0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-06 22:40:14 -05:00
ghost/core/server/middleware/brute.js
Katharina Irrgang 7556e68c48 🎨 Ghost bootstrap: optimise requires (#8121)
* 🎨  Ghost bootstrap: optimise requires

no issue

- require as less as possible on bootstrap

* do not load icojs on bootstrap
2017-03-13 20:07:12 +00:00

77 lines
2.2 KiB
JavaScript

var url = require('url'),
spamPrevention = require('./api/spam-prevention');
/**
* We set ignoreIP to false, because we tell brute-knex to use `req.ip`.
* We can use `req.ip`, because express trust proxy option is enabled.
*/
module.exports = {
/**
* block per route per ip
*/
globalBlock: function (req, res, next) {
return spamPrevention.globalBlock().getMiddleware({
ignoreIP: false,
key: function (req, res, next) {
next(url.parse(req.url).pathname);
}
})(req, res, next);
},
/**
* block per route per ip
*/
globalReset: function (req, res, next) {
return spamPrevention.globalReset().getMiddleware({
ignoreIP: false,
key: function (req, res, next) {
next(url.parse(req.url).pathname);
}
})(req, res, next);
},
/**
* block per user
* username === email!
*/
userLogin: function (req, res, next) {
return spamPrevention.userLogin().getMiddleware({
ignoreIP: false,
key: function (req, res, next) {
if (req.body.username) {
return next(req.body.username + 'login');
}
if (req.body.authorizationCode) {
return next(req.body.authorizationCode + 'login');
}
if (req.body.refresh_token) {
return next(req.body.refresh_token + 'login');
}
return next();
}
})(req, res, next);
},
/**
* block per user
*/
userReset: function (req, res, next) {
return spamPrevention.userReset().getMiddleware({
ignoreIP: false,
key: function (req, res, next) {
next(req.body.username + 'reset');
}
})(req, res, next);
},
/**
* block per ip
*/
privateBlog: function (req, res, next) {
return spamPrevention.privateBlog().getMiddleware({
ignoreIP: false,
key: function (req, res, next) {
next('privateblog');
}
})(req, res, next);
}
};