Commit 4d7aa0e4 authored by JackV's avatar JackV

Add DoS protection ban

parent 213cd4b6
......@@ -14,6 +14,7 @@ from datetime import datetime, timedelta
import json
import markdown
import time
import tornado.auth
import tornado.websocket
from sqlalchemy import distinct
......@@ -202,6 +203,8 @@ class StatusHandler(tornado.websocket.WebSocketHandler):
class LoginPageHandler(BaseHandler):
"""Handle login browser requests for reserved area."""
IP_BANS = {}
BAN_TIME = 3600000
def get(self):
next = self.get_argument("next", "/")
......@@ -222,14 +225,22 @@ class LoginPageHandler(BaseHandler):
with session_scope() as session:
try:
verified = verify(session, username, password, ip_address)
if ip_address in self.IP_BANS.keys():
if time.time() > self.IP_BANS[ip_address] + self.BAN_TIME:
verified = False
else:
verified = verify(session, username, password, ip_address)
self.IP_BANS.pop(ip_address)
else:
verified = verify(session, username, password, ip_address)
except DoSError as error:
LOG.warning("DoS protection: %s", error)
self.log_offender_details()
self.IP_BANS[ip_address] = time.time()
self.render(
'templates/login.html',
next=next,
message="Tentativi dal tuo IP over 9000...",
message="Riscontrato errore DDoS, login disabilitato temporaneamente",
)
return
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment