mirror of
https://github.com/openvk/openvk
synced 2024-12-23 00:51:03 +03:00
Disallow API access to banned users
lmao??
This commit is contained in:
parent
cbec4b549f
commit
01bd8f938c
2 changed files with 20 additions and 0 deletions
|
@ -1,7 +1,9 @@
|
||||||
<?php declare(strict_types=1);
|
<?php declare(strict_types=1);
|
||||||
namespace openvk\VKAPI\Handlers;
|
namespace openvk\VKAPI\Handlers;
|
||||||
use openvk\VKAPI\Exceptions\APIErrorException;
|
use openvk\VKAPI\Exceptions\APIErrorException;
|
||||||
|
use openvk\Web\Models\Entities\IP;
|
||||||
use openvk\Web\Models\Entities\User;
|
use openvk\Web\Models\Entities\User;
|
||||||
|
use openvk\Web\Models\Repositories\IPs;
|
||||||
|
|
||||||
abstract class VKAPIRequestHandler
|
abstract class VKAPIRequestHandler
|
||||||
{
|
{
|
||||||
|
@ -39,4 +41,19 @@ abstract class VKAPIRequestHandler
|
||||||
if(!$this->userAuthorized())
|
if(!$this->userAuthorized())
|
||||||
$this->fail(5, "User authorization failed: no access_token passed.");
|
$this->fail(5, "User authorization failed: no access_token passed.");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
protected function willExecuteWriteAction(): void
|
||||||
|
{
|
||||||
|
$ip = (new IPs)->get(CONNECTING_IP);
|
||||||
|
$res = $ip->rateLimit();
|
||||||
|
|
||||||
|
if(!($res === IP::RL_RESET || $res === IP::RL_CANEXEC)) {
|
||||||
|
if($res === IP::RL_BANNED && OPENVK_ROOT_CONF["openvk"]["preferences"]["security"]["rateLimits"]["autoban"]) {
|
||||||
|
$this->user->ban("User account has been suspended for breaking API terms of service", false);
|
||||||
|
$this->fail(18, "User account has been suspended due to repeated violation of API rate limits.");
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->fail(29, "You have been rate limited.");
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -204,6 +204,9 @@ final class VKAPIPresenter extends OpenVKPresenter
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(!is_null($identity) && $identity->isBanned())
|
||||||
|
$this->fail(18, "User account is deactivated", $object, $method);
|
||||||
|
|
||||||
$object = ucfirst(strtolower($object));
|
$object = ucfirst(strtolower($object));
|
||||||
$handlerClass = "openvk\\VKAPI\\Handlers\\$object";
|
$handlerClass = "openvk\\VKAPI\\Handlers\\$object";
|
||||||
if(!class_exists($handlerClass))
|
if(!class_exists($handlerClass))
|
||||||
|
|
Loading…
Reference in a new issue