kuba/fm-dx-webserver
1
0
Fork 0
mirror of https://github.com/KubaPro010/fm-dx-webserver.git synced 2026-02-26 22:13:53 +01:00
Code Issues Activity

banlist & config fixes

Browse Source
This commit is contained in:
Marek Farkaš
2025-01-11 20:30:57 +01:00
parent 4d3380f068
commit 49c6e08b98
9 changed files with 157 additions and 156 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
server/endpoints.js
View File

@@ -19,7 +19,10 @@ const { allPluginConfigs } = require('./plugins');
// Endpoints
router.get('/', (req, res) => {
let requestIp = req.headers['x-forwarded-for'] || req.connection.remoteAddress;
if(serverConfig.webserver.banlist.includes(requestIp)) {
const normalizedIp = requestIp.replace(/^::ffff:/, '');
const isBanned = serverConfig.webserver.banlist.some(banEntry => banEntry[0] === normalizedIp);
if (isBanned) {
res.render('403');
logInfo(`Web client (${requestIp}) is banned`);
return;
@@ -164,7 +167,12 @@ router.get('/rdsspy', (req, res) => {
router.get('/api', (req, res) => {
const { ps_errors, rt0_errors, rt1_errors, ims, eq, ant, st_forced, previousFreq, txInfo, ...dataToSend } = dataHandler.dataToSend;
res.json(dataToSend);
res.json({
...dataToSend,
txInfo: txInfo,
ps_errors: ps_errors,
ant: ant
});
});
@@ -212,16 +220,47 @@ router.get('/kick', (req, res) => {
});
router.get('/addToBanlist', (req, res) => {
const ipAddress = req.query.ip; // Extract the IP address parameter from the query string
// Terminate the WebSocket connection for the specified IP address
if(req.session.isAdminAuthenticated) {
helpers.kickClient(ipAddress);
const ipAddress = req.query.ip;
const location = 'Unknown';
const date = Date.now();
const reason = req.query.reason;
userBanData = [ipAddress, location, date, reason];
if (typeof serverConfig.webserver.banlist !== 'object') {
serverConfig.webserver.banlist = [];
}
if (req.session.isAdminAuthenticated) {
serverConfig.webserver.banlist.push(userBanData);
configSave();
res.json({ success: true, message: 'IP address added to banlist.' });
helpers.kickClient(ipAddress);
} else {
res.status(403).json({ success: false, message: 'Unauthorized access.' });
}
setTimeout(() => {
res.redirect('/setup');
}, 500);
});
router.get('/removeFromBanlist', (req, res) => {
const ipAddress = req.query.ip;
if (typeof serverConfig.webserver.banlist !== 'object') {
serverConfig.webserver.banlist = [];
}
const banIndex = serverConfig.webserver.banlist.findIndex(ban => ban[0] === ipAddress);
if (banIndex === -1) {
return res.status(404).json({ success: false, message: 'IP address not found in banlist.' });
}
serverConfig.webserver.banlist.splice(banIndex, 1);
configSave();
res.json({ success: true, message: 'IP address removed from banlist.' });
});
router.post('/saveData', (req, res) => {
const data = req.body;
let firstSetup;
@@ -290,6 +329,7 @@ router.get('/static_data', (req, res) => {
rdsMode: serverConfig.webserver.rdsMode || false,
tunerName: serverConfig.identification.tunerName || '',
tunerDesc: serverConfig.identification.tunerDesc || '',
ant: serverConfig.antennas || {}
});
});

15
server/helpers.js
View File

@@ -181,12 +181,15 @@ function antispamProtection(message, clientIp, ws, userCommands, lastWarn, userC
if (userCommandHistory[clientIp].length >= 8) {
consoleCmd.logWarn(`User \x1b[90m${clientIp}\x1b[0m is spamming with rapid commands. Connection will be terminated and user will be banned.`);
// Add to banlist if not already banned
if (!serverConfig.webserver.banlist.includes(clientIp)) {
serverConfig.webserver.banlist.push(clientIp);
consoleCmd.logInfo(`User \x1b[90m${clientIp}\x1b[0m has been added to the banlist due to extreme spam.`);
configSave();
}
// Check if the normalized IP is already in the banlist
const isAlreadyBanned = serverConfig.webserver.banlist.some(banEntry => banEntry[0] === normalizedClientIp);
if (!isAlreadyBanned) {
// Add the normalized IP to the banlist
serverConfig.webserver.banlist.push([normalizedClientIp, 'Unknown', Date.now(), '[Auto ban] Spam']);
consoleCmd.logInfo(`User \x1b[90m${normalizedClientIp}\x1b[0m has been added to the banlist due to extreme spam.`);
configSave();
}
ws.close(1008, 'Bot-like behavior detected');
return command; // Return command value before closing connection

29
server/server_config.js
View File

@@ -8,7 +8,7 @@ let configName = 'config';
const index = process.argv.indexOf('--config');
if (index !== -1 && index + 1 < process.argv.length) {
configName = process.argv[index + 1];
logInfo('Loading with a custom config file:', configName + '.json')
logInfo('Loading with a custom config file:', configName + '.json');
}
const configPath = path.join(__dirname, '../' + configName + '.json');
@@ -99,16 +99,19 @@ let serverConfig = {
lockToAdmin: false,
autoShutdown: false,
enableDefaultFreq: false,
defaultFreq: "87.5"
defaultFreq: "87.5",
testThing: "yes it works"
};
function deepMerge(target, source)
{
function deepMerge(target, source) {
Object.keys(source).forEach(function(key) {
if (typeof target[key] === 'object' && target[key] !== null) {
deepMerge(target[key], source[key]);
if (typeof source[key] === 'object' && source[key] !== null) {
if (!target[key]) target[key] = {}; // Create missing object
deepMerge(target[key], source[key]); // Recursively merge
} else {
target[key] = source[key];
if (target[key] === undefined) {
target[key] = source[key]; // Add missing fields
}
}
});
}
@@ -124,7 +127,6 @@ function configUpdate(newConfig) {
deepMerge(serverConfig, newConfig);
}
function configSave() {
fs.writeFile(configPath, JSON.stringify(serverConfig, null, 2), (err) => {
if (err) {
@@ -139,9 +141,16 @@ function configExists() {
return fs.existsSync(configPath);
}
if (fs.existsSync(configPath)) {
if (configExists()) {
const configFileContents = fs.readFileSync(configPath, 'utf8');
serverConfig = JSON.parse(configFileContents);
try {
const configFile = JSON.parse(configFileContents);
deepMerge(configFile, serverConfig);
serverConfig = configFile;
configSave();
} catch (err) {
logError('Error parsing config file:', err);
}
}
module.exports = {