Last active
December 14, 2019 15:14
-
-
Save b-m-9/f84b80499f0b99ff41a13a6766bbb2ac to your computer and use it in GitHub Desktop.
api_plugin for api-nodejs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const redis = require('../modules/RedisClientAPI').redis; | |
| const random = require('../modules/random'); | |
| const config = require('../modules/config'); | |
| const Promise = require("bluebird"); | |
| const {promisify} = require('util'); | |
| const redisAsync = { | |
| get: promisify(redis.get).bind(redis), | |
| del: promisify(redis.del).bind(redis), | |
| ttl: promisify(redis.ttl).bind(redis), | |
| set: promisify(redis.set).bind(redis), | |
| }; | |
| function DDOS_Error(time) { | |
| if (time < 0) time = 1; | |
| time += 1; | |
| let stack_ = (new Error()).stack.replace(new RegExp(' ', 'g'), '').replace(new RegExp('at ', 'g'), '').replace(new RegExp('Promise.(.*).err', 'g'), 'Promise').split("\n"); | |
| let message_stack = ''; | |
| if (stack_[2] && stack_[2].indexOf('bluebird') === -1 && stack_[2].indexOf('modules/error/api') === -1) message_stack += stack_[2]; | |
| if (stack_[3] && stack_[3].indexOf('bluebird') === -1 && stack_[3].indexOf('modules/error/api') === -1) message_stack += '\n' + stack_[3]; | |
| if (stack_[4] && stack_[4].indexOf('bluebird') === -1 && stack_[4].indexOf('modules/error/api') === -1) message_stack += '\n' + stack_[4]; | |
| if (stack_[5] && stack_[5].indexOf('bluebird') === -1 && stack_[5].indexOf('modules/error/api') === -1) message_stack += '\n' + stack_[5]; | |
| if (stack_[6] && stack_[6].indexOf('bluebird') === -1 && stack_[6].indexOf('modules/error/api') === -1) message_stack += '\n' + stack_[6]; | |
| if (stack_[7] && stack_[7].indexOf('bluebird') === -1 && stack_[7].indexOf('modules/error/api') === -1) message_stack += '\n' + stack_[7]; | |
| if (stack_[8] && stack_[8].indexOf('bluebird') === -1 && stack_[8].indexOf('modules/error/api') === -1) message_stack += '\n' + stack_[8]; | |
| if (stack_[9] && stack_[9].indexOf('bluebird') === -1 && stack_[9].indexOf('modules/error/api') === -1) message_stack += '\n' + stack_[9]; | |
| return { | |
| apiError: true, | |
| message: "DDOS flood! Try after: " + time + " second(s).", | |
| errorType: 'api', | |
| level: 0, | |
| errorCode: 5030000, | |
| stack: (!!config.get('server:api:debug:stack')) ? message_stack : undefined, | |
| } | |
| } | |
| async function checkLockApi(key, floodSign, delay) { | |
| const key_method = 'lock-method-' + key; | |
| if (delay) | |
| await Promise.delay(delay); | |
| const value = await redisAsync.get(key_method); | |
| if (value !== floodSign) { | |
| const time = await redisAsync.ttl(key_method); | |
| if (time === -1) | |
| await redisAsync.del(key_method); | |
| return Promise.reject(DDOS_Error(time)); | |
| } | |
| return true | |
| } | |
| async function lockApi(key, block_sec) { | |
| await checkLockApi(key, null); | |
| const sign = Date.now() + random.str(10, 10); | |
| const key_method = 'lock-method-' + key; | |
| await redisAsync.set(key_method, sign, 'EX', block_sec); | |
| return sign | |
| } | |
| /** @name API.plugin.ddos */ | |
| module.exports = {checkLockApi: checkLockApi, lockApi: lockApi}; | |
| //docs | |
| // auth.ddosKey = 'balance-inc-' + auth.user._id; | |
| // const floodSign = await API.plugin.ddos.lockApi(auth.ddosKey, 10); // s | |
| // await API.plugin.ddos.checkLockApi(auth.ddosKey, floodSign, 50);// delay before check ms |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment