specter/CyTube
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Limit guest login rate

Browse source
This commit is contained in:
calzoneman 2013-05-02 22:13:46 -05:00
parent e62a02673c
commit 4195bbaa17
2 changed files with 17 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
config.js
View file

@ -15,3 +15,4 @@ exports.MYSQL_USER = "";
exports.MYSQL_PASSWORD = "";
exports.IO_PORT = 1337;
exports.MAX_PER_IP = 10;
exports.GUEST_LOGIN_DELAY = 60; // Seconds

16
user.js
View file

@ -15,6 +15,7 @@ var Channel = require("./channel.js").Channel;
var Server = require("./server.js");
var Database = require("./database.js");
var Logger = require("./logger.js");
var Config = require("./config.js");
// Represents a client connected via socket.io
var User = function(socket, ip) {
@ -338,6 +339,7 @@ User.prototype.handleAdm = function(data) {
}
};
var lastguestlogin = {};
// Attempt to login
User.prototype.login = function(name, pw, session) {
if(this.channel != null && name != "") {
@ -353,6 +355,19 @@ User.prototype.login = function(name, pw, session) {
}
// No password => try guest login
if(pw == "" && session == "") {
if(this.ip in lastguestlogin) {
var diff = (Date.now() - lastguestlogin[this.ip])/1000;
if(diff < Config.GUEST_LOGIN_DELAY) {
this.socket.emit("login", {
success: false,
error: ["Guest logins are restricted to one per ",
Config.GUEST_LOGIN_DELAY + " seconds per IP. ",
"This restriction does not apply to registered users."
].join("")
});
return false;
}
}
// Sorry bud, can't take that name
if(Auth.isRegistered(name)) {
this.socket.emit("login", {
@ -369,6 +384,7 @@ User.prototype.login = function(name, pw, session) {
});
}
else {
lastguestlogin[this.ip] = Date.now();
Logger.syslog.log(this.ip + " signed in as " + name);
this.name = name;
this.loggedIn = false;