2021-11-02 08:21:38 +13:00
|
|
|
package server
|
|
|
|
|
|
|
|
|
|
import (
|
2021-12-26 03:15:05 +13:00
|
|
|
"errors"
|
2022-12-26 05:41:38 +13:00
|
|
|
"heckel.io/ntfy/user"
|
2022-10-06 09:42:07 +13:00
|
|
|
"net/netip"
|
2021-11-02 08:21:38 +13:00
|
|
|
"sync"
|
|
|
|
|
"time"
|
2022-10-06 09:42:07 +13:00
|
|
|
|
|
|
|
|
"golang.org/x/time/rate"
|
|
|
|
|
"heckel.io/ntfy/util"
|
2021-11-02 08:21:38 +13:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
const (
|
2021-12-24 12:03:04 +13:00
|
|
|
// visitorExpungeAfter defines how long a visitor is active before it is removed from memory. This number
|
|
|
|
|
// has to be very high to prevent e-mail abuse, but it doesn't really affect the other limits anyway, since
|
|
|
|
|
// they are replenished faster (typically).
|
|
|
|
|
visitorExpungeAfter = 24 * time.Hour
|
2021-11-02 08:21:38 +13:00
|
|
|
)
|
|
|
|
|
|
2021-12-26 03:15:05 +13:00
|
|
|
var (
|
|
|
|
|
errVisitorLimitReached = errors.New("limit reached")
|
|
|
|
|
)
|
|
|
|
|
|
2021-11-02 08:21:38 +13:00
|
|
|
// visitor represents an API user, and its associated rate.Limiter used for rate limiting
|
|
|
|
|
type visitor struct {
|
2022-12-20 03:59:32 +13:00
|
|
|
config *Config
|
|
|
|
|
messageCache *messageCache
|
2023-01-03 14:08:37 +13:00
|
|
|
userManager *user.Manager // May be nil!
|
2022-12-20 03:59:32 +13:00
|
|
|
ip netip.Addr
|
2022-12-26 05:41:38 +13:00
|
|
|
user *user.User
|
2022-12-21 15:18:33 +13:00
|
|
|
messages int64 // Number of messages sent
|
|
|
|
|
emails int64 // Number of emails sent
|
|
|
|
|
requestLimiter *rate.Limiter // Rate limiter for (almost) all requests (including messages)
|
|
|
|
|
emailsLimiter *rate.Limiter // Rate limiter for emails
|
|
|
|
|
subscriptionLimiter util.Limiter // Fixed limiter for active subscriptions (ongoing connections)
|
2022-12-20 03:59:32 +13:00
|
|
|
bandwidthLimiter util.Limiter
|
2022-12-25 06:10:51 +13:00
|
|
|
accountLimiter *rate.Limiter // Rate limiter for account creation
|
|
|
|
|
firebase time.Time // Next allowed Firebase message
|
2022-12-20 03:59:32 +13:00
|
|
|
seen time.Time
|
|
|
|
|
mu sync.Mutex
|
2021-11-02 08:21:38 +13:00
|
|
|
}
|
|
|
|
|
|
2022-12-28 16:14:14 +13:00
|
|
|
type visitorInfo struct {
|
2023-01-08 15:04:13 +13:00
|
|
|
Basis string // "ip", "role" or "tier"
|
2022-12-20 10:22:13 +13:00
|
|
|
Messages int64
|
|
|
|
|
MessagesLimit int64
|
|
|
|
|
MessagesRemaining int64
|
2023-01-08 03:34:02 +13:00
|
|
|
MessagesExpiryDuration int64
|
2022-12-20 10:22:13 +13:00
|
|
|
Emails int64
|
|
|
|
|
EmailsLimit int64
|
|
|
|
|
EmailsRemaining int64
|
2023-01-08 15:04:13 +13:00
|
|
|
Reservations int64
|
|
|
|
|
ReservationsLimit int64
|
|
|
|
|
ReservationsRemaining int64
|
2022-12-20 10:22:13 +13:00
|
|
|
AttachmentTotalSize int64
|
|
|
|
|
AttachmentTotalSizeLimit int64
|
|
|
|
|
AttachmentTotalSizeRemaining int64
|
|
|
|
|
AttachmentFileSizeLimit int64
|
2023-01-08 03:34:02 +13:00
|
|
|
AttachmentExpiryDuration int64
|
2022-04-04 04:39:52 +12:00
|
|
|
}
|
|
|
|
|
|
2023-01-03 14:08:37 +13:00
|
|
|
func newVisitor(conf *Config, messageCache *messageCache, userManager *user.Manager, ip netip.Addr, user *user.User) *visitor {
|
2022-12-25 06:10:51 +13:00
|
|
|
var requestLimiter, emailsLimiter, accountLimiter *rate.Limiter
|
2022-12-21 15:18:33 +13:00
|
|
|
var messages, emails int64
|
|
|
|
|
if user != nil {
|
|
|
|
|
messages = user.Stats.Messages
|
|
|
|
|
emails = user.Stats.Emails
|
2022-12-25 06:10:51 +13:00
|
|
|
} else {
|
|
|
|
|
accountLimiter = rate.NewLimiter(rate.Every(conf.VisitorAccountCreateLimitReplenish), conf.VisitorAccountCreateLimitBurst)
|
2022-12-21 15:18:33 +13:00
|
|
|
}
|
2023-01-08 15:04:13 +13:00
|
|
|
if user != nil && user.Tier != nil {
|
|
|
|
|
requestLimiter = rate.NewLimiter(dailyLimitToRate(user.Tier.MessagesLimit), conf.VisitorRequestLimitBurst)
|
|
|
|
|
emailsLimiter = rate.NewLimiter(dailyLimitToRate(user.Tier.EmailsLimit), conf.VisitorEmailLimitBurst)
|
2022-12-18 17:54:19 +13:00
|
|
|
} else {
|
2022-12-19 08:35:05 +13:00
|
|
|
requestLimiter = rate.NewLimiter(rate.Every(conf.VisitorRequestLimitReplenish), conf.VisitorRequestLimitBurst)
|
2022-12-20 10:22:13 +13:00
|
|
|
emailsLimiter = rate.NewLimiter(rate.Every(conf.VisitorEmailLimitReplenish), conf.VisitorEmailLimitBurst)
|
2022-12-18 17:54:19 +13:00
|
|
|
}
|
2021-11-02 08:21:38 +13:00
|
|
|
return &visitor{
|
2022-12-20 03:59:32 +13:00
|
|
|
config: conf,
|
|
|
|
|
messageCache: messageCache,
|
2023-01-03 14:08:37 +13:00
|
|
|
userManager: userManager, // May be nil!
|
2022-12-20 03:59:32 +13:00
|
|
|
ip: ip,
|
|
|
|
|
user: user,
|
2022-12-21 15:18:33 +13:00
|
|
|
messages: messages,
|
|
|
|
|
emails: emails,
|
2022-12-20 03:59:32 +13:00
|
|
|
requestLimiter: requestLimiter,
|
2022-12-20 10:22:13 +13:00
|
|
|
emailsLimiter: emailsLimiter,
|
2022-12-20 03:59:32 +13:00
|
|
|
subscriptionLimiter: util.NewFixedLimiter(int64(conf.VisitorSubscriptionLimit)),
|
|
|
|
|
bandwidthLimiter: util.NewBytesLimiter(conf.VisitorAttachmentDailyBandwidthLimit, 24*time.Hour),
|
2022-12-25 06:10:51 +13:00
|
|
|
accountLimiter: accountLimiter, // May be nil
|
2022-12-20 03:59:32 +13:00
|
|
|
firebase: time.Unix(0, 0),
|
|
|
|
|
seen: time.Now(),
|
2021-11-02 08:21:38 +13:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (v *visitor) RequestAllowed() error {
|
2022-12-19 08:35:05 +13:00
|
|
|
if !v.requestLimiter.Allow() {
|
2021-12-26 03:15:05 +13:00
|
|
|
return errVisitorLimitReached
|
2021-12-24 12:03:04 +13:00
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-01 12:38:56 +12:00
|
|
|
func (v *visitor) FirebaseAllowed() error {
|
|
|
|
|
v.mu.Lock()
|
|
|
|
|
defer v.mu.Unlock()
|
|
|
|
|
if time.Now().Before(v.firebase) {
|
|
|
|
|
return errVisitorLimitReached
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (v *visitor) FirebaseTemporarilyDeny() {
|
|
|
|
|
v.mu.Lock()
|
|
|
|
|
defer v.mu.Unlock()
|
2022-06-01 15:27:24 +12:00
|
|
|
v.firebase = time.Now().Add(v.config.FirebaseQuotaExceededPenaltyDuration)
|
2022-06-01 12:38:56 +12:00
|
|
|
}
|
|
|
|
|
|
2021-12-24 12:03:04 +13:00
|
|
|
func (v *visitor) EmailAllowed() error {
|
2022-12-20 03:59:32 +13:00
|
|
|
if !v.emailsLimiter.Allow() {
|
2021-12-26 03:15:05 +13:00
|
|
|
return errVisitorLimitReached
|
2021-11-02 08:21:38 +13:00
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2021-12-26 03:15:05 +13:00
|
|
|
func (v *visitor) SubscriptionAllowed() error {
|
2021-11-02 08:21:38 +13:00
|
|
|
v.mu.Lock()
|
|
|
|
|
defer v.mu.Unlock()
|
2022-12-20 03:59:32 +13:00
|
|
|
if err := v.subscriptionLimiter.Allow(1); err != nil {
|
2021-12-26 03:15:05 +13:00
|
|
|
return errVisitorLimitReached
|
2021-11-02 08:21:38 +13:00
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (v *visitor) RemoveSubscription() {
|
|
|
|
|
v.mu.Lock()
|
|
|
|
|
defer v.mu.Unlock()
|
2022-12-20 03:59:32 +13:00
|
|
|
v.subscriptionLimiter.Allow(-1)
|
2021-11-02 08:21:38 +13:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (v *visitor) Keepalive() {
|
|
|
|
|
v.mu.Lock()
|
|
|
|
|
defer v.mu.Unlock()
|
|
|
|
|
v.seen = time.Now()
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-13 15:24:48 +13:00
|
|
|
func (v *visitor) BandwidthLimiter() util.Limiter {
|
2022-12-20 03:59:32 +13:00
|
|
|
return v.bandwidthLimiter
|
2022-01-13 12:52:07 +13:00
|
|
|
}
|
|
|
|
|
|
2021-11-02 08:21:38 +13:00
|
|
|
func (v *visitor) Stale() bool {
|
|
|
|
|
v.mu.Lock()
|
|
|
|
|
defer v.mu.Unlock()
|
|
|
|
|
return time.Since(v.seen) > visitorExpungeAfter
|
|
|
|
|
}
|
2022-04-04 04:39:52 +12:00
|
|
|
|
2022-12-20 03:59:32 +13:00
|
|
|
func (v *visitor) IncrMessages() {
|
|
|
|
|
v.mu.Lock()
|
|
|
|
|
defer v.mu.Unlock()
|
|
|
|
|
v.messages++
|
2022-12-21 15:18:33 +13:00
|
|
|
if v.user != nil {
|
|
|
|
|
v.user.Stats.Messages = v.messages
|
|
|
|
|
}
|
2022-12-20 03:59:32 +13:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (v *visitor) IncrEmails() {
|
|
|
|
|
v.mu.Lock()
|
|
|
|
|
defer v.mu.Unlock()
|
|
|
|
|
v.emails++
|
2022-12-21 15:18:33 +13:00
|
|
|
if v.user != nil {
|
|
|
|
|
v.user.Stats.Emails = v.emails
|
|
|
|
|
}
|
2022-12-20 03:59:32 +13:00
|
|
|
}
|
|
|
|
|
|
2022-12-28 16:14:14 +13:00
|
|
|
func (v *visitor) Info() (*visitorInfo, error) {
|
2022-12-20 03:59:32 +13:00
|
|
|
v.mu.Lock()
|
2022-12-20 15:42:36 +13:00
|
|
|
messages := v.messages
|
|
|
|
|
emails := v.emails
|
|
|
|
|
v.mu.Unlock()
|
2022-12-28 16:14:14 +13:00
|
|
|
info := &visitorInfo{}
|
2022-12-26 05:41:38 +13:00
|
|
|
if v.user != nil && v.user.Role == user.RoleAdmin {
|
2022-12-28 16:14:14 +13:00
|
|
|
info.Basis = "role"
|
2023-01-02 14:42:33 +13:00
|
|
|
// All limits are zero!
|
2023-01-08 03:34:02 +13:00
|
|
|
info.MessagesExpiryDuration = 24 * 3600 // FIXME this is awful. Should be from the Unlimited plan
|
|
|
|
|
info.AttachmentExpiryDuration = 24 * 3600 // FIXME this is awful. Should be from the Unlimited plan
|
2023-01-08 15:04:13 +13:00
|
|
|
} else if v.user != nil && v.user.Tier != nil {
|
|
|
|
|
info.Basis = "tier"
|
|
|
|
|
info.MessagesLimit = v.user.Tier.MessagesLimit
|
|
|
|
|
info.MessagesExpiryDuration = v.user.Tier.MessagesExpiryDuration
|
|
|
|
|
info.EmailsLimit = v.user.Tier.EmailsLimit
|
|
|
|
|
info.ReservationsLimit = v.user.Tier.ReservationsLimit
|
|
|
|
|
info.AttachmentTotalSizeLimit = v.user.Tier.AttachmentTotalSizeLimit
|
|
|
|
|
info.AttachmentFileSizeLimit = v.user.Tier.AttachmentFileSizeLimit
|
|
|
|
|
info.AttachmentExpiryDuration = v.user.Tier.AttachmentExpiryDuration
|
2022-12-20 10:22:13 +13:00
|
|
|
} else {
|
2022-12-28 16:14:14 +13:00
|
|
|
info.Basis = "ip"
|
|
|
|
|
info.MessagesLimit = replenishDurationToDailyLimit(v.config.VisitorRequestLimitReplenish)
|
2023-01-08 03:34:02 +13:00
|
|
|
info.MessagesExpiryDuration = int64(v.config.CacheDuration.Seconds())
|
2022-12-28 16:14:14 +13:00
|
|
|
info.EmailsLimit = replenishDurationToDailyLimit(v.config.VisitorEmailLimitReplenish)
|
2023-01-08 15:04:13 +13:00
|
|
|
info.ReservationsLimit = 0 // FIXME
|
2022-12-28 16:14:14 +13:00
|
|
|
info.AttachmentTotalSizeLimit = v.config.VisitorAttachmentTotalSizeLimit
|
|
|
|
|
info.AttachmentFileSizeLimit = v.config.AttachmentFileSizeLimit
|
2023-01-08 03:34:02 +13:00
|
|
|
info.AttachmentExpiryDuration = int64(v.config.AttachmentExpiryDuration.Seconds())
|
2022-12-20 10:22:13 +13:00
|
|
|
}
|
2023-01-03 14:08:37 +13:00
|
|
|
var attachmentsBytesUsed int64 // FIXME Maybe move this to endpoint?
|
2022-12-20 15:42:36 +13:00
|
|
|
var err error
|
|
|
|
|
if v.user != nil {
|
|
|
|
|
attachmentsBytesUsed, err = v.messageCache.AttachmentBytesUsedByUser(v.user.Name)
|
|
|
|
|
} else {
|
|
|
|
|
attachmentsBytesUsed, err = v.messageCache.AttachmentBytesUsedBySender(v.ip.String())
|
|
|
|
|
}
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2023-01-08 15:04:13 +13:00
|
|
|
var reservations int64
|
2023-01-03 14:08:37 +13:00
|
|
|
if v.user != nil && v.userManager != nil {
|
2023-01-08 15:04:13 +13:00
|
|
|
reservations, err = v.userManager.ReservationsCount(v.user.Name) // FIXME dup call, move this to endpoint?
|
2023-01-03 14:08:37 +13:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
2023-01-02 14:42:33 +13:00
|
|
|
}
|
|
|
|
|
}
|
2022-12-28 16:14:14 +13:00
|
|
|
info.Messages = messages
|
|
|
|
|
info.MessagesRemaining = zeroIfNegative(info.MessagesLimit - info.Messages)
|
|
|
|
|
info.Emails = emails
|
|
|
|
|
info.EmailsRemaining = zeroIfNegative(info.EmailsLimit - info.Emails)
|
2023-01-08 15:04:13 +13:00
|
|
|
info.Reservations = reservations
|
|
|
|
|
info.ReservationsRemaining = zeroIfNegative(info.ReservationsLimit - info.Reservations)
|
2022-12-28 16:14:14 +13:00
|
|
|
info.AttachmentTotalSize = attachmentsBytesUsed
|
|
|
|
|
info.AttachmentTotalSizeRemaining = zeroIfNegative(info.AttachmentTotalSizeLimit - info.AttachmentTotalSize)
|
|
|
|
|
return info, nil
|
2022-12-20 10:22:13 +13:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func zeroIfNegative(value int64) int64 {
|
|
|
|
|
if value < 0 {
|
|
|
|
|
return 0
|
|
|
|
|
}
|
|
|
|
|
return value
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func replenishDurationToDailyLimit(duration time.Duration) int64 {
|
|
|
|
|
return int64(24 * time.Hour / duration)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func dailyLimitToRate(limit int64) rate.Limit {
|
|
|
|
|
return rate.Limit(limit) * rate.Every(24*time.Hour)
|
2022-04-04 04:39:52 +12:00
|
|
|
}
|
