commit 23941641905b99d4980e13ce00f94e6df872f5b8
parent 02ffc8a6db99a67a3e0f126f20f1c77cd9621896
Author: Martin Schanzenbach <schanzen@gnunet.org>
Date: Sun, 17 Jul 2022 17:34:36 +0200
simplify limitations for registrations
Diffstat:
1 file changed, 10 insertions(+), 47 deletions(-)
diff --git a/pkg/rest/taldir.go b/pkg/rest/taldir.go
@@ -22,8 +22,6 @@ package taldir
- ToS API (terms, privacy) with localizions
- ToS compression
- ToS etag
- - Base32: Use gnunet-go module? (currently copied)
- - OrderId processing (WIP)
- Maintenance of database: When to delete expired validations?
Currently, we expire on startup 1 day old validations
*/
@@ -80,7 +78,7 @@ type Taldir struct {
ValidationTimeframe time.Duration
// How often may a challenge be requested
- ValidationInitiationMax int
+ ValidationInitiationMax int64
// How often may a solution be attempted (in the given timeframe)
SolutionAttemptsMax int
@@ -157,13 +155,6 @@ type RegisterMessage struct {
Duration int64 `json:"duration"`
}
-// Order is part of the RegisterMessage payload but optional and as such
-// processed separately
-type Order struct {
- // Order ID, if the client recently paid for this registration
- ID string `json:"order_id"`
-}
-
// Entry is a mapping from the identity key hash to a wallet key
// The identity key hash is sha512(sha512(address)|salt) where identity is
// one of the identity key types supported (e.g. an email address)
@@ -360,7 +351,6 @@ func (t *Taldir) validationRequest(w http.ResponseWriter, r *http.Request){
w.WriteHeader(http.StatusForbidden)
return
}
- // FIXME: Expire validations somewhere?
err = t.Db.Delete(&validation).Error
if err != nil {
log.Fatalf("Error deleting validation")
@@ -386,31 +376,13 @@ func (t *Taldir) validationRequest(w http.ResponseWriter, r *http.Request){
}
func (t *Taldir) isRateLimited(hAddress string) (bool, error) {
- var validationMetadata validationMetadata
- err := t.Db.First(&validationMetadata, "h_address = ?", hAddress).Error
+ var validations []validation
+ res := t.Db.Where("h_address = ?", hAddress).Find(&validations)
// NOTE: Check rate limit
- if err == nil {
- // Limit re-initiation attempts
- // FIXME: Do not limit tries. Very unlikely.
- validationMetadata.InitiationCount++
- if time.Now().Before(validationMetadata.TimeframeStart.Add(t.ValidationTimeframe)) {
- if validationMetadata.InitiationCount > t.ValidationInitiationMax {
- return true, nil
- }
- } else {
- log.Println("Validation stale, resetting retry counter")
- validationMetadata.TimeframeStart = time.Now()
- validationMetadata.InitiationCount = 1
- }
- err = t.Db.Save(&validationMetadata).Error
- } else {
- validationMetadata.HAddress = hAddress
- validationMetadata.InitiationCount = 1
- validationMetadata.TimeframeStart = time.Now()
- err = t.Db.Create(&validationMetadata).Error
- }
- if err != nil {
- return false, err
+ if res.Error == nil {
+ // Limit re-initiation attempts to ValidationInitiationMax times
+ // within the expiration timeframe of a validation.
+ return res.RowsAffected >= t.ValidationInitiationMax, nil
}
return false, nil
}
@@ -421,7 +393,6 @@ func (t *Taldir) registerRequest(w http.ResponseWriter, r *http.Request){
var errDetail ErrorDetail
var validation validation
var entry entry
- var order Order
// Check if this validation method is supported or not.
if !t.Validators[vars["method"]] {
errDetail.Code = gana.TALDIR_METHOD_NOT_SUPPORTED
@@ -445,7 +416,6 @@ func (t *Taldir) registerRequest(w http.ResponseWriter, r *http.Request){
w.Write(resp)
return
}
- json.NewDecoder(r.Body).Decode(&order)
// Setup validation object. Retrieve object from DB if it already
// exists.
@@ -481,7 +451,7 @@ func (t *Taldir) registerRequest(w http.ResponseWriter, r *http.Request){
w.WriteHeader(http.StatusTooManyRequests)
rlResponse := RateLimitedResponse{
Code: gana.TALDIR_REGISTER_RATE_LIMITED,
- RequestFrequency: t.ValidationTimeframe.Microseconds() / int64(t.ValidationInitiationMax),
+ RequestFrequency: t.ValidationTimeframe.Microseconds() / t.ValidationInitiationMax,
Hint: "Registration rate limit reached",
}
jsonResp, _ := json.Marshal(rlResponse)
@@ -516,12 +486,6 @@ func (t *Taldir) registerRequest(w http.ResponseWriter, r *http.Request){
return
}
if !cost.IsZero() {
- if validationExists {
- if order.ID != validation.OrderID {
- w.WriteHeader(http.StatusConflict)
- return
- }
- }
if len(validation.OrderID) == 0 {
// Add new order for new validations
orderID, newOrderErr := t.Merchant.AddNewOrder(*cost)
@@ -533,8 +497,7 @@ func (t *Taldir) registerRequest(w http.ResponseWriter, r *http.Request){
validation.OrderID = orderID
}
- // FIXME what if provided order ID and validation order ID differ???
- // Check if order paid. FIXME: How to check if this the a correct order??
+ // Check if order paid.
// FIXME: Remember that it was activated and paid
payto, paytoErr := t.Merchant.IsOrderPaid(validation.OrderID)
if paytoErr != nil {
@@ -772,7 +735,7 @@ func (t *Taldir) Initialize(cfgfile string) {
t.Validators[a] = true
}
t.ChallengeBytes = t.Cfg.Section("taldir").Key("challenge_bytes").MustInt(16)
- t.ValidationInitiationMax = t.Cfg.Section("taldir").Key("validation_initiation_max").MustInt(3)
+ t.ValidationInitiationMax = t.Cfg.Section("taldir").Key("validation_initiation_max").MustInt64(3)
t.SolutionAttemptsMax = t.Cfg.Section("taldir").Key("solution_attempt_max").MustInt(3)
validationTTLStr := t.Cfg.Section("taldir").Key("validation_timeframe").MustString("5m")
