How to use the server/utils/misc.getRemoteIp function in server

To help you get started, we’ve selected a few server examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github freedomexio / rocketx-condenser / server / sign_up_pages / enter_confirm_mobile.jsx View on Github external
provider: "phone",
                user_id,
                uid: this.session.uid,
                phone,
                verified: false,
                confirmation_code
            });
        }
        console.log(
            '-- /submit_mobile -->',
            this.session.uid,
            this.session.user,
            phone,
            mid.id
        );
        const ip = getRemoteIp(this.req);

        // const twilioResult = yield twilioVerify(phone);
        // console.log('-- /submit_mobile twilioResult -->', twilioResult);
        //
        // if (twilioResult === 'block') {
        //     mid.update({score: 111111});
        //     this.flash = { error: 'Unable to verify your phone number. Please try a different phone number.' };
        //     this.redirect(enterMobileUrl);
        //     return;
        // }

        const verifyResult = yield teleSignVerify({
            mobile: phone,
            confirmation_code,
            ip,
            ignore_score: true //twilioResult === 'pass'
github freedomexio / rocketx-condenser / src / server / api / general.js View on Github external
.sha256(crypto.randomBytes(32))
                .toString('hex');
            yield user.update({ creation_hash: creationHash });

            // disable session/multi account for now

            // const existing_created_account = yield models.Account.findOne({
            //     attributes: ['id'],
            //     where: {user_id, ignored: false, created: true},
            //     order: 'id DESC'
            // });
            // if (existing_created_account) {
            //     throw new Error("Only one Steem account per user is allowed in order to prevent abuse");
            // }

            const remote_ip = getRemoteIp(this.req);
            // rate limit account creation to one per IP every 10 minutes
            const same_ip_account = yield models.Account.findOne({
                attributes: ['created_at'],
                where: { remote_ip: esc(remote_ip), created: true },
                order: 'id DESC',
            });
            if (same_ip_account) {
                const minutes =
                    (Date.now() - same_ip_account.created_at) / 60000;
                if (minutes < 10) {
                    console.log(
                        `api /accounts: IP rate limit for user ${
                            this.session.uid
                        } #${user_id}, IP ${remote_ip}`
                    );
                    throw new Error(
github freedomexio / rocketx-condenser / src / server / api / general.js View on Github external
.sha256(crypto.randomBytes(32))
                .toString('hex');
            yield user.update({ creation_hash: creationHash });

            // disable session/multi account for now

            // const existing_created_account = yield models.Account.findOne({
            //     attributes: ['id'],
            //     where: {user_id, ignored: false, created: true},
            //     order: 'id DESC'
            // });
            // if (existing_created_account) {
            //     throw new Error("Only one Steem account per user is allowed in order to prevent abuse");
            // }

            const remote_ip = getRemoteIp(this.req);
            // rate limit account creation to one per IP every 10 minutes
            const same_ip_account = yield models.Account.findOne({
                attributes: ['created_at'],
                where: { remote_ip: esc(remote_ip), created: true },
                order: 'id DESC',
            });
            if (same_ip_account) {
                const minutes =
                    (Date.now() - same_ip_account.created_at) / 60000;
                if (minutes < 10) {
                    console.log(
                        `api /accounts: IP rate limit for user ${
                            this.session.uid
                        } #${user_id}, IP ${remote_ip}`
                    );
                    throw new Error(
github freedomexio / rocketx-condenser / src / server / api / account_recovery.js View on Github external
router.post('/initiate_account_recovery', koaBody, function *() {
        if (rateLimitReq(this, this.req)) return;
        let params = this.request.body;
        params = typeof(params) === 'string' ? JSON.parse(params) : params;
        if (!checkCSRF(this, params.csrf)) return;
        console.log('-- /initiate_account_recovery -->', this.session.uid, params);
        this.session.recover_account = null;
        if (!params.account_name) {
            this.status = 500;
            this.body = 'please provide account name';
            return;
        }
        const attrs = {uid: this.session.uid, status: 'open', ...params};
        attrs.remote_ip = getRemoteIp(this.req);
        const request = yield models.AccountRecoveryRequest.create(escAttrs(attrs));
        console.log('-- /initiate_account_recovery request id -->', this.session.uid, request.id);
        this.session.arec = request.id;
        this.redirect('/connect/' + params.provider);
    });
github freedomexio / rocketx-condenser / src / server / api / general.js View on Github external
},
                        } = chainAccount;
                        verify(
                            'posting',
                            signatures.posting,
                            posting_pubkey,
                            weight,
                            weight_threshold
                        );
                        if (auth.posting) this.session.a = account;
                    }
                }
            }

            this.body = JSON.stringify({ status: 'ok' });
            const remote_ip = getRemoteIp(this.req);
            if (mixpanel) {
                mixpanel.people.set(this.session.uid, {
                    ip: remote_ip,
                    $ip: remote_ip,
                });
                mixpanel.people.increment(this.session.uid, 'Logins', 1);
            }
        } catch (error) {
            console.error(
                'Error in /login_account api call',
                this.session.uid,
                error.message
            );
            this.body = JSON.stringify({ error: error.message });
            this.status = 500;
        }
github freedomexio / rocketx-condenser / src / server / api / general.js View on Github external
verify(
                            'posting',
                            signatures.posting,
                            posting_pubkey,
                            weight,
                            weight_threshold
                        );
                        if (auth.posting) this.session.a = account;
                    }
                }
            }

            this.body = JSON.stringify({
                status: 'ok',
            });
            const remote_ip = getRemoteIp(this.req);
            if (mixpanel) {
                mixpanel.people.set(this.session.uid, {
                    ip: remote_ip,
                    $ip: remote_ip,
                });
                mixpanel.people.increment(this.session.uid, 'Logins', 1);
            }
        } catch (error) {
            console.error(
                'Error in /login_account api call',
                this.session.uid,
                error.message
            );
            this.body = JSON.stringify({
                error: error.message,
            });
github freedomexio / rocketx-condenser / server / api / account_recovery.js View on Github external
if (!checkCSRF(this, csrf)) return;
        console.log('-- /initiate_account_recovery_with_email -->', this.session.uid, contact_email, account_name, owner_key);
        if (!account_name || !contact_email || !owner_key) {
            this.body = JSON.stringify({status: 'error'});
            return;
        }
        const arec = yield models.AccountRecoveryRequest.findOne({
            attributes: ['id'],
            where: escAttrs({account_name, contact_email})
        });
        if (arec) {
            this.body = JSON.stringify({status: 'duplicate'});
            return;
        }
        const attrs = {uid: this.session.uid, status: 'open', contact_email, account_name, owner_key, provider: 'email'};
        attrs.remote_ip = getRemoteIp(this.req);
        const request = yield models.AccountRecoveryRequest.create(escAttrs(attrs));
        console.log('-- initiate_account_recovery_with_email  -->', this.session.uid, request.id, account_name, owner_key);
        this.body = JSON.stringify({status: 'ok'});
    });
}
github freedomexio / rocketx-condenser / src / server / api / general.js View on Github external
router.post('/accounts_wait', koaBody, function*() {
        if (rateLimitReq(this, this.req)) return;
        const params = this.request.body;
        const account =
            typeof params === 'string' ? JSON.parse(params) : params;
        const remote_ip = getRemoteIp(this.req);
        if (!checkCSRF(this, account.csrf)) return;
        logRequest('accounts_wait', this, { account });
        const user_id = this.session.user;
        try {
            models.Account.create(
                escAttrs({
                    user_id,
                    name: account.name,
                    owner_key: account.owner_key,
                    active_key: account.active_key,
                    posting_key: account.posting_key,
                    memo_key: account.memo_key,
                    remote_ip,
                    referrer: this.session.r,
                    created: false,
                })
github freedomexio / rocketx-condenser / src / server / api / general.js View on Github external
function logRequest(path, ctx, extra) {
    let d = { ip: getRemoteIp(ctx.req) };
    if (ctx.session) {
        if (ctx.session.user) {
            d.user = ctx.session.user;
        }
        if (ctx.session.uid) {
            d.uid = ctx.session.uid;
        }
        if (ctx.session.a) {
            d.account = ctx.session.a;
        }
    }
    if (extra) {
        Object.keys(extra).forEach(k => {
            const nk = d[k] ? '_' + k : k;
            d[nk] = extra[k];
        });
github freedomexio / rocketx-condenser / src / server / api / general.js View on Github external
function logRequest(path, ctx, extra) {
    let d = { ip: getRemoteIp(ctx.req) };
    if (ctx.session) {
        if (ctx.session.user) {
            d.user = ctx.session.user;
        }
        if (ctx.session.uid) {
            d.uid = ctx.session.uid;
        }
        if (ctx.session.a) {
            d.account = ctx.session.a;
        }
    }
    if (extra) {
        Object.keys(extra).forEach(k => {
            const nk = d[k] ? '_' + k : k;
            d[nk] = extra[k];
        });