diff options
Diffstat (limited to 'src/routers/vault/middlewares/evol/account.js')
-rw-r--r-- | src/routers/vault/middlewares/evol/account.js | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/src/routers/vault/middlewares/evol/account.js b/src/routers/vault/middlewares/evol/account.js index 50248b2..3a22158 100644 --- a/src/routers/vault/middlewares/evol/account.js +++ b/src/routers/vault/middlewares/evol/account.js @@ -42,6 +42,17 @@ const get_accounts = async (req, res, next) => { return; } + if (session.strictIPCheck && session.ip !== req.ip) { + // the ip is not the same + res.status(403).json({ + status: "error", + error: "ip address mismatch", + }); + req.app.locals.logger.warn(`Vault.evol.account: ip address mismatch <${session.vault}@vault> [${req.ip}]`); + req.app.locals.cooldown(req, 3e5); + return; + } + res.status(200).json({ status: "success", accounts: session.gameAccounts, @@ -96,6 +107,17 @@ const new_account = async (req, res, next) => { return; } + if (session.strictIPCheck && session.ip !== req.ip) { + // the ip is not the same + res.status(403).json({ + status: "error", + error: "ip address mismatch", + }); + req.app.locals.logger.warn(`Vault.evol.account: ip address mismatch <${session.vault}@vault> [${req.ip}]`); + req.app.locals.cooldown(req, 3e5); + return; + } + // this check is necessary because login.userid has no UNIQUE constraint const existing = await req.app.locals.evol.login.findOne({ where: {userid: req.body.username} @@ -190,6 +212,17 @@ const update_account = async (req, res, next) => { return; } + if (session.strictIPCheck && session.ip !== req.ip) { + // the ip is not the same + res.status(403).json({ + status: "error", + error: "ip address mismatch", + }); + req.app.locals.logger.warn(`Vault.evol.account: ip address mismatch <${session.vault}@vault> [${req.ip}]`); + req.app.locals.cooldown(req, 3e5); + return; + } + let account = null; for (const acc of session.gameAccounts) { if (acc.accountId === req.body.accountId) { |