From ff2c1fe8133f9556f6aaa52058cd8b83c40085e6 Mon Sep 17 00:00:00 2001 From: Rigel Kent Date: Tue, 22 May 2018 19:43:13 +0200 Subject: feature: IP filtering on signup page disable registration form on IP not in range checking the CIDR list before filtering with it placing the cidr filters as an attribute object in the config --- server/middlewares/validators/users.ts | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) (limited to 'server/middlewares/validators') diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts index 247b704c4..4ad0e33da 100644 --- a/server/middlewares/validators/users.ts +++ b/server/middlewares/validators/users.ts @@ -16,8 +16,8 @@ import { } from '../../helpers/custom-validators/users' import { isVideoExist } from '../../helpers/custom-validators/videos' import { logger } from '../../helpers/logger' -import { isSignupAllowed } from '../../helpers/utils' -import { CONSTRAINTS_FIELDS } from '../../initializers' +import { isSignupAllowed, isSignupAllowedForCurrentIP } from '../../helpers/utils' +import { CONFIG, CONSTRAINTS_FIELDS } from '../../initializers' import { Redis } from '../../lib/redis' import { UserModel } from '../../models/account/user' import { areValidationErrors } from './utils' @@ -177,6 +177,20 @@ const ensureUserRegistrationAllowed = [ } ] +const ensureUserRegistrationAllowedForIP = [ + async (req: express.Request, res: express.Response, next: express.NextFunction) => { + const allowed = isSignupAllowedForCurrentIP(req.ip) + + if (allowed === false) { + return res.status(403) + .send({ error: 'You are not on a network authorized for registration.' }) + .end() + } + + return next() + } +] + const usersAskResetPasswordValidator = [ body('email').isEmail().not().isEmpty().withMessage('Should have a valid email'), @@ -230,6 +244,7 @@ export { usersUpdateMeValidator, usersVideoRatingValidator, ensureUserRegistrationAllowed, + ensureUserRegistrationAllowedForIP, usersGetValidator, usersUpdateMyAvatarValidator, usersAskResetPasswordValidator, -- cgit v1.2.3