From 40b90933377a196c117e2dbb9bd1908922bc76b5 Mon Sep 17 00:00:00 2001 From: Christoph Hagen Date: Tue, 29 Mar 2022 15:47:20 +0200 Subject: [PATCH] Add limit to prevent abuse --- Resources/paths.conf | 1 + Sources/App/Log.swift | 1 + Sources/App/configure.swift | 45 +++++++++++++++++++++++++++---------- 3 files changed, 35 insertions(+), 12 deletions(-) diff --git a/Resources/paths.conf b/Resources/paths.conf index cf607b4..60af1bf 100755 --- a/Resources/paths.conf +++ b/Resources/paths.conf @@ -1 +1,2 @@ /data/logs/festival/server.log +150 diff --git a/Sources/App/Log.swift b/Sources/App/Log.swift index 36d252a..a1d6ef4 100644 --- a/Sources/App/Log.swift +++ b/Sources/App/Log.swift @@ -34,6 +34,7 @@ enum Log { static func write(_ message: String) { guard let f = file else { + print(message) return } f.write(message.data(using: .utf8)!) diff --git a/Sources/App/configure.swift b/Sources/App/configure.swift index 5255d8a..af565bb 100755 --- a/Sources/App/configure.swift +++ b/Sources/App/configure.swift @@ -10,6 +10,8 @@ private var guestListPath: URL! private var declinedListPath: URL! +private var maximumGuestCount = 100 + private let df: DateFormatter = { let df = DateFormatter() df.dateFormat = "dd.MM. HH:mm" @@ -19,8 +21,9 @@ private let df: DateFormatter = { func guestCount() -> Int { registeredGuests .reduce([]) { $0 + $1.components(separatedBy: "+") } - .reduce([]) { $0 + $1.components(separatedBy: "-") } - .reduce([]) { $0 + $1.components(separatedBy: "und ") } + .reduce([]) { $0 + $1.components(separatedBy: " - ") } + .reduce([]) { $0 + $1.components(separatedBy: ",") } + .reduce([]) { $0 + $1.components(separatedBy: " und ") } .reduce([]) { $0 + $1.components(separatedBy: "&") } //.map { $0.trimmingCharacters(in: .whitespacesAndNewlines) } .count @@ -28,6 +31,9 @@ func guestCount() -> Int { func add(guest: String) -> String { + guard registeredGuests.count < maximumGuestCount else { + return "Too many requests" + } registeredGuests.insert(guest) declinedGuests.remove(guest) defer { saveLists() } @@ -35,6 +41,9 @@ func add(guest: String) -> String { } func remove(guest: String) -> String { + guard declinedGuests.count < maximumGuestCount else { + return "Too many requests" + } registeredGuests.remove(guest) declinedGuests.insert(guest) defer { saveLists() } @@ -98,31 +107,43 @@ private func createFileIfNeeded(at path: URL) throws { try Data().write(to: path) } -private func readConfig(at path: URL) throws -> URL { +private func readConfig(at path: URL) throws -> String { do { - let logPath = try String(contentsOf: path) + let content = try String(contentsOf: path) .trimmingCharacters(in: .whitespacesAndNewlines) - return URL(fileURLWithPath: logPath) + return content } catch { log("Failed to read configuration file at \(path.path): \(error)") throw error } } -// configures your application +private func configureFromFile(at configPath: URL) throws { + let config = try readConfig(at: configPath) + .components(separatedBy: "\n") + .map { $0.trimmingCharacters(in: .whitespaces) } + .filter { !$0.isEmpty } + guard config.count == 2 else { + log("Invalid configuration file at \(configPath.path)") + throw FestivalError.invalidConfiguration + } + try Log.set(logFile: config[0]) + guard let count = Int(config[1]) else { + log("Invalid maximum guest count '\(config[1])', using default") + return + } + maximumGuestCount = count +} + public func configure(_ app: Application) throws { - // uncomment to serve files from /Public folder - // app.middleware.use(FileMiddleware(publicDirectory: app.directory.publicDirectory)) app.http.server.configuration.port = 9001 let configPath = URL(fileURLWithPath: app.directory.resourcesDirectory) .appendingPathComponent("paths.conf") - let logFile = try readConfig(at: configPath) + try configureFromFile(at: configPath) + let listDirectory = URL(fileURLWithPath: app.directory.publicDirectory) .appendingPathComponent("lists") - - try Log.set(logFile: logFile.path) - let eventLog = listDirectory.appendingPathComponent("events.txt") guestListPath = listDirectory.appendingPathComponent("registered.txt") declinedListPath = listDirectory.appendingPathComponent("declined.txt")