-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathATOStopper2.js
61 lines (48 loc) · 1.29 KB
/
ATOStopper2.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
'use strict';
const Redis = require('ioredis');
const redis = new Redis('cache:6379');
const blockList = [
'xsvscyb3r@gmail.com'
];
const badEmailDomains = [
'gmail.com'
];
const badEmailHandles = [
'Saya Adalah Peretas Topi Hitam'
];
const MINUTES_15 = 60 * 15;
async function assertSafe ({ email, ipAddress }) {
const [handle, domain] = email.split('@');
if (blockList.includes(email)) {
throw new Error('ATOStopper2: Blocked email');
}
if (badEmailHandles.includes(handle)) {
throw new Error('ATOStopper2: Blocked email handle');
}
if (badEmailDomains.includes(domain)) {
throw new Error('ATOStopper2: Blocked email domain');
}
const [ipResult] = await redis
.pipeline()
.incr(`ipAddress:${ipAddress}`)
.expire(`ipAddress:${ipAddress}`, MINUTES_15)
.get(`ipAddress:${ipAddress}`)
.exec();
const [, ipAddressCount] = ipResult;
if (ipAddressCount > 20) {
throw new Error('ATOStopper2: IP Address Velocity Exceeded');
}
const [emailResult] = await redis
.pipeline()
.incr(`email:${email}`)
.expire(`email:${email}`, MINUTES_15)
.get(`email:${email}`)
.exec();
const [, emailCount] = emailResult;
if (emailCount > 7) {
throw new Error('ATOStopper2: Email Velocity Exceeded');
}
}
module.exports = {
assertSafe
};