diff options
Diffstat (limited to 'src/routers/vault/middlewares/legacy/account.js')
| -rw-r--r-- | src/routers/vault/middlewares/legacy/account.js | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/src/routers/vault/middlewares/legacy/account.js b/src/routers/vault/middlewares/legacy/account.js index fb507de..29da5a6 100644 --- a/src/routers/vault/middlewares/legacy/account.js +++ b/src/routers/vault/middlewares/legacy/account.js @@ -48,6 +48,17 @@ const get_accounts = async (req, res, next) => { return; } + if (session.strictIPCheck && session.ip !== req.ip) { + // the ip is not the same + res.status(403).json({ + status: "error", + error: "ip address mismatch", + }); + req.app.locals.logger.warn(`Vault.legacy.account: ip address mismatch <${session.vault}@vault> [${req.ip}]`); + req.app.locals.cooldown(req, 3e5); + return; + } + res.status(200).json({ status: "success", accounts: session.legacyAccounts, @@ -101,6 +112,17 @@ const claim_by_password = async (req, res, next) => { return; } + if (session.strictIPCheck && session.ip !== req.ip) { + // the ip is not the same + res.status(403).json({ + status: "error", + error: "ip address mismatch", + }); + req.app.locals.logger.warn(`Vault.legacy.account: ip address mismatch <${session.vault}@vault> [${req.ip}]`); + req.app.locals.cooldown(req, 3e5); + return; + } + const legacy = await req.app.locals.legacy.login.findOne({ where: {userid: req.body.username} }); @@ -255,6 +277,17 @@ const migrate = async (req, res, next) => { return; } + if (session.strictIPCheck && session.ip !== req.ip) { + // the ip is not the same + res.status(403).json({ + status: "error", + error: "ip address mismatch", + }); + req.app.locals.logger.warn(`Vault.legacy.account: ip address mismatch <${session.vault}@vault> [${req.ip}]`); + req.app.locals.cooldown(req, 3e5); + return; + } + let legacy = null; // check if we own it |