add: ban ipv6 addresses by prefix
assumes all ipv6 addresses have 64-bit prefix (8 bytes at the start + 2 bytes for colons)
This commit is contained in:
parent
2b91422d18
commit
d7e800fcb4
6 changed files with 128 additions and 4 deletions
|
|
@ -5,7 +5,7 @@ use crate::{
|
|||
};
|
||||
use axum::{Extension, Json, extract::Path, response::IntoResponse};
|
||||
use axum_extra::extract::CookieJar;
|
||||
use tetratto_core::model::{auth::IpBan, permissions::FinePermission};
|
||||
use tetratto_core::model::{addr::RemoteAddr, auth::IpBan, permissions::FinePermission};
|
||||
|
||||
/// Create a new IP ban.
|
||||
pub async fn create_request(
|
||||
|
|
@ -24,7 +24,14 @@ pub async fn create_request(
|
|||
return Json(Error::NotAllowed.into());
|
||||
}
|
||||
|
||||
match data.create_ipban(IpBan::new(ip, user.id, req.reason)).await {
|
||||
match data
|
||||
.create_ipban(IpBan::new(
|
||||
RemoteAddr::from(ip.as_str()).prefix(None),
|
||||
user.id,
|
||||
req.reason,
|
||||
))
|
||||
.await
|
||||
{
|
||||
Ok(_) => Json(ApiReturn {
|
||||
ok: true,
|
||||
message: "IP ban created".to_string(),
|
||||
|
|
|
|||
|
|
@ -18,6 +18,7 @@ use axum::{
|
|||
};
|
||||
use axum_extra::extract::CookieJar;
|
||||
use serde::Deserialize;
|
||||
use tetratto_core::model::addr::RemoteAddr;
|
||||
use tetratto_shared::hash::hash;
|
||||
|
||||
use cf_turnstile::{SiteVerifyRequest, TurnstileClient};
|
||||
|
|
@ -52,7 +53,11 @@ pub async fn register_request(
|
|||
.to_string();
|
||||
|
||||
// check for ip ban
|
||||
if data.get_ipban_by_ip(&real_ip).await.is_ok() {
|
||||
if data
|
||||
.get_ipban_by_addr(RemoteAddr::from(real_ip.as_str()))
|
||||
.await
|
||||
.is_ok()
|
||||
{
|
||||
return (None, Json(Error::NotAllowed.into()));
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,12 @@
|
|||
use axum::{extract::Path, response::IntoResponse, Extension, Json};
|
||||
use axum::{
|
||||
extract::Path,
|
||||
http::{HeaderMap, HeaderValue},
|
||||
response::IntoResponse,
|
||||
Extension, Json,
|
||||
};
|
||||
use axum_extra::extract::CookieJar;
|
||||
use tetratto_core::model::{
|
||||
addr::RemoteAddr,
|
||||
communities::Post,
|
||||
permissions::FinePermission,
|
||||
uploads::{MediaType, MediaUpload},
|
||||
|
|
@ -18,6 +24,7 @@ pub const MAXIMUM_FILE_SIZE: usize = 4194304;
|
|||
|
||||
pub async fn create_request(
|
||||
jar: CookieJar,
|
||||
headers: HeaderMap,
|
||||
Extension(data): Extension<State>,
|
||||
JsonMultipart(images, req): JsonMultipart<CreatePost>,
|
||||
) -> impl IntoResponse {
|
||||
|
|
@ -42,6 +49,24 @@ pub async fn create_request(
|
|||
);
|
||||
}
|
||||
|
||||
// get real ip
|
||||
let real_ip = headers
|
||||
.get(data.0.security.real_ip_header.to_owned())
|
||||
.unwrap_or(&HeaderValue::from_static(""))
|
||||
.to_str()
|
||||
.unwrap_or("")
|
||||
.to_string();
|
||||
|
||||
// check for ip ban
|
||||
if data
|
||||
.get_ipban_by_addr(RemoteAddr::from(real_ip.as_str()))
|
||||
.await
|
||||
.is_ok()
|
||||
{
|
||||
return Json(Error::NotAllowed.into());
|
||||
}
|
||||
|
||||
// ...
|
||||
let mut props = Post::new(
|
||||
req.content,
|
||||
match req.community.parse::<usize>() {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue