mirror of https://github.com/TryGhost/Ghost.git
78 lines
2.2 KiB
JavaScript
78 lines
2.2 KiB
JavaScript
var url = require('url'),
|
|
spamPrevention = require('./api/spam-prevention');
|
|
|
|
/**
|
|
* We set ignoreIP to false, because we tell brute-knex to use `req.ip`.
|
|
* We can use `req.ip`, because express trust proxy option is enabled.
|
|
*/
|
|
module.exports = {
|
|
/**
|
|
* block per route per ip
|
|
*/
|
|
globalBlock: function (req, res, next) {
|
|
return spamPrevention.globalBlock().getMiddleware({
|
|
ignoreIP: false,
|
|
key: function (req, res, next) {
|
|
next(url.parse(req.url).pathname);
|
|
}
|
|
})(req, res, next);
|
|
},
|
|
/**
|
|
* block per route per ip
|
|
*/
|
|
globalReset: function (req, res, next) {
|
|
return spamPrevention.globalReset().getMiddleware({
|
|
ignoreIP: false,
|
|
key: function (req, res, next) {
|
|
next(url.parse(req.url).pathname);
|
|
}
|
|
})(req, res, next);
|
|
},
|
|
/**
|
|
* block per user
|
|
* username === email!
|
|
*/
|
|
userLogin: function (req, res, next) {
|
|
return spamPrevention.userLogin().getMiddleware({
|
|
ignoreIP: false,
|
|
key: function (req, res, next) {
|
|
if (req.body.username) {
|
|
return next(req.body.username + 'login');
|
|
}
|
|
|
|
if (req.body.authorizationCode) {
|
|
return next(req.body.authorizationCode + 'login');
|
|
}
|
|
|
|
if (req.body.refresh_token) {
|
|
return next(req.body.refresh_token + 'login');
|
|
}
|
|
|
|
return next();
|
|
}
|
|
})(req, res, next);
|
|
},
|
|
/**
|
|
* block per user
|
|
*/
|
|
userReset: function (req, res, next) {
|
|
return spamPrevention.userReset().getMiddleware({
|
|
ignoreIP: false,
|
|
key: function (req, res, next) {
|
|
next(req.body.username + 'reset');
|
|
}
|
|
})(req, res, next);
|
|
},
|
|
/**
|
|
* block per ip
|
|
*/
|
|
privateBlog: function (req, res, next) {
|
|
return spamPrevention.privateBlog().getMiddleware({
|
|
ignoreIP: false,
|
|
key: function (req, res, next) {
|
|
next('privateblog');
|
|
}
|
|
})(req, res, next);
|
|
}
|
|
};
|