sync/lib/io/ioserver.js

var sio = require("socket.io");
var parseCookie = require("cookie").parse;
var Logger = require("../logger");
var db = require("../database");
var User = require("../user");
var Server = require("../server");
var $util = require("../utilities");

var CONNECT_RATE = {
    burst: 5,
    sustained: 0.1
};

// Keep track of rate limiting by IP
var ipThrottle = {};
// Keep track of number of connections per IP
var ipCount = {};

/**
 * Called before an incoming socket.io connection is accepted.
 */
function handleAuth(data, accept) {
    data.user = false;
    if (data.headers.cookie) {
        data.cookie = parseCookie(data.headers.cookie);
        var auth = data.cookie.auth;
        db.users.verifyAuth(auth, function (err, user) {
            if (!err) {
                console.log('VERIFIED: ' + user.name + ' => ' + user.global_rank);
                data.user = {
                    name: user.name,
                    global_rank: user.global_rank
                };
            } else {
                console.log('Auth fail: ' + err);
            }
            accept(null, true);
        });
    } else {
        accept(null, true);
    }
}

/**
 * Called after a connection is accepted
 */
function handleConnection(sock) {
    sock._ip = sock.handshake.address.address;
    var ip = sock._ip;
    var srv = Server.getServer();
    if (srv.torblocker && srv.torblocker.shouldBlockIP(ip)) {
        sock.emit("kick", {
            reason: "This server does not allow connections from Tor.  "+
                    "Please log in with your regular internet connection."
        });
        Logger.syslog.log("Blocked Tor IP: " + ip);
        sock.disconnect(true);
        return;
    }

    if (!(ip in ipThrottle)) {
        ipThrottle[ip] = $util.newRateLimiter();
    }

    if (ipThrottle[ip].throttle(CONNECT_RATE)) {
        Logger.syslog.log("WARN: IP throttled: " + ip);
        sock.emit("kick", {
            reason: "Your IP address is connecting too quickly.  Please "+
                    "wait 10 seconds before joining again."
        });
        return;
    }

    // Check for global ban on the IP
    db.isGlobalIPBanned(ip, function (err, banned) {
        if (banned) {
            Logger.syslog.log("Disconnecting " + ip + " - global banned");
            sock.emit("kick", { reason: "Your IP is globally banned." });
            sock.disconnect(true);
        }
    });

    sock.on("disconnect", function () {
        ipCount[ip]--;
    });

    if (!(ip in ipCount)) {
        ipCount[ip] = 0;
    }

    ipCount[ip]++;
    if (ipCount[ip] > srv.cfg["ip-connection-limit"]) {
        sock.emit("kick", {
            reason: "Too many connections from your IP address"
        });
        sock.disconnect(true);
        return;
    }

    Logger.syslog.log("Accepted socket from " + ip);
    var user = new User(sock);
    if (sock.handshake.user) {
        user.name = sock.handshake.user.name;
        user.global_rank = sock.handshake.user.global_rank;
        user.loggedIn = true;
    }
}

module.exports = {
    init: function (srv) {
        var ioport = srv.cfg["io-port"];
        var webport = srv.cfg["web-port"];
        var app;
        if (ioport !== webport) {
            app = require("express")().listen(ioport, srv.cfg["express-host"]);
            srv.ioWeb = app;
        } else {
            app = srv.express;
        }

        srv.io = sio.listen(app);
        srv.io.set("log level", 1);
        srv.io.set("authorization", handleAuth);
        srv.io.on("connection", handleConnection);

        if (srv.cfg["enable-ssl"]) {
            srv.ioSecure = sio.listen(srv.https);
            srv.ioSecure.set("log level", 1);
            srv.ioSecure.set("authorization", handleAuth);
            srv.ioSecure.on("connection", handleConnection);
        }
    }
};
More refactoring 2013-12-12 23:09:49 +00:00			`var sio = require("socket.io");`
			`var parseCookie = require("cookie").parse;`
			`var Logger = require("../logger");`
			`var db = require("../database");`
			`var User = require("../user");`
			`var Server = require("../server");`
			`var $util = require("../utilities");`

			`var CONNECT_RATE = {`
			`burst: 5,`
			`sustained: 0.1`
			`};`

			`// Keep track of rate limiting by IP`
			`var ipThrottle = {};`
			`// Keep track of number of connections per IP`
			`var ipCount = {};`

			`/**`
			`* Called before an incoming socket.io connection is accepted.`
			`*/`
			`function handleAuth(data, accept) {`
			`data.user = false;`
			`if (data.headers.cookie) {`
			`data.cookie = parseCookie(data.headers.cookie);`
			`var auth = data.cookie.auth;`
			`db.users.verifyAuth(auth, function (err, user) {`
			`if (!err) {`
			`console.log('VERIFIED: ' + user.name + ' => ' + user.global_rank);`
			`data.user = {`
			`name: user.name,`
			`global_rank: user.global_rank`
			`};`
			`} else {`
			`console.log('Auth fail: ' + err);`
			`}`
			`accept(null, true);`
			`});`
			`} else {`
			`accept(null, true);`
			`}`
			`}`

			`/**`
			`* Called after a connection is accepted`
			`*/`
			`function handleConnection(sock) {`
			`sock._ip = sock.handshake.address.address;`
			`var ip = sock._ip;`
			`var srv = Server.getServer();`
			`if (srv.torblocker && srv.torblocker.shouldBlockIP(ip)) {`
			`sock.emit("kick", {`
			`reason: "This server does not allow connections from Tor. "+`
			`"Please log in with your regular internet connection."`
			`});`
			`Logger.syslog.log("Blocked Tor IP: " + ip);`
			`sock.disconnect(true);`
			`return;`
			`}`

			`if (!(ip in ipThrottle)) {`
			`ipThrottle[ip] = $util.newRateLimiter();`
			`}`

			`if (ipThrottle[ip].throttle(CONNECT_RATE)) {`
			`Logger.syslog.log("WARN: IP throttled: " + ip);`
			`sock.emit("kick", {`
			`reason: "Your IP address is connecting too quickly. Please "+`
			`"wait 10 seconds before joining again."`
			`});`
			`return;`
			`}`

			`// Check for global ban on the IP`
			`db.isGlobalIPBanned(ip, function (err, banned) {`
			`if (banned) {`
			`Logger.syslog.log("Disconnecting " + ip + " - global banned");`
			`sock.emit("kick", { reason: "Your IP is globally banned." });`
			`sock.disconnect(true);`
			`}`
			`});`

			`sock.on("disconnect", function () {`
			`ipCount[ip]--;`
			`});`

			`if (!(ip in ipCount)) {`
			`ipCount[ip] = 0;`
			`}`

			`ipCount[ip]++;`
			`if (ipCount[ip] > srv.cfg["ip-connection-limit"]) {`
			`sock.emit("kick", {`
			`reason: "Too many connections from your IP address"`
			`});`
			`sock.disconnect(true);`
			`return;`
			`}`

			`Logger.syslog.log("Accepted socket from " + ip);`
			`var user = new User(sock);`
			`if (sock.handshake.user) {`
			`user.name = sock.handshake.user.name;`
			`user.global_rank = sock.handshake.user.global_rank;`
			`user.loggedIn = true;`
			`}`
			`}`

			`module.exports = {`
			`init: function (srv) {`
			`var ioport = srv.cfg["io-port"];`
			`var webport = srv.cfg["web-port"];`
			`var app;`
			`if (ioport !== webport) {`
			`app = require("express")().listen(ioport, srv.cfg["express-host"]);`
			`srv.ioWeb = app;`
			`} else {`
			`app = srv.express;`
			`}`

			`srv.io = sio.listen(app);`
			`srv.io.set("log level", 1);`
			`srv.io.set("authorization", handleAuth);`
			`srv.io.on("connection", handleConnection);`

			`if (srv.cfg["enable-ssl"]) {`
			`srv.ioSecure = sio.listen(srv.https);`
			`srv.ioSecure.set("log level", 1);`
			`srv.ioSecure.set("authorization", handleAuth);`
			`srv.ioSecure.on("connection", handleConnection);`
			`}`
			`}`
			`};`