loosen rate limit, fix db error

This commit is contained in:
Evert Prants 2021-02-13 20:58:50 +02:00
parent 723b2e4aa5
commit b2a1e71e8d
Signed by: evert
GPG Key ID: 1688DA83D222D0B5

30
app.js
View File

@ -93,9 +93,9 @@ const wss = new WebSocket.Server({ clientTracking: false, noServer: true })
// Rate limits // Rate limits
const emlLimiter = rateLimit({ const emlLimiter = rateLimit({
windowMs: 1000 * 60 * 60 * 24, windowMs: 1000 * 60 * 60,
max: 5, max: 16,
message: 'Too many subscription attempts from this IP address. Try again in 24 hours.' message: 'Too many subscription attempts from this IP address. Try again in an hour.'
}) })
// Authentication // Authentication
@ -132,23 +132,23 @@ async function sendEmailPush(channel) {
return return
} }
const db = await dbPromise const db = await dbPromise
const { name } = await db.get('SELECT name FROM channels WHERE user_uuid = ?', channel) const data = await db.get('SELECT name FROM channels WHERE user_uuid = ?', channel)
if (!name) { if (!data) {
return; return;
} }
const subs = await db.all('SELECT email,unsubkey FROM emailsub WHERE uuid = ? AND active = 1', channel); const subs = await db.all('SELECT email,unsubkey FROM emailsub WHERE uuid = ? AND active = 1', channel);
for (const sub of subs) { for (const sub of subs) {
const unsubURL = config.Email.baseURL + 'unsubscribe/' + sub.unsubkey const unsubURL = config.Email.baseURL + 'unsubscribe/' + sub.unsubkey
const watchURL = config.Email.baseURL + 'watch/' + name const watchURL = config.Email.baseURL + 'watch/' + data.name
emailTransport.sendMail({ emailTransport.sendMail({
from: config.Email.from, from: config.Email.from,
to: sub.email, to: sub.email,
subject: `🔴 ${name} has gone LIVE on IcyTV!`, subject: `🔴 ${data.name} has gone LIVE on IcyTV!`,
text: `${name} has gone LIVE on IcyTV!\nWatch now: ${watchURL}` text: `${data.name} has gone LIVE on IcyTV!\nWatch now: ${watchURL}`
+ `\n\nUnsubscribe from ${name}: ${unsubURL}`, + `\n\nUnsubscribe from ${data.name}: ${unsubURL}`,
html: `<h1>${name} has gone LIVE on IcyTV!</h1><p>Watch now: ` html: `<h1>${data.name} has gone LIVE on IcyTV!</h1><p>Watch now: `
+ `<a href="${watchURL}" target="_blank" rel="nofollow">${watchURL}</a>` + `<a href="${watchURL}" target="_blank" rel="nofollow">${watchURL}</a>`
+ `</p><br/><p>Unsubscribe from ${name}: ` + `</p><br/><p>Unsubscribe from ${data.name}: `
+ `<a href="${unsubURL}" target="_blank" rel="nofollow">${unsubURL}</a></p>`, + `<a href="${unsubURL}" target="_blank" rel="nofollow">${unsubURL}</a></p>`,
}).catch(e => console.error(e)) }).catch(e => console.error(e))
} }
@ -160,12 +160,12 @@ async function subscribeToChannel(channel, email) {
} }
const db = await dbPromise const db = await dbPromise
const { user_uuid } = await db.get('SELECT user_uuid FROM channels WHERE name = ?', channel) const data = await db.get('SELECT user_uuid FROM channels WHERE name = ?', channel)
if (!user_uuid) { if (!data) {
throw new Error('Invalid channel!') throw new Error('Invalid channel!')
} }
const exists = await db.get('SELECT * FROM emailsub WHERE email = ? AND uuid = ?', [email, user_uuid]) const exists = await db.get('SELECT * FROM emailsub WHERE email = ? AND uuid = ?', [email, data.user_uuid])
if (exists) { if (exists) {
throw new Error('A subscription already exists for this email address.') throw new Error('A subscription already exists for this email address.')
} }
@ -175,7 +175,7 @@ async function subscribeToChannel(channel, email) {
const unsubKey = key() const unsubKey = key()
const activateURL = config.Email.baseURL + 'email/' + activateKey const activateURL = config.Email.baseURL + 'email/' + activateKey
await db.run('INSERT INTO emailsub (unsubkey, activatekey, email, uuid, active, created_at) VALUES ' await db.run('INSERT INTO emailsub (unsubkey, activatekey, email, uuid, active, created_at) VALUES '
+ '(?, ?, ?, ?, 0, ?)', [unsubKey, activateKey, email, user_uuid, now()]) + '(?, ?, ?, ?, 0, ?)', [unsubKey, activateKey, email, data.user_uuid, now()])
await emailTransport.sendMail({ await emailTransport.sendMail({
from: config.Email.from, from: config.Email.from,