From b39367c4b48040a689d5eb71856e0acd505b6236 Mon Sep 17 00:00:00 2001 From: Daniel Seripap Date: Thu, 12 Jan 2017 20:06:35 -0500 Subject: [PATCH] Added baseline for ratelimits --- src/app.js | 2 +- src/js/app.js | 6 ++++++ src/room.js | 40 +++++++++++++++++++++++++++++++++++++++- src/views/index.mustache | 2 -- 4 files changed, 46 insertions(+), 4 deletions(-) diff --git a/src/app.js b/src/app.js index f903755..4822de2 100644 --- a/src/app.js +++ b/src/app.js @@ -37,7 +37,7 @@ function generateNewRoom(req, res, id) { return res.redirect(`/${id}`); } -app.get('/', (req, res) => generateNewRoom(req, res, 'lobby')); +app.get('/', (req, res) => generateNewRoom(req, res, shortid.generate())); app.get('/:roomId', (req, res) => { const stripName = (name) => { diff --git a/src/js/app.js b/src/js/app.js index 68530fb..01f5f01 100644 --- a/src/js/app.js +++ b/src/js/app.js @@ -49,6 +49,12 @@ export default class App { this._chat.inputMessage.focus(); }); + this._socket.on('rated', () => { + this._chat.log('You are sending messages to fast, please slow down. Your last message was ignored.', { + error: true, + }); + }); + // Whenever the server emits 'login', log the login message this._socket.on('user joined', (data) => { this._darkwire.connected = true; diff --git a/src/room.js b/src/room.js index acd0455..49a3ec6 100644 --- a/src/room.js +++ b/src/room.js @@ -8,6 +8,8 @@ class Room { this._id = id; this.numUsers = 0; this.users = []; + // Should probably abstract this to a new class + this.rateLimitQueue = []; EventEmitter.call(this); @@ -18,9 +20,19 @@ class Room { // when the client emits 'new message', this listens and executes socket.on('new message', (data) => { + const { username } = socket; + const isRateLimited = this.isRateLimited(username); + + if (isRateLimited) { + return thisIO.emit('rated', { + username, + id: socket.user.id, + }); + } + // we tell the client to execute 'new message' socket.broadcast.emit('new message', { - username: socket.username, + username, id: socket.user.id, message: data.message, messageType: data.messageType, @@ -116,6 +128,32 @@ class Room { }); } + isRateLimited(username) { + if (this.rateLimitQueue.indexOf(username) > -1) { + return true; + } + + this.triggerRateLimitOn(username); + return false; + } + + triggerRateLimitOn(username) { + this.addToRateQueue(username); + setTimeout(() => { + this.removeFromRateQueue(username); + }, 120); + } + + addToRateQueue(username) { + this.rateLimitQueue.push(username); + return this; + } + + removeFromRateQueue(username) { + this.rateLimitQueue = _.without(this.rateLimitQueue, username); + return this; + } + sanitizeUsername(str) { return str.replace(/[^A-Za-z0-9]/g, '-'); } diff --git a/src/views/index.mustache b/src/views/index.mustache index 769cb8a..da0437d 100644 --- a/src/views/index.mustache +++ b/src/views/index.mustache @@ -78,8 +78,6 @@
{{>partials/ip}} -

Public lobby: /lobby

-

WARNING: Darkwire does not mask IP addresses nor can verify the integrity of parties recieving messages. Proceed with caution and always confirm recipients before starting a chat session.

Please also note that ALL CHATROOMS are public. Anyone can guess your room URL. If you need a more-private room, we recommend using a randomly generated room (+New Room button) and stay away from dictionary words.