blsmedia/bot
2
0
Fork 0
Code Activity

(radar) Remove IP ban system

Browse Source
This commit is contained in:
Baptiste Arnaud
2024-01-02 10:16:10 +01:00
parent 624642974b
commit 7ce1a4d3d1
4 changed files with 5 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
apps/builder/src/features/auth/components/SignInForm.tsx
View File

@ -89,13 +89,7 @@ export const SignInForm = ({
redirect: false, redirect: false,
}) })
if (response?.error) { if (response?.error) {
if (response.error.includes('ip-banned')) if (response.error.includes('rate-limited'))
showToast({
status: 'info',
description:
'Your account has suspicious activity and is being reviewed by our team. Feel free to contact us.',
})
else if (response.error.includes('rate-limited'))
showToast({ showToast({
status: 'info', status: 'info',
description: t('auth.signinErrorToast.tooManyRequests'), description: t('auth.signinErrorToast.tooManyRequests'),

19
apps/builder/src/features/typebot/api/publishTypebot.ts
View File

@ -41,7 +41,7 @@ export const publishTypebot = authenticatedProcedure
message: z.literal('success'), message: z.literal('success'),
}) })
) )
.mutation(async ({ input: { typebotId }, ctx: { user, ip } }) => { .mutation(async ({ input: { typebotId }, ctx: { user } }) => {
const existingTypebot = await prisma.typebot.findFirst({ const existingTypebot = await prisma.typebot.findFirst({
where: { where: {
id: typebotId, id: typebotId,
@ -102,7 +102,7 @@ export const publishTypebot = authenticatedProcedure
const riskLevel = typebotWasVerified ? 0 : computeRiskLevel(existingTypebot) const riskLevel = typebotWasVerified ? 0 : computeRiskLevel(existingTypebot)
if (riskLevel > 0 && riskLevel !== existingTypebot.riskLevel) { if (riskLevel > 0 && riskLevel !== existingTypebot.riskLevel) {
if (env.MESSAGE_WEBHOOK_URL && riskLevel !== 100) if (env.MESSAGE_WEBHOOK_URL && riskLevel !== 100 && riskLevel > 60)
await fetch(env.MESSAGE_WEBHOOK_URL, { await fetch(env.MESSAGE_WEBHOOK_URL, {
method: 'POST', method: 'POST',
body: `⚠️ Suspicious typebot to be reviewed: ${existingTypebot.name} (${env.NEXTAUTH_URL}/typebots/${existingTypebot.id}/edit) (workspace: ${existingTypebot.workspaceId})`, body: `⚠️ Suspicious typebot to be reviewed: ${existingTypebot.name} (${env.NEXTAUTH_URL}/typebots/${existingTypebot.id}/edit) (workspace: ${existingTypebot.workspaceId})`,
@ -125,21 +125,6 @@ export const publishTypebot = authenticatedProcedure
id: existingTypebot.publishedTypebot.id, id: existingTypebot.publishedTypebot.id,
}, },
}) })
if (ip) {
const isIpAlreadyBanned = await prisma.bannedIp.findFirst({
where: {
ip,
},
})
if (!isIpAlreadyBanned)
await prisma.bannedIp.create({
data: {
ip,
responsibleTypebotId: existingTypebot.id,
userId: user.id,
},
})
}
throw new TRPCError({ throw new TRPCError({
code: 'FORBIDDEN', code: 'FORBIDDEN',
message: message:

3
apps/builder/src/helpers/server/context.ts
View File

@ -1,15 +1,12 @@
import { getAuthenticatedUser } from '@/features/auth/helpers/getAuthenticatedUser' import { getAuthenticatedUser } from '@/features/auth/helpers/getAuthenticatedUser'
import { inferAsyncReturnType } from '@trpc/server' import { inferAsyncReturnType } from '@trpc/server'
import * as trpcNext from '@trpc/server/adapters/next' import * as trpcNext from '@trpc/server/adapters/next'
import { getIp } from '@typebot.io/lib/getIp'
export async function createContext(opts: trpcNext.CreateNextContextOptions) { export async function createContext(opts: trpcNext.CreateNextContextOptions) {
const user = await getAuthenticatedUser(opts.req, opts.res) const user = await getAuthenticatedUser(opts.req, opts.res)
const ip = getIp(opts.req)
return { return {
user, user,
ip,
} }
} }

21
apps/builder/src/pages/api/auth/[...nextauth].ts
View File

@ -128,7 +128,7 @@ if (env.CUSTOM_OAUTH_WELL_KNOWN_URL) {
export const getAuthOptions = ({ export const getAuthOptions = ({
restricted, restricted,
}: { }: {
restricted?: 'ip-banned' | 'rate-limited' restricted?: 'rate-limited'
}): AuthOptions => ({ }): AuthOptions => ({
adapter: customAdapter(prisma), adapter: customAdapter(prisma),
secret: env.ENCRYPTION_SECRET, secret: env.ENCRYPTION_SECRET,
@ -159,7 +159,6 @@ export const getAuthOptions = ({
} }
}, },
signIn: async ({ account, user }) => { signIn: async ({ account, user }) => {
if (restricted === 'ip-banned') throw new Error('ip-banned')
if (restricted === 'rate-limited') throw new Error('rate-limited') if (restricted === 'rate-limited') throw new Error('rate-limited')
if (!account) return false if (!account) return false
const isNewUser = !('createdAt' in user && isDefined(user.createdAt)) const isNewUser = !('createdAt' in user && isDefined(user.createdAt))
@ -196,23 +195,7 @@ const handler = async (req: NextApiRequest, res: NextApiResponse) => {
const requestIsFromCompanyFirewall = req.method === 'HEAD' const requestIsFromCompanyFirewall = req.method === 'HEAD'
if (requestIsFromCompanyFirewall) return res.status(200).end() if (requestIsFromCompanyFirewall) return res.status(200).end()
let restricted: 'ip-banned' | 'rate-limited' | undefined let restricted: 'rate-limited' | undefined
if (
env.RADAR_HIGH_RISK_KEYWORDS &&
((req.method === 'POST' && req.url?.startsWith('/api/auth/signin')) ||
(req.method === 'GET' && req.url?.startsWith('/api/auth/callback')))
) {
const ip = getIp(req)
if (ip) {
const isIpBanned = await prisma.bannedIp.count({
where: {
ip,
},
})
if (isIpBanned) restricted = 'ip-banned'
}
}
if ( if (
rateLimit && rateLimit &&