From 5d8607a3eba20628b25a9a692ecaad028dea4b46 Mon Sep 17 00:00:00 2001 From: Thibault Duplessis Date: Sat, 28 Feb 2015 15:16:39 +0100 Subject: [PATCH] Disallow login from TOR exit nodes --- app/controllers/Auth.scala | 33 ++++++++++++++++++++++++----- app/views/auth/tor.scala.html | 20 +++++++++++++++++ bin/mongodb/tor.js | 2 +- modules/security/src/main/Api.scala | 16 ++++++++++---- modules/security/src/main/Tor.scala | 2 +- 5 files changed, 62 insertions(+), 11 deletions(-) create mode 100644 app/views/auth/tor.scala.html diff --git a/app/controllers/Auth.scala b/app/controllers/Auth.scala index df067af170..770e7fb74c 100644 --- a/app/controllers/Auth.scala +++ b/app/controllers/Auth.scala @@ -37,13 +37,24 @@ object Auth extends LilaController { session + ("sessionId" -> sessionId) - api.AccessUri } } + } recoverWith { + case lila.security.Api.AuthFromTorExitNode => negotiate( + html = Unauthorized(html.auth.tor()).fuccess, + api = _ => Unauthorized(Json.obj( + "error" -> "Can't login from TOR exit node" + )).fuccess + ) } ) } def login = Open { implicit ctx => - val referrer = get("referrer") - Ok(html.auth.login(api.loginForm, referrer)).fuccess + if (Env.security.tor isExitNode ctx.req.remoteAddress) + Unauthorized(html.auth.tor()).fuccess + else { + val referrer = get("referrer") + Ok(html.auth.login(api.loginForm, referrer)).fuccess + } } def authenticate = OpenBody { implicit ctx => @@ -54,7 +65,7 @@ object Auth extends LilaController { html = Unauthorized(html.auth.login(err, get("referrer"))).fuccess, api = _ => Unauthorized(err.errorsAsJson).fuccess ), - _.fold(InternalServerError("authenticate error").fuccess)(authenticateUser) + _.fold(InternalServerError("Authentication error").fuccess)(authenticateUser) ) } } @@ -69,8 +80,12 @@ object Auth extends LilaController { } def signup = Open { implicit ctx => - forms.signup.websiteWithCaptcha map { - case (form, captcha) => Ok(html.auth.signup(form, captcha)) + if (Env.security.tor isExitNode ctx.req.remoteAddress) + Unauthorized(html.auth.tor()).fuccess + else { + forms.signup.websiteWithCaptcha map { + case (form, captcha) => Ok(html.auth.signup(form, captcha)) + } } } @@ -86,7 +101,15 @@ object Auth extends LilaController { res(user) map { _ withCookies LilaCookie.session("sessionId", sessionId) } + } recoverWith { + case lila.security.Api.AuthFromTorExitNode => negotiate( + html = Unauthorized(html.auth.tor()).fuccess, + api = _ => Unauthorized(Json.obj( + "error" -> "Can't register from TOR exit node" + )).fuccess + ) } + } } diff --git a/app/views/auth/tor.scala.html b/app/views/auth/tor.scala.html new file mode 100644 index 0000000000..b61d273a32 --- /dev/null +++ b/app/views/auth/tor.scala.html @@ -0,0 +1,20 @@ +@()(implicit ctx: Context) + +@auth.layout( +title = "TOR exit node", +zen = true) { +
+ +
+} diff --git a/bin/mongodb/tor.js b/bin/mongodb/tor.js index 2fb907c7ac..0e41448cc0 100644 --- a/bin/mongodb/tor.js +++ b/bin/mongodb/tor.js @@ -1,4 +1,4 @@ var ips = [ '101.99.64.150', '103.10.197.50', '103.240.91.7', '104.130.25.153', '104.131.51.93', '104.167.102.244', '104.167.103.52', '104.167.104.205', '104.167.107.142', '104.207.135.126', '104.207.148.12', '104.219.184.166', '104.232.1.99', '104.232.3.33', '104.232.3.35', '104.236.100.82', '104.236.131.151', '104.236.38.231', '104.237.152.195', '104.237.156.214', '104.245.39.74', '105.237.222.114', '105.237.244.120', '105.237.244.68', '106.185.28.25', '106.185.29.93', '106.185.34.43', '106.185.38.151', '106.186.28.33', '106.187.36.183', '106.187.37.158', '106.187.37.158', '106.187.45.156', '107.150.53.178', '108.166.161.186', '108.166.168.158', '108.166.168.167', '108.60.148.50', '108.61.167.240', '108.61.199.176', '108.61.210.123', '108.61.212.102', '109.120.148.60', '109.120.173.48', '109.120.180.245', '109.122.37.135', '109.163.234.2', '109.163.234.4', '109.163.234.5', '109.163.234.7', '109.163.234.8', '109.163.234.9', '109.163.235.246', '109.169.0.29', '109.169.23.202', '109.169.33.163', '109.173.59.180', '109.185.253.125', '109.190.1.78', '109.194.217.90', '109.201.137.163', '109.203.108.66', '109.219.141.49', '109.235.50.163', '109.252.74.139', '109.63.138.105', '109.63.151.78', '109.63.153.107', '109.63.200.26', '109.63.218.90', '109.74.151.149', '110.174.43.136', '110.93.23.170', '113.190.227.151', '117.18.75.235', '118.193.194.95', '119.15.121.30', '120.29.217.51', '120.56.160.22', '120.56.161.67', '120.56.162.146', '120.56.163.125', '120.56.163.205', '120.56.166.125', '120.56.167.110', '120.56.167.52', '120.56.168.166', '120.56.168.25', '120.56.169.211', '120.56.169.9', '120.56.170.118', '120.56.170.74', '120.56.170.83', '120.56.171.34', '120.56.171.36', '120.56.171.69', '120.56.172.142', '120.56.172.143', '120.56.173.175', '120.56.175.153', '120.56.175.182', '120.56.175.238', '120.56.175.73', '120.56.175.83', '120.57.166.171', '120.57.168.230', '120.57.171.52', '120.57.175.86', '120.59.165.19', '120.59.166.132', '120.59.166.235', '120.59.166.245', '120.59.169.41', '120.59.171.176', '120.59.171.88', '120.59.172.115', '120.59.173.43', '120.59.174.24', '120.59.32.96', '120.59.33.116', '120.59.33.204', '120.59.34.116', '120.59.34.15', '120.59.34.56', '120.59.35.215', '120.59.38.217', '120.59.38.236', '120.59.39.42', '120.59.39.82', '120.59.41.192', '120.59.41.195', '120.59.41.70', '120.59.42.89', '120.59.43.157', '120.59.43.204', '120.59.44.123', '120.59.44.166', '120.59.44.7', '120.59.46.243', '120.59.47.186', '121.54.175.50', '122.60.203.17', '123.108.224.70', '123.221.177.14', '125.239.240.54', '125.255.2.30', '128.199.154.132', '128.199.165.212', '128.199.168.142', '128.199.247.148', '128.199.247.148', '128.199.51.208', '128.199.87.155', '128.39.142.20', '128.39.142.21', '128.52.128.105', '128.6.224.107', '128.71.251.18', '128.71.51.145', '128.79.53.244', '129.123.7.6', '129.123.7.6', '129.123.7.7', '129.123.7.7', '129.127.254.213', '129.241.161.250', '130.149.220.125', '132.248.30.12', '132.251.224.249', '132.251.230.227', '136.243.224.114', '136.243.224.114', '14.162.174.82', '14.162.175.201', '140.113.110.11', '141.138.141.208', '141.239.145.33', '141.255.165.138', '141.255.189.161', '142.4.213.113', '142.4.213.25', '143.177.40.192', '146.185.141.57', '146.185.143.144', '146.185.183.13', '146.185.253.138', '146.185.253.138', '146.185.253.181', '146.185.253.181', '146.185.253.202', '146.185.253.202', '146.60.50.249', '148.251.151.189', '148.251.45.135', '149.62.16.227', '15.125.125.192', '150.140.5.34', '151.236.24.228', '151.236.4.158', '151.80.136.246', '151.80.142.237', '151.80.204.14', '153.127.252.187', '162.210.197.234', '162.218.208.132', '162.219.2.177', '162.220.56.186', '162.221.201.57', '162.243.113.182', '162.243.35.251', '162.243.53.75', '162.244.25.186', '162.245.41.18', '162.247.72.199', '162.247.72.200', '162.247.72.201', '162.247.72.212', '162.247.72.213', '162.247.72.216', '162.247.72.217', '162.247.72.27', '162.247.72.7', '162.247.73.204', '162.247.73.206', '162.247.73.74', '162.248.11.176', '162.248.161.213', '165.254.255.16', '165.254.255.16', '166.70.15.14', '166.70.207.2', '167.114.113.46', '167.114.114.209', '167.114.41.211', '167.114.41.211', '167.114.41.212', '167.114.41.212', '167.114.71.38', '167.57.100.44', '167.57.102.156', '167.57.104.213', '167.57.105.165', '167.57.107.24', '167.57.113.67', '167.57.95.194', '167.57.96.62', '167.57.98.172', '167.88.40.152', '167.88.41.187', '168.235.150.100', '171.25.193.20', '171.25.193.235', '171.25.193.77', '171.25.193.78', '173.199.105.254', '173.208.196.215', '173.208.247.213', '173.242.121.199', '173.254.216.66', '173.254.216.67', '173.254.216.68', '173.254.216.69', '173.255.196.30', '173.255.210.205', '173.255.226.142', '173.255.232.192', '174.45.181.138', '175.135.65.222', '176.10.107.180', '176.10.99.200', '176.10.99.200', '176.10.99.201', '176.10.99.201', '176.10.99.202', '176.10.99.202', '176.10.99.203', '176.10.99.203', '176.10.99.204', '176.10.99.204', '176.10.99.205', '176.10.99.205', '176.10.99.206', '176.10.99.206', '176.10.99.207', '176.10.99.207', '176.10.99.208', '176.10.99.208', '176.10.99.209', '176.10.99.209', '176.103.128.53', '176.106.54.54', '176.108.160.241', '176.108.160.242', '176.108.160.253', '176.123.28.34', '176.123.6.101', '176.123.6.94', '176.126.252.11', '176.126.252.12', '176.194.10.56', '176.194.98.53', '176.34.161.59', '176.36.150.246', '176.58.100.98', '176.58.106.89', '176.58.159.175', '176.58.97.201', '176.61.137.221', '176.77.32.227', '176.77.39.70', '176.77.62.163', '176.9.145.194', '176.9.16.81', '176.9.237.2', '176.9.25.72', '177.133.176.193', '177.141.18.9', '177.157.144.15', '177.157.248.127', '177.157.254.109', '177.204.178.210', '177.205.178.103', '177.205.201.206', '177.66.147.7', '177.99.139.151', '178.137.181.120', '178.16.208.56', '178.16.208.57', '178.162.197.5', '178.17.170.19', '178.170.111.194', '178.175.131.194', '178.175.139.138', '178.175.139.138', '178.175.139.139', '178.175.139.139', '178.175.139.140', '178.175.139.140', '178.175.139.141', '178.175.139.141', '178.175.139.142', '178.175.139.142', '178.18.131.8', '178.18.17.204', '178.18.17.234', '178.18.83.215', '178.2.46.15', '178.20.55.16', '178.20.55.18', '178.21.20.86', '178.217.187.39', '178.219.245.214', '178.238.223.67', '178.238.237.44', '178.254.31.209', '178.32.181.98', '178.32.181.99', '178.4.242.253', '178.4.31.149', '178.62.204.99', '178.62.217.233', '178.62.39.202', '178.62.80.124', '178.63.110.151', '178.63.94.144', '178.63.97.34', '178.74.103.228', '178.77.102.213', '178.79.161.152', '178.79.170.173', '179.0.194.147', '179.232.244.183', '18.125.1.222', '18.187.1.68', '18.238.1.85', '18.238.2.85', '18.239.0.140', '18.239.0.155', '18.243.0.30', '180.61.164.142', '181.114.76.66', '181.114.92.88', '181.41.219.117', '184.148.75.15', '185.10.71.80', '185.11.166.112', '185.12.12.133', '185.13.37.158', '185.13.38.185', '185.16.200.176', '185.17.144.138', '185.17.184.228', '185.31.100.75', '185.34.33.2', '185.36.100.145', '185.4.227.34', '185.45.192.105', '185.45.192.188', '185.45.192.57', '185.53.163.6', '185.61.148.183', '185.61.148.189', '185.61.148.193', '185.61.148.228', '185.61.149.116', '185.61.149.176', '185.61.149.193', '185.65.200.93', '185.69.54.147', '185.69.55.58', '185.72.177.105', '185.75.56.116', '185.75.56.116', '185.75.56.44', '185.75.56.44', '185.8.238.66', '185.82.216.119', '187.59.209.181', '187.95.34.3', '188.105.14.56', '188.113.114.120', '188.120.253.39', '188.126.93.81', '188.138.1.229', '188.138.1.229', '188.138.1.229', '188.138.1.229', '188.138.106.138', '188.138.17.15', '188.138.17.15', '188.138.9.49', '188.138.9.49', '188.165.200.138', '188.166.40.71', '188.166.43.61', '188.166.49.82', '188.166.50.59', '188.181.93.85', '188.183.132.29', '188.186.16.236', '188.213.143.23', '188.220.8.209', '188.226.199.160', '188.226.250.82', '188.226.254.89', '188.241.113.149', '188.241.114.81', '188.246.75.178', '188.25.165.182', '188.25.165.19', '188.255.112.224', '188.255.30.36', '188.6.73.127', '188.78.208.39', '188.93.17.123', '188.96.149.44', '188.99.196.13', '189.11.243.125', '189.172.1.187', '189.172.127.133', '189.172.24.129', '189.172.6.101', '189.172.69.106', '189.176.59.230', '189.176.76.251', '189.179.170.205', '189.242.23.196', '189.242.26.180', '189.242.73.62', '189.242.76.110', '189.249.0.105', '189.249.56.205', '189.249.6.225', '189.249.62.245', '189.249.67.248', '189.249.79.157', '189.74.180.185', '190.107.32.67', '190.3.169.147', '191.101.2.235', '192.135.168.251', '192.151.154.142', '192.241.199.208', '192.254.168.26', '192.3.177.167', '192.3.52.99', '192.34.59.48', '192.42.116.16', '192.43.244.42', '192.64.82.102', '192.67.222.5', '192.81.221.162', '192.99.154.24', '192.99.2.137', '192.99.2.137', '192.99.250.143', '193.107.19.30', '193.107.85.56', '193.107.85.57', '193.107.85.61', '193.107.85.62', '193.11.137.120', '193.110.157.151', '193.138.216.101', '193.154.241.57', '193.163.220.143', '193.33.216.23', '193.37.152.241', '193.90.12.86', '193.90.12.87', '193.90.12.88', '193.90.12.89', '193.90.12.90', '194.150.168.79', '194.150.168.95', '195.154.13.10', '195.154.13.96', '195.154.9.55', '195.154.97.160', '195.180.11.196', '195.19.174.114', '195.19.174.115', '195.210.29.124', '195.228.45.176', '195.228.75.131', '195.46.185.37', '197.200.34.154', '197.231.221.211', '198.100.144.75', '198.100.148.112', '198.12.104.208', '198.12.80.187', '198.211.122.191', '198.37.114.36', '198.50.145.40', '198.50.145.72', '198.52.247.250', '198.58.107.53', '198.58.115.210', '198.73.50.71', '198.84.249.106', '198.96.155.3', '198.98.49.3', '199.180.135.157', '199.188.100.154', '199.193.115.209', '199.254.238.44', '199.58.83.10', '199.87.154.255', '2.107.22.186', '2.216.102.139', '2.217.233.48', '2.217.235.173', '2.222.237.21', '2.222.238.227', '2.239.48.105', '2.240.115.140', '2.240.189.57', '2.240.218.127', '2.241.112.179', '2.241.42.201', '2.241.81.1', '2.62.11.251', '2.62.11.72', '2.62.18.50', '2.62.25.117', '2.62.38.117', '2.62.38.134', '2.62.46.150', '200.101.74.243', '200.223.212.210', '200.63.47.10', '200.98.139.23', '201.153.205.101', '201.153.228.199', '201.2.11.135', '201.27.235.127', '201.81.200.195', '201.88.120.128', '202.85.233.34', '203.118.133.156', '203.161.103.17', '203.206.237.197', '203.217.173.146', '204.11.50.131', '204.124.83.130', '204.124.83.130', '204.124.83.134', '204.124.83.134', '204.17.56.42', '204.17.56.42', '204.194.29.4', '204.27.58.202', '204.8.156.142', '204.85.191.30', '205.168.84.133', '207.201.223.195', '207.201.223.196', '207.201.223.197', '207.244.82.109', '207.244.82.109', '208.84.155.243', '209.126.111.161', '209.159.138.19', '209.162.33.207', '209.17.191.117', '209.222.8.196', '210.195.61.252', '210.211.122.204', '210.23.2.30', '212.100.150.6', '212.114.47.52', '212.159.143.81', '212.16.104.33', '212.16.16.184', '212.192.74.100', '212.192.74.101', '212.227.248.118', '212.227.38.247', '212.24.144.188', '212.250.160.178', '212.33.245.129', '212.48.84.53', '212.71.238.203', '212.83.167.175', '212.83.190.203', '212.92.187.78', '212.92.189.196', '212.92.219.15', '213.108.105.253', '213.108.105.71', '213.113.213.190', '213.127.146.27', '213.136.75.42', '213.136.87.245', '213.138.114.91', '213.141.141.147', '213.142.46.121', '213.165.70.16', '213.186.7.232', '213.222.104.123', '213.222.116.97', '213.222.76.223', '213.239.214.175', '213.252.140.118', '213.44.88.234', '213.61.149.100', '213.61.149.100', '213.9.93.174', '213.95.21.54', '213.95.21.59', '216.115.3.26', '216.115.6.58', '216.115.6.62', '216.17.101.79', '216.17.99.130', '216.218.134.12', '216.218.216.194', '217.115.10.132', '217.115.10.133', '217.115.10.134', '217.12.204.104', '217.13.197.5', '217.172.190.19', '217.172.190.19', '217.173.74.91', '217.210.165.43', '217.250.217.208', '217.251.94.54', '217.34.135.225', '217.34.135.231', '217.37.19.115', '217.40.254.177', '217.50.140.242', '217.50.141.28', '217.70.191.13', '218.250.245.150', '218.250.245.54', '222.152.157.71', '223.18.115.229', '23.102.160.46', '23.22.33.67', '23.25.135.9', '23.250.7.159', '23.80.226.4', '23.92.26.114', '23.94.43.76', '23.95.112.192', '23.95.25.209', '23.95.31.56', '23.95.38.135', '23.95.43.77', '24.12.250.200', '24.17.19.29', '24.175.166.20', '24.190.8.16', '24.230.67.149', '24.90.197.246', '27.124.124.122', '31.18.254.81', '31.185.27.1', '31.187.92.102', '31.187.92.55', '31.192.228.185', '31.31.78.141', '31.31.79.152', '35.0.127.52', '35.0.127.52', '37.0.123.207', '37.1.194.182', '37.110.13.136', '37.110.241.249', '37.113.177.10', '37.113.189.210', '37.123.112.253', '37.130.227.133', '37.130.227.133', '37.139.3.171', '37.143.9.74', '37.146.99.180', '37.147.203.74', '37.157.192.150', '37.157.192.150', '37.157.194.210', '37.157.195.143', '37.157.195.178', '37.157.195.83', '37.187.107.210', '37.187.114.36', '37.187.119.59', '37.187.129.166', '37.187.129.166', '37.187.176.64', '37.187.2.229', '37.187.21.180', '37.187.216.154', '37.187.239.191', '37.187.244.40', '37.187.38.147', '37.187.39.210', '37.187.51.210', '37.187.7.74', '37.220.35.61', '37.221.161.37', '37.221.162.226', '37.221.162.226', '37.221.165.229', '37.229.208.50', '37.229.221.183', '37.229.80.58', '37.235.49.220', '37.235.60.60', '37.48.120.196', '37.48.78.159', '37.59.100.11', '37.59.123.142', '37.59.14.201', '37.59.144.16', '37.59.162.218', '37.59.36.198', '37.59.63.190', '37.59.67.101', '37.59.96.219', '37.6.127.169', '37.75.163.76', '41.133.130.142', '41.141.238.249', '41.143.25.151', '41.248.226.95', '41.251.155.82', '43.250.8.42', '46.0.135.108', '46.0.79.86', '46.0.92.253', '46.10.205.252', '46.105.17.72', '46.151.208.213', '46.16.234.131', '46.163.68.156', '46.163.76.250', '46.165.221.166', '46.165.221.166', '46.165.223.217', '46.167.245.172', '46.182.106.190', '46.183.219.196', '46.183.220.132', '46.185.86.192', '46.187.3.156', '46.188.0.87', '46.188.10.23', '46.190.33.137', '46.190.33.240', '46.20.246.117', '46.21.151.107', '46.226.110.185', '46.233.0.70', '46.235.227.70', '46.245.200.65', '46.246.20.132', '46.252.152.192', '46.28.68.158', '46.38.57.196', '46.38.62.30', '46.38.63.7', '46.4.55.177', '46.4.87.172', '46.41.132.84', '46.72.101.162', '46.72.105.21', '46.72.116.172', '46.72.65.149', '46.72.84.30', '46.72.89.77', '46.72.91.6', '46.72.95.221', '5.101.100.198', '5.12.210.171', '5.12.73.6', '5.135.148.171', '5.135.152.208', '5.135.158.101', '5.166.114.194', '5.175.194.69', '5.19.179.10', '5.196.0.123', '5.196.1.129', '5.196.105.229', '5.196.14.234', '5.199.130.188', '5.199.142.195', '5.199.142.93', '5.199.213.73', '5.249.150.118', '5.254.129.133', '5.254.129.138', '5.39.76.182', '5.44.107.23', '5.44.99.161', '5.55.36.213', '5.71.14.194', '5.71.5.30', '5.79.68.161', '5.79.68.161', '5.79.78.97', '5.9.110.133', '5.9.158.75', '5.9.195.140', '5.9.234.238', '5.9.60.140', '50.115.233.62', '50.181.177.41', '50.199.1.178', '50.245.124.131', '50.247.195.124', '50.57.149.204', '50.7.176.59', '50.7.176.59', '50.7.176.60', '50.7.176.60', '50.7.176.61', '50.7.176.61', '50.7.176.62', '50.7.176.62', '50.76.159.218', '52.1.245.147', '54.144.255.249', '54.148.109.170', '54.159.229.81', '54.164.156.70', '54.171.94.249', '54.175.81.69', '54.187.55.29', '54.224.53.194', '54.64.147.97', '54.64.229.134', '54.65.160.153', '54.65.172.254', '54.65.194.217', '54.65.206.52', '54.65.206.60', '54.65.206.67', '54.65.206.74', '54.65.206.79', '54.68.29.170', '54.92.10.145', '54.92.119.220', '54.92.74.133', '54.92.87.229', '54.94.137.164', '54.94.241.162', '59.101.147.105', '59.101.24.130', '59.101.24.213', '59.177.66.167', '59.177.66.29', '59.177.67.169', '59.177.67.229', '59.177.68.222', '59.177.70.182', '59.177.70.23', '59.177.70.253', '59.177.70.29', '59.177.71.209', '59.177.72.29', '59.177.72.35', '59.177.73.129', '59.177.73.157', '59.177.73.80', '59.177.74.122', '59.177.74.208', '59.177.74.63', '59.177.74.93', '59.177.75.253', '59.177.75.3', '59.177.76.116', '59.177.76.36', '59.177.77.192', '59.177.77.56', '59.177.78.147', '59.177.78.171', '59.177.78.236', '59.177.79.236', '59.177.79.45', '59.179.17.195', '59.91.157.129', '60.248.162.179', '61.219.119.37', '61.230.162.106', '61.230.174.59', '61.230.193.161', '61.230.198.21', '61.230.198.223', '61.230.214.137', '62.108.37.48', '62.133.130.105', '62.147.251.21', '62.149.12.153', '62.197.40.155', '62.203.139.162', '62.203.234.142', '62.204.110.198', '62.210.170.27', '62.210.188.218', '62.210.37.82', '62.210.69.121', '62.210.74.137', '62.210.74.143', '62.210.74.186', '62.210.76.96', '62.212.89.117', '62.220.135.129', '62.226.250.85', '62.44.127.184', '62.75.150.23', '62.75.187.147', '62.75.187.42', '62.75.209.152', '62.87.219.66', '64.113.32.29', '64.113.44.206', '64.87.19.244', '65.181.113.136', '65.181.113.89', '65.181.123.254', '66.109.24.204', '66.146.193.31', '66.171.179.194', '66.172.10.67', '66.180.193.219', '66.220.3.179', '66.31.208.246', '66.85.131.72', '67.1.249.74', '67.215.255.140', '67.23.181.237', '67.86.79.185', '68.233.235.217', '68.64.161.238', '68.67.35.3', '68.89.0.103', '69.162.107.5', '69.162.139.9', '69.164.198.32', '69.164.198.96', '69.164.207.234', '69.164.209.8', '69.164.214.250', '69.172.231.39', '69.39.49.201', '69.64.52.48', '70.114.15.112', '70.114.16.24', '71.135.34.239', '71.135.34.46', '71.135.37.170', '71.135.38.56', '71.135.38.95', '71.135.39.14', '71.135.41.30', '71.135.45.191', '71.135.45.71', '71.135.46.56', '71.193.49.200', '71.196.167.96', '71.230.253.68', '71.235.74.183', '71.70.213.219', '71.77.69.80', '72.14.176.172', '72.14.179.10', '72.235.48.203', '72.249.185.100', '72.250.213.13', '72.29.162.18', '72.52.75.27', '72.52.91.19', '72.52.91.30', '72.52.91.30', '73.9.214.210', '74.142.74.157', '74.3.165.39', '74.50.54.68', '75.108.196.182', '75.226.120.175', '76.64.13.155', '76.64.216.124', '76.64.54.41', '76.64.54.44', '76.65.25.110', '76.65.25.168', '76.74.219.138', '76.85.207.212', '76.93.215.51', '77.0.200.183', '77.0.200.186', '77.0.201.163', '77.109.138.42', '77.109.138.42', '77.109.138.42', '77.109.139.27', '77.109.139.27', '77.109.139.27', '77.109.139.87', '77.109.141.138', '77.109.141.138', '77.109.141.138', '77.12.111.122', '77.12.29.182', '77.170.1.2', '77.207.134.48', '77.222.138.14', '77.244.254.227', '77.244.254.228', '77.244.254.229', '77.244.254.230', '77.247.181.162', '77.247.181.162', '77.247.181.162', '77.247.181.163', '77.247.181.163', '77.247.181.165', '77.247.181.165', '77.3.7.223', '77.4.36.141', '77.4.51.110', '77.41.42.94', '77.41.43.252', '77.41.46.42', '77.41.47.126', '77.41.47.91', '77.51.3.208', '77.51.63.236', '77.6.206.137', '77.66.45.227', '77.81.240.41', '78.107.237.16', '78.108.63.44', '78.108.63.46', '78.111.78.140', '78.21.6.161', '78.233.64.138', '78.246.32.50', '78.247.15.126', '78.248.215.89', '78.29.95.172', '78.31.164.41', '78.35.251.232', '78.41.115.145', '78.46.51.124', '78.46.66.41', '78.47.39.188', '78.47.61.222', '78.48.104.73', '78.48.18.102', '78.48.18.26', '78.48.72.77', '78.48.75.109', '78.49.1.236', '78.49.161.132', '78.50.180.160', '78.54.128.10', '78.54.140.152', '78.54.161.113', '78.54.52.119', '78.63.141.198', '78.8.112.49', '78.8.123.153', '78.8.165.4', '78.8.205.211', '78.85.151.57', '78.85.188.248', '78.85.195.149', '78.85.244.189', '78.9.28.218', '78.9.30.142', '79.109.148.203', '79.120.10.98', '79.120.81.183', '79.134.234.200', '79.134.235.5', '79.165.223.209', '79.172.193.32', '79.223.0.121', '79.223.9.149', '79.225.192.166', '8.28.87.108', '80.248.208.131', '80.42.164.86', '80.71.131.57', '80.78.242.81', '80.78.246.86', '80.79.23.7', '80.85.84.72', '80.99.254.115', '81.151.57.229', '81.2.236.165', '81.217.157.90', '81.219.51.199', '81.220.199.113', '81.231.226.38', '81.231.53.165', '81.246.202.169', '81.246.208.145', '81.246.219.249', '81.246.225.28', '81.4.103.106', '81.4.104.82', '81.57.133.42', '81.7.8.101', '81.89.0.195', '81.89.0.196', '81.89.0.197', '81.89.0.198', '81.89.0.199', '81.89.0.200', '81.89.0.201', '81.89.0.202', '81.89.0.203', '81.89.0.204', '81.89.96.88', '81.89.96.89', '81.95.190.6', '82.116.120.3', '82.161.223.137', '82.165.142.79', '82.199.192.167', '82.211.201.188', '82.211.223.3', '82.216.76.245', '82.220.73.128', '82.220.73.59', '82.228.185.210', '82.228.252.20', '82.239.104.165', '82.240.188.36', '82.247.198.227', '82.248.230.250', '82.250.49.28', '82.251.233.193', '82.30.115.98', '82.65.208.187', '82.69.50.50', '83.102.63.92', '83.147.84.228', '83.149.124.136', '83.149.124.136', '83.149.124.137', '83.149.124.137', '83.149.126.29', '83.149.249.165', '83.158.254.239', '83.158.9.241', '83.160.95.99', '83.222.249.220', '83.227.52.168', '83.236.208.78', '83.240.66.166', '83.246.106.150', '83.251.81.93', '83.251.91.222', '83.253.54.206', '83.255.56.187', '83.56.234.147', '83.76.227.6', '83.78.208.245', '84.1.164.91', '84.117.22.74', '84.134.96.229', '84.143.197.219', '84.143.200.142', '84.143.204.195', '84.171.77.30', '84.173.96.139', '84.173.97.110', '84.186.193.215', '84.186.200.66', '84.186.216.60', '84.19.178.52', '84.200.82.163', '84.22.42.246', '84.220.9.175', '84.48.58.195', '84.58.99.92', '84.59.230.88', '84.74.11.222', '84.92.24.214', '84.92.97.97', '85.1.174.84', '85.1.210.56', '85.10.210.199', '85.10.211.53', '85.119.82.4', '85.119.83.44', '85.143.95.50', '85.150.210.68', '85.159.113.228', '85.17.132.245', '85.17.132.246', '85.17.177.73', '85.17.190.77', '85.17.190.77', '85.17.190.79', '85.17.190.79', '85.176.188.244', '85.177.18.205', '85.197.18.135', '85.197.19.174', '85.197.8.168', '85.202.225.209', '85.219.19.103', '85.226.63.243', '85.229.107.15', '85.23.243.147', '85.24.215.117', '85.244.212.85', '85.247.196.214', '85.25.103.119', '85.25.153.79', '85.25.47.53', '85.30.169.225', '85.55.10.92', '85.69.222.136', '85.69.93.46', '85.93.218.204', '86.11.185.52', '86.154.11.45', '86.178.118.3', '86.178.118.3', '86.208.128.90', '86.41.220.123', '87.102.207.135', '87.106.148.90', '87.106.17.8', '87.106.20.246', '87.117.219.140', '87.118.112.173', '87.118.84.181', '87.118.91.140', '87.146.194.90', '87.146.206.236', '87.161.192.47', '87.161.193.52', '87.161.200.161', '87.161.206.8', '87.181.78.154', '87.188.194.203', '87.188.209.155', '87.188.211.250', '87.188.212.99', '87.20.122.117', '87.236.195.185', '87.244.255.218', '87.252.5.163', '87.254.99.95', '87.64.170.111', '87.64.77.180', '87.64.87.36', '87.64.98.14', '87.72.35.239', '87.81.139.118', '87.81.148.61', '87.98.159.231', '87.98.178.61', '87.98.206.70', '87.98.250.222', '87.98.250.244', '88.106.232.55', '88.126.143.47', '88.135.119.114', '88.142.236.232', '88.161.203.46', '88.166.192.181', '88.195.207.117', '88.198.120.155', '88.198.56.140', '88.204.113.189', '88.67.147.33', '88.68.19.160', '88.68.19.55', '88.76.27.145', '88.77.205.148', '88.77.210.203', '88.77.218.22', '88.77.223.145', '88.87.78.104', '88.91.213.148', '89.0.221.253', '89.0.223.160', '89.0.225.32', '89.0.228.99', '89.0.238.177', '89.0.242.16', '89.105.197.130', '89.106.244.21', '89.108.86.11', '89.132.37.56', '89.134.1.231', '89.134.25.218', '89.140.118.181', '89.140.118.196', '89.140.98.60', '89.163.171.250', '89.163.185.186', '89.163.224.168', '89.187.142.208', '89.207.133.55', '89.223.63.85', '89.234.157.254', '89.234.157.254', '89.248.166.121', '89.252.1.37', '89.31.57.5', '89.67.140.118', '89.73.177.236', '89.94.200.246', '90.146.29.56', '90.149.81.122', '90.214.86.227', '90.231.152.159', '90.63.161.120', '91.10.23.228', '91.10.52.71', '91.10.7.73', '91.10.8.26', '91.109.247.173', '91.119.229.161', '91.121.100.200', '91.121.104.168', '91.121.159.196', '91.121.169.33', '91.123.200.168', '91.138.68.143', '91.146.121.3', '91.176.208.211', '91.176.223.162', '91.185.200.222', '91.199.197.76', '91.200.85.68', '91.206.142.70', '91.208.84.72', '91.210.106.27', '91.213.8.235', '91.213.8.235', '91.213.8.236', '91.213.8.43', '91.213.8.84', '91.214.168.240', '91.219.237.244', '91.221.111.7', '91.228.151.52', '91.233.116.68', '91.234.22.48', '91.234.226.35', '91.238.60.100', '91.51.233.99', '91.51.242.250', '91.51.245.99', '91.51.251.222', '91.51.67.174', '91.51.69.20', '91.51.79.241', '91.51.82.151', '91.82.237.127', '91.9.235.141', '91.9.239.171', '92.111.156.14', '92.194.31.194', '92.194.64.195', '92.195.2.125', '92.195.27.216', '92.195.40.214', '92.195.70.217', '92.20.203.76', '92.21.243.87', '92.211.222.114', '92.217.31.225', '92.217.34.92', '92.217.89.207', '92.222.65.128', '92.222.69.188', '92.243.69.105', '92.74.53.122', '93.115.241.2', '93.115.94.243', '93.115.94.244', '93.126.101.223', '93.129.2.198', '93.129.30.135', '93.167.245.178', '93.174.90.30', '93.174.93.63', '93.184.66.227', '93.185.101.172', '93.193.191.95', '93.220.11.164', '93.220.19.159', '93.220.25.134', '93.220.61.204', '93.230.175.222', '93.230.180.116', '93.31.155.175', '93.64.207.55', '93.80.163.154', '93.91.50.145', '93.95.228.5', '93.95.228.51', '93.95.228.82', '93.99.5.140', '94.102.53.177', '94.126.178.1', '94.127.200.230', '94.142.241.241', '94.142.242.30', '94.142.245.231', '94.181.10.191', '94.194.167.137', '94.194.61.202', '94.198.100.17', '94.199.51.101', '94.2.112.82', '94.210.0.28', '94.216.122.200', '94.216.178.132', '94.219.119.242', '94.221.100.114', '94.23.252.31', '94.23.30.53', '94.23.88.146', '94.242.198.164', '94.242.246.23', '94.242.246.24', '94.242.251.112', '94.242.252.41', '94.242.254.81', '94.242.254.81', '94.242.57.196', '94.242.57.38', '94.244.144.164', '94.254.48.194', '94.45.59.240', '94.70.136.156', '94.77.131.132', '95.128.43.164', '95.130.11.147', '95.130.11.170', '95.130.11.214', '95.130.15.251', '95.130.15.252', '95.130.15.253', '95.130.15.254', '95.130.15.96', '95.130.15.97', '95.130.9.190', '95.130.9.89', '95.130.9.89', '95.131.135.179', '95.131.234.2', '95.140.42.183', '95.142.161.63', '95.154.24.73', '95.157.8.60', '95.211.205.151', '95.211.229.158', '95.215.44.105', '95.215.44.194', '95.215.44.249', '95.215.45.195', '95.215.46.36', '95.215.47.117', '95.215.47.177', '95.220.105.202', '95.220.140.34', '95.220.153.101', '95.222.227.54', '95.238.237.133', '95.29.157.201', '95.55.5.215', '95.72.43.18', '95.72.46.195', '95.73.222.173', '95.73.49.186', '95.79.96.95', '95.84.144.73', '95.85.10.71', '96.233.50.207', '96.254.24.221', '96.35.130.131', '96.44.189.100', '96.44.189.101', '96.44.189.102', '96.47.226.20', '96.47.226.21', '96.47.226.22', '96.54.93.12', '98.124.116.198', '98.127.107.60']; -db.security.update({ip:{$in:ips}}, {$set:{tor:true}}, {multi: true}); +db.security.update({ip:{$in:ips}}, {$set:{tor:true,up:false}}, {multi: true}); db.firewall.remove({_id:{$in:ips}}); diff --git a/modules/security/src/main/Api.scala b/modules/security/src/main/Api.scala index 73dfc4e934..0e803053b7 100644 --- a/modules/security/src/main/Api.scala +++ b/modules/security/src/main/Api.scala @@ -20,10 +20,13 @@ private[security] final class Api(firewall: Firewall, tor: Tor) { ) def saveAuthentication(id: String, apiVersion: Option[Int])(implicit req: RequestHeader): Fu[String] = { - val sessionId = Random nextStringUppercase 12 - Store.save( - sessionId, id, req, apiVersion, tor isExitNode req.remoteAddress - ) inject sessionId + if (tor isExitNode req.remoteAddress) fufail(Api.AuthFromTorExitNode) + else { + val sessionId = Random nextStringUppercase 12 + Store.save( + sessionId, id, req, apiVersion, tor isExitNode req.remoteAddress + ) inject sessionId + } } // blocking function, required by Play2 form @@ -57,3 +60,8 @@ private[security] final class Api(firewall: Firewall, tor: Tor) { } } } + +object Api { + + case object AuthFromTorExitNode extends Exception +} diff --git a/modules/security/src/main/Tor.scala b/modules/security/src/main/Tor.scala index 2971770e8c..ad1b5fe7b7 100644 --- a/modules/security/src/main/Tor.scala +++ b/modules/security/src/main/Tor.scala @@ -13,5 +13,5 @@ final class Tor(providerUrl: String) { } } - private[security] def isExitNode(ip: String) = ips contains ip + def isExitNode(ip: String) = ips contains ip }