(cl.channel.crown.userId != cl.user._id), !((Date.now() - cl.channel.crown.time) > 15000));
@ -73,12 +75,12 @@ module.exports = (cl) => {
}) })
cl.on("a", msg => { cl.on("a", msg => {
if (cl.channel.isLobby(cl.channel._id)) { if (cl.channel.isLobby(cl.channel._id)) {
if (!cl.quotas.chat.lobby.attempt()) return; if (!quotas.chat.lobby.attempt()) return;
} else { } else {
if (!(cl.user._id == cl.channel.crown.userId)) { if (!(cl.user._id == cl.channel.crown.userId)) {
if (!cl.quotas.chat.normal.attempt()) return; if (!quotas.chat.normal.attempt()) return;
} else { } else {
if (!cl.quotas.chat.insane.attempt()) return; if (!quotas.chat.insane.attempt()) return;
} }
} }
if (!(cl.channel && cl.participantId)) return; if (!(cl.channel && cl.participantId)) return;
@ -121,7 +123,7 @@ module.exports = (cl) => {
cl.server.roomlisteners.delete(cl.connectionid); cl.server.roomlisteners.delete(cl.connectionid);
}) })
cl.on("userset", msg => { cl.on("userset", msg => {
if (!cl.quotas.name.attempt()) return; if (!quotas.name.attempt()) return;
if (!(cl.channel && cl.participantId)) return; if (!(cl.channel && cl.participantId)) return;
if (!msg.hasOwnProperty("set") || !msg.set) msg.set = {}; if (!msg.hasOwnProperty("set") || !msg.set) msg.set = {};
if (msg.set.hasOwnProperty('name') && typeof msg.set.name == "string") { if (msg.set.hasOwnProperty('name') && typeof msg.set.name == "string") {
@ -143,7 +145,7 @@ module.exports = (cl) => {
} }
}) })
cl.on('kickban', msg => { cl.on('kickban', msg => {
if (!cl.quotas.kickban.attempt()) return; if (!quotas.kickban.attempt()) return;
if (!(cl.channel && cl.participantId)) return; if (!(cl.channel && cl.participantId)) return;
if (!(cl.user._id == cl.channel.crown.userId)) return; if (!(cl.user._id == cl.channel.crown.userId)) return;
if (msg.hasOwnProperty('_id') && typeof msg._id == "string") { if (msg.hasOwnProperty('_id') && typeof msg._id == "string") {

View File

@ -1,3 +1,6 @@
const quotas = require('../Quotas');
const RateLimit = require('./RateLimit.js').RateLimit;
const RateLimitChain = require('./RateLimit.js').RateLimitChain;
const ColorEncoder = require("./ColorEncoder.js"); const ColorEncoder = require("./ColorEncoder.js");
const { promisify } = require('util'); const { promisify } = require('util');
let userdb; let userdb;
@ -13,6 +16,25 @@ class User {
await this.setUpDb(); await this.setUpDb();
} }
let _id = createKeccakHash('keccak256').update((this.cl.server._id_Private_Key + this.cl.ip)).digest('hex').substr(0, 24); let _id = createKeccakHash('keccak256').update((this.cl.server._id_Private_Key + this.cl.ip)).digest('hex').substr(0, 24);
if(this.server.connections[_id]){ // Connection rate quota?
//if(this.connectionsObjects[_id].connections.length < 10) this.connectionsObjects[_id].connections.push({room:undefined,ws:ws,cl:new Connection(ws)});
}else{
this.server.connections[_id] = {
quotas:{
//note: new limiter(2000, { allowance:3000, max:24000, maxHistLen:3}),
chat: {
lobby: new RateLimitChain(quotas.chat.lobby.amount, quotas.chat.lobby.time),
normal: new RateLimitChain(quotas.chat.normal.amount, quotas.chat.normal.time),
insane: new RateLimitChain(quotas.chat.insane.amount, quotas.chat.insane.time)
},
name: new RateLimitChain(quotas.name.amount, quotas.name.time),
room: new RateLimit(quotas.room.time),
chown: new RateLimitChain(quotas.chown.amount, quotas.chown.time),
cursor: new RateLimit(quotas.cursor.time),
kickban: new RateLimitChain(quotas.kickban.amount, quotas.kickban.time),
}
};
};
//console.log("CONNECTED IP: " + this.cl.ip); //console.log("CONNECTED IP: " + this.cl.ip);
let usertofind = userdb.get(_id); let usertofind = userdb.get(_id);
if (!usertofind) { if (!usertofind) {

View File

@ -110,5 +110,26 @@
"name": "Anonymous", "name": "Anonymous",
"_id": "651d3e63d8a738ac1a40ed9f", "_id": "651d3e63d8a738ac1a40ed9f",
"ip": "77.111.247.71" "ip": "77.111.247.71"
},
"310260bf24ad833846100e82": {
"color": "#5091f3",
"noteColor": "#5091f3",
"name": "Anonymous",
"_id": "310260bf24ad833846100e82",
"ip": "54.172.205.12"
},
"c6d435dd7fa48be7cea001ba": {
"color": "#e4f154",
"noteColor": "#e4f154",
"name": "Anonymous",
"_id": "c6d435dd7fa48be7cea001ba",
"ip": "75.91.45.152"
},
"4828437c28f608315e2a3051": {
"color": "#5c1ec9",
"noteColor": "#5c1ec9",
"name": "Samsung",
"_id": "4828437c28f608315e2a3051",
"ip": "23.237.128.50"
} }
} }