summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/api.js18
-rw-r--r--src/routers/tmwa/index.js8
-rw-r--r--src/routers/tmwa/middlewares/account.js8
3 files changed, 16 insertions, 18 deletions
diff --git a/src/api.js b/src/api.js
index f33aca4..4e1e6f8 100644
--- a/src/api.js
+++ b/src/api.js
@@ -41,7 +41,6 @@ const checkCaptcha = (req, res, next) => {
status: "error",
error: "no token sent"
});
- console.info("a request with an empty token was received", req.ip);
req.app.locals.rate_limiting.add(req.ip);
setTimeout(() => req.app.locals.rate_limiting.delete(req.ip), 300000);
return false;
@@ -51,13 +50,17 @@ const checkCaptcha = (req, res, next) => {
re.setEncoding("utf8");
re.on("data", response => {
const data = JSON.parse(response);
- if (!data.success) {
- console.error(`recaptcha returned an error: ${response}`);
+ if (!Reflect.has(data, "success") || data.success !== true) {
+ if (Reflect.has(data, "error-codes")) {
+ const error_codes = data["error-codes"].toString();
+ if (error_codes !== "invalid-input-response") {
+ console.error("reCAPTCHA returned an error: %s", error_codes);
+ }
+ }
res.status(403).json({
status: "error",
error: "captcha validation failed"
});
- console.info("a request failed to validate", req.ip);
req.app.locals.rate_limiting.add(req.ip);
setTimeout(() => req.app.locals.rate_limiting.delete(req.ip), 300000);
return false;
@@ -69,9 +72,9 @@ const checkCaptcha = (req, res, next) => {
console.error(error);
res.status(403).json({
status: "error",
- error: "recaptcha couldn't be reached"
+ error: "reCAPTCHA couldn't be reached"
});
- console.warn("reCaptcha couldn't be reached");
+ console.warn("reCAPTCHA couldn't be reached");
return false;
})
};
@@ -119,9 +122,8 @@ api.use((req, res, next) => {
status: "error",
error: "unknown endpoint"
});
- console.info("a request for an unknown endpoint was received", req.ip, req.originalUrl);
});
api.set("trust proxy", "loopback"); // only allow localhost to communicate with the API
api.disable("x-powered-by"); // we don't need this header
-api.listen(process.env.npm_package_config_port, () => console.info(`Listening on port ${process.env.npm_package_config_port}`));
+api.listen(process.env.npm_package_config_port, () => console.info("Listening on port %d", process.env.npm_package_config_port));
diff --git a/src/routers/tmwa/index.js b/src/routers/tmwa/index.js
index 7e1cefe..495240b 100644
--- a/src/routers/tmwa/index.js
+++ b/src/routers/tmwa/index.js
@@ -22,10 +22,8 @@ module.exports = exports = class TMWA {
this.router.get("/server", middlewares.server);
- this.router.all("/account", rate_limit); // filter out the flood
- this.router.all("/account", challenge); // require a captcha
- this.router.use("/account", express.json()); // parse the body as json
- this.router.post("/account", middlewares.account);
+ this.router.all("/account", rate_limit, challenge); // flood limit + captcha
+ this.router.post("/account", express.json(), middlewares.account);
tmwa_poll(this); // first heartbeat
@@ -39,7 +37,7 @@ const tmwa_poll = (_this) => {
const lines = data.split("\n");
if (err || lines.length < 2) {
- console.error("encountered an error while retrieving online.txt", err);
+ console.error("TMWA: encountered an error while retrieving online.txt", err);
_this.timeout = setTimeout(() => tmwa_poll(_this), 30000); // <= it failed, so check again later
return;
}
diff --git a/src/routers/tmwa/middlewares/account.js b/src/routers/tmwa/middlewares/account.js
index e29af24..1249618 100644
--- a/src/routers/tmwa/middlewares/account.js
+++ b/src/routers/tmwa/middlewares/account.js
@@ -10,7 +10,6 @@ module.exports = exports = (req, res, next) => {
status: "error",
error: "malformed request"
});
- console.info("a malformed request was received", req.ip, req.body);
req.app.locals.rate_limiting.add(req.ip);
setTimeout(() => req.app.locals.rate_limiting.delete(req.ip), 300000);
return;
@@ -22,7 +21,7 @@ module.exports = exports = (req, res, next) => {
status: "error",
error: "couldn't reach the database"
});
- console.warn("a connection with the database couldn't be established");
+ console.warn("TMWA.account: a connection with the database couldn't be established");
return;
}
@@ -40,7 +39,6 @@ module.exports = exports = (req, res, next) => {
status: "error",
error: "already exists"
});
- console.info("a request to create an already-existent account was received", req.ip, query_params.USERNAME);
req.app.locals.rate_limiting.add(req.ip);
setTimeout(() => req.app.locals.rate_limiting.delete(req.ip), 2000);
} else {
@@ -48,13 +46,13 @@ module.exports = exports = (req, res, next) => {
status: "error",
error: "couldn't add the user"
});
- console.error("an unexpected sql error occured", err);
+ console.error("TMWA.account: an unexpected sql error occured: %s", err.code);
}
} else {
res.status(201).json({
status: "success"
});
- console.info(`an account was created: ${query_params.USERNAME}`);
+ console.info("TMWA.account: an account was created: %s [%s]", query_params.USERNAME, req.ip);
req.app.locals.rate_limiting.add(req.ip);
setTimeout(() => req.app.locals.rate_limiting.delete(req.ip), 300000);
}