1
0
mirror of https://github.com/KubaPro010/fm-dx-webserver.git synced 2026-02-27 14:33:52 +01:00

hotfix no2

This commit is contained in:
NoobishSVK
2024-11-03 20:09:28 +01:00
parent 1aa8615037
commit ae803ff155

View File

@@ -364,28 +364,70 @@ wss.on('connection', (ws, request) => {
currentUsers++; currentUsers++;
} }
// Map to store command timestamps per user to prevent spam dataHandler.showOnlineUsers(currentUsers);
if(currentUsers === 1 && serverConfig.autoShutdown === true && serverConfig.xdrd.wirelessConnection) {
serverConfig.xdrd.wirelessConnection === true ? connectToXdrd() : serialport.write('x\n');
}
https.get(`https://ipinfo.io/${clientIp}/json`, (response) => {
let data = '';
response.on('data', (chunk) => {
data += chunk;
});
response.on('end', () => {
try {
const locationInfo = JSON.parse(data);
const options = { year: 'numeric', month: 'numeric', day: 'numeric', hour: '2-digit', minute: '2-digit' };
const connectionTime = new Date().toLocaleString([], options);
if(locationInfo.country === undefined) {
const userData = { ip: clientIp, location: 'Unknown', time: connectionTime, instance: ws };
storage.connectedUsers.push(userData);
logInfo(`Web client \x1b[32mconnected\x1b[0m (${clientIp}) \x1b[90m[${currentUsers}]\x1b[0m`);
} else {
const userLocation = `${locationInfo.city}, ${locationInfo.region}, ${locationInfo.country}`;
const userData = { ip: clientIp, location: userLocation, time: connectionTime, instance: ws };
storage.connectedUsers.push(userData);
logInfo(`Web client \x1b[32mconnected\x1b[0m (${clientIp}) \x1b[90m[${currentUsers}]\x1b[0m Location: ${locationInfo.city}, ${locationInfo.region}, ${locationInfo.country}`);
}
} catch (error) {
logInfo(`Web client \x1b[32mconnected\x1b[0m (${clientIp}) \x1b[90m[${currentUsers}]\x1b[0m`);
}
});
}).on('error', (err) => {
logInfo(`Web client \x1b[32mconnected\x1b[0m (${clientIp}) \x1b[90m[${currentUsers}]\x1b[0m`);
});
// Anti-spam tracking for each client
const userCommands = {}; const userCommands = {};
ws.on('message', (message) => { ws.on('message', (message) => {
const command = message.toString(); const command = message.toString();
logDebug(`Command received from \x1b[90m${clientIp}\x1b[0m: ${command}`); logDebug(`Command received from \x1b[90m${clientIp}\x1b[0m: ${command}`);
// Anti-spam check: initialize command history for this client if not existing
if (!userCommands[command]) { if (!userCommands[command]) {
userCommands[command] = []; userCommands[command] = [];
} }
// Record the current timestamp for this command
const now = Date.now(); const now = Date.now();
userCommands[command].push(now); userCommands[command].push(now);
// Remove timestamps older than 1 second
userCommands[command] = userCommands[command].filter(timestamp => now - timestamp <= 1000); userCommands[command] = userCommands[command].filter(timestamp => now - timestamp <= 1000);
if (userCommands[command].length > 5) { // If command count exceeds 3 in a second, close connection
if (userCommands[command].length > 3) {
logWarn(`User \x1b[90m${clientIp}\x1b[0m is spamming command "${command}". Connection will be terminated.`); logWarn(`User \x1b[90m${clientIp}\x1b[0m is spamming command "${command}". Connection will be terminated.`);
ws.close(1008, 'Spamming detected'); ws.close(1008, 'Spamming detected');
return; return;
} }
// Existing command processing logic
if ((command.startsWith('X') || command.startsWith('Y')) && !request.session.isAdminAuthenticated) { if ((command.startsWith('X') || command.startsWith('Y')) && !request.session.isAdminAuthenticated) {
logWarn(`User \x1b[90m${clientIp}\x1b[0m attempted to send a potentially dangerous command. You may consider blocking this user.`); logWarn(`User \x1b[90m${clientIp}\x1b[0m attempted to send a potentially dangerous command. You may consider blocking this user.`);
return; return;
@@ -477,6 +519,7 @@ wss.on('connection', (ws, request) => {
ws.on('error', console.error); ws.on('error', console.error);
}); });
// CHAT WEBSOCKET BLOCK // CHAT WEBSOCKET BLOCK
chatWss.on('connection', (ws, request) => { chatWss.on('connection', (ws, request) => {
const clientIp = request.headers['x-forwarded-for'] || request.connection.remoteAddress; const clientIp = request.headers['x-forwarded-for'] || request.connection.remoteAddress;