krikkert/habitica
1
0
Fork 0
mirror of https://github.com/HabitRPG/habitica.git synced 2025-12-19 15:48:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

restructure admin pages

Browse Source
This commit is contained in:
Phillip Thelen
2025-06-18 14:24:38 +02:00
parent 2a2bea07ab
commit e9b2c1b51a
36 changed files with 246 additions and 218 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
website/server/middlewares/ipBlocker.js → website/server/middlewares/blocker.js
View File

@@ -23,35 +23,43 @@ const blockedIps = BLOCKED_IPS_RAW
.filter(blockedIp => Boolean(blockedIp))
: [];
const blockedClients = [];
Blocker.watchBlockers({
type: 'ipaddress',
$or: [
{ type: 'ipaddress' },
{ type: 'client' },
],
area: 'full',
}, {
initial: true,
}).on('change', async change => {
const { operation, blocker } = change;
const checkedList = blocker.type === 'ipaddress' ? blockedIps : blockedClients;
if (operation === 'add') {
if (blocker.value && !blockedIps.includes(blocker.value)) {
blockedIps.push(blocker.value);
if (blocker.value && !checkedList.includes(blocker.value)) {
checkedList.push(blocker.value);
}
} else if (operation === 'delete') {
const index = blockedIps.indexOf(blocker.value);
const index = checkedList.indexOf(blocker.value);
if (index !== -1) {
blockedIps.splice(index, 1);
checkedList.splice(index, 1);
}
}
});
export default function ipBlocker (req, res, next) {
// If there are no IPs to block, skip the middleware
if (blockedIps.length === 0) return next();
// Is the client IP, req.ip, blocked?
const match = blockedIps.find(blockedIp => blockedIp === req.ip) !== undefined;
if (blockedIps.length === 0 && blockedClients.length === 0) return next();
if (match === true) {
// Not translated because no user is loaded at this point
const ipMatch = blockedIps.find(blockedIp => blockedIp === req.ip) !== undefined;
if (ipMatch === true) {
return next(new Forbidden(apiError('ipAddressBlocked')));
}
const clientMatch = blockedClients.find(blockedClient => blockedClient === req.headers['x-client']) !== undefined;
if (clientMatch === true) {
return next(new Forbidden(apiError('clientBlocked')));
}
return next();
}

4
website/server/middlewares/index.js
View File

@@ -23,7 +23,7 @@ import {
forceSSL,
forceHabitica,
} from './redirects';
import ipBlocker from './ipBlocker';
import blocker from './blocker';
import v1 from './v1';
import v2 from './v2';
import appRoutes from './appRoutes';
@@ -81,7 +81,7 @@ export default function attachMiddlewares (app, server) {
app.use(maintenanceMode);
app.use(ipBlocker);
app.use(blocker);
app.use(cors);
app.use(forceSSL);

1
website/server/models/blocker.js
View File

@@ -7,6 +7,7 @@ import baseModel from '../libs/baseModel';
export const blockTypes = [
'ipaddress',
'email',
'client',
];
export const blockArea = [