krikkert/habitica
1
0
Fork 0
mirror of https://github.com/HabitRPG/habitica.git synced 2025-12-19 07:37:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add interface to block ip-addresses or clients due to abuse (#15484)

Browse Source 
* Read IP blocks from database

* begin building general blocking solution

* add new frontend files

* Add UI for managing blockers

* correctly reset local data after creating blocker

* Tweak wording

* Add UI for managing blockers

* restructure admin pages

* improve test coverage

* Improve blocker UI

* add blocker to block emails from registration

* lint fix

* fix

* lint fixes

* fix import

* add new permission for managing blockers

* improve permission check

* fix managing permissions from admin

* improve navbar display for non fullAccess admin

* update block error strings

* lint fix

* add option to errorHandler to skip logging

* validate blocker value during input

* improve blocker form display

* chore(subproj): reconcile habitica-images

* fix(scripts): use same Mongo version for dev/test

* fix(whitespace): eof

* documentation improvements

* remove nconf import

* remove old test

---------

Co-authored-by: Kalista Payne <kalista@habitica.com>
Co-authored-by: Kalista Payne <sabrecat@gmail.com>
This commit is contained in:
Phillip Thelen
2025-08-06 22:08:07 +02:00
committed by GitHub
parent ae4130b108
commit 12773d539e
51 changed files with 1454 additions and 428 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
website/server/middlewares/errorHandler.js
View File

@@ -66,19 +66,21 @@ export default function errorHandler (err, req, res, next) { // eslint-disable-l
responseErr = new InternalServerError();
}
// log the error
logger.error(err, {
method: req.method,
originalUrl: req.originalUrl,
if (!err.skipLogging) {
// log the error
logger.error(err, {
method: req.method,
originalUrl: req.originalUrl,
// don't send sensitive information that only adds noise
headers: omit(req.headers, ['x-api-key', 'cookie', 'password', 'confirmPassword']),
body: omit(req.body, ['password', 'confirmPassword']),
query: omit(req.query, ['password', 'confirmPassword']),
// don't send sensitive information that only adds noise
headers: omit(req.headers, ['x-api-key', 'cookie', 'password', 'confirmPassword']),
body: omit(req.body, ['password', 'confirmPassword']),
query: omit(req.query, ['password', 'confirmPassword']),
httpCode: responseErr.httpCode,
isHandledError: responseErr.httpCode < 500,
});
httpCode: responseErr.httpCode,
isHandledError: responseErr.httpCode < 500,
});
}
const jsonRes = {
success: false,