diff options
| author | Starfall <us@starfall.systems> | 2022-04-08 01:23:41 -0500 |
|---|---|---|
| committer | Starfall <us@starfall.systems> | 2022-04-08 01:23:41 -0500 |
| commit | 8da73d2e57284c765b232bfc6842a7ac0f0a702b (patch) | |
| tree | 8f04f4d701e86d4ddadbdd6054171ed374523a7d /app/lib | |
| parent | f7491de676298b8f78084c00f0026f8cf36d92fc (diff) | |
| parent | e0c39f9fad837b77373220515f078f2443ddf553 (diff) | |
Merge remote-tracking branch 'glitch/main'
Diffstat (limited to 'app/lib')
| -rw-r--r-- | app/lib/feed_manager.rb | 11 | ||||
| -rw-r--r-- | app/lib/suspicious_sign_in_detector.rb | 42 |
2 files changed, 43 insertions, 10 deletions
diff --git a/app/lib/feed_manager.rb b/app/lib/feed_manager.rb index 6994f00ae..02ecb403d 100644 --- a/app/lib/feed_manager.rb +++ b/app/lib/feed_manager.rb @@ -5,7 +5,6 @@ require 'singleton' class FeedManager include Singleton include Redisable - include FormattingHelper # Maximum number of items stored in a single feed MAX_ITEMS = 400 @@ -501,16 +500,8 @@ class FeedManager return false if active_filters.empty? combined_regex = Regexp.union(active_filters) - status = status.reblog if status.reblog? - combined_text = [ - extract_status_plain_text(status), - status.spoiler_text, - status.preloadable_poll ? status.preloadable_poll.options.join("\n\n") : nil, - status.ordered_media_attachments.map(&:description).join("\n\n"), - ].compact.join("\n\n") - - combined_regex.match?(combined_text) + combined_regex.match?(status.proper.searchable_text) end # Adds a status to an account's feed, returning true if a status was diff --git a/app/lib/suspicious_sign_in_detector.rb b/app/lib/suspicious_sign_in_detector.rb new file mode 100644 index 000000000..1af5188c6 --- /dev/null +++ b/app/lib/suspicious_sign_in_detector.rb @@ -0,0 +1,42 @@ +# frozen_string_literal: true + +class SuspiciousSignInDetector + IPV6_TOLERANCE_MASK = 64 + IPV4_TOLERANCE_MASK = 16 + + def initialize(user) + @user = user + end + + def suspicious?(request) + !sufficient_security_measures? && !freshly_signed_up? && !previously_seen_ip?(request) + end + + private + + def sufficient_security_measures? + @user.otp_required_for_login? + end + + def previously_seen_ip?(request) + @user.ips.where('ip <<= ?', masked_ip(request)).exists? + end + + def freshly_signed_up? + @user.current_sign_in_at.blank? + end + + def masked_ip(request) + masked_ip_addr = begin + ip_addr = IPAddr.new(request.remote_ip) + + if ip_addr.ipv6? + ip_addr.mask(IPV6_TOLERANCE_MASK) + else + ip_addr.mask(IPV4_TOLERANCE_MASK) + end + end + + "#{masked_ip_addr}/#{masked_ip_addr.prefix}" + end +end |