mirror of
https://github.com/0ceanSlim/grain.git
synced 2024-11-22 08:37:13 +00:00
reject events based on timestamp
This commit is contained in:
parent
108142b801
commit
e6188796d2
@ -14,6 +14,11 @@ server:
|
|||||||
max_connections: 100
|
max_connections: 100
|
||||||
max_subscriptions_per_client: 10
|
max_subscriptions_per_client: 10
|
||||||
|
|
||||||
|
event_time_constraints:
|
||||||
|
min_created_at: 1577836800 # January 1, 2020, as Unix timestamp
|
||||||
|
# max_created_at: 0 # Set to 0 to use the default behavior of 'now'
|
||||||
|
max_created_at_string: now+5m # Use a string to set a date for max created at in the future or past from current time
|
||||||
|
|
||||||
resource_limits:
|
resource_limits:
|
||||||
cpu_cores: 2 # Limit the number of CPU cores the application can use
|
cpu_cores: 2 # Limit the number of CPU cores the application can use
|
||||||
memory_mb: 1024 # Cap the maximum amount of RAM in MB the application can use
|
memory_mb: 1024 # Cap the maximum amount of RAM in MB the application can use
|
||||||
|
@ -6,6 +6,8 @@ import (
|
|||||||
|
|
||||||
configTypes "grain/config/types"
|
configTypes "grain/config/types"
|
||||||
|
|
||||||
|
"grain/server/utils"
|
||||||
|
|
||||||
"gopkg.in/yaml.v2"
|
"gopkg.in/yaml.v2"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -31,6 +33,9 @@ func LoadConfig(filename string) (*configTypes.ServerConfig, error) {
|
|||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Adjust event time constraints after loading
|
||||||
|
utils.AdjustEventTimeConstraints(&config)
|
||||||
|
|
||||||
once.Do(func() {
|
once.Do(func() {
|
||||||
cfg = &config
|
cfg = &config
|
||||||
})
|
})
|
||||||
|
Binary file not shown.
@ -1,5 +1,11 @@
|
|||||||
package config
|
package config
|
||||||
|
|
||||||
|
type EventTimeConstraints struct {
|
||||||
|
MinCreatedAt int64 `yaml:"min_created_at"` // Minimum allowed timestamp
|
||||||
|
MaxCreatedAt int64 `yaml:"max_created_at"` // Maximum allowed timestamp
|
||||||
|
MaxCreatedAtString string `yaml:"max_created_at_string"` // Original string value for parsing (e.g., "now+5m")
|
||||||
|
}
|
||||||
|
|
||||||
type ServerConfig struct {
|
type ServerConfig struct {
|
||||||
MongoDB struct {
|
MongoDB struct {
|
||||||
URI string `yaml:"uri"`
|
URI string `yaml:"uri"`
|
||||||
@ -7,15 +13,16 @@ type ServerConfig struct {
|
|||||||
} `yaml:"mongodb"`
|
} `yaml:"mongodb"`
|
||||||
Server struct {
|
Server struct {
|
||||||
Port string `yaml:"port"`
|
Port string `yaml:"port"`
|
||||||
ReadTimeout int `yaml:"read_timeout"` // Timeout in seconds
|
ReadTimeout int `yaml:"read_timeout"`
|
||||||
WriteTimeout int `yaml:"write_timeout"` // Timeout in seconds
|
WriteTimeout int `yaml:"write_timeout"`
|
||||||
IdleTimeout int `yaml:"idle_timeout"` // Timeout in seconds
|
IdleTimeout int `yaml:"idle_timeout"`
|
||||||
MaxConnections int `yaml:"max_connections"` // Maximum number of concurrent connections
|
MaxConnections int `yaml:"max_connections"`
|
||||||
MaxSubscriptionsPerClient int `yaml:"max_subscriptions_per_client"` // Maximum number of subscriptions per client
|
MaxSubscriptionsPerClient int `yaml:"max_subscriptions_per_client"`
|
||||||
} `yaml:"server"`
|
} `yaml:"server"`
|
||||||
RateLimit RateLimitConfig `yaml:"rate_limit"`
|
RateLimit RateLimitConfig `yaml:"rate_limit"`
|
||||||
Blacklist BlacklistConfig `yaml:"blacklist"`
|
Blacklist BlacklistConfig `yaml:"blacklist"`
|
||||||
ResourceLimits ResourceLimits `yaml:"resource_limits"`
|
ResourceLimits ResourceLimits `yaml:"resource_limits"`
|
||||||
Auth AuthConfig `yaml:"auth"`
|
Auth AuthConfig `yaml:"auth"`
|
||||||
EventPurge EventPurgeConfig `yaml:"event_purge"`
|
EventPurge EventPurgeConfig `yaml:"event_purge"`
|
||||||
|
EventTimeConstraints EventTimeConstraints `yaml:"event_time_constraints"` // Added this field
|
||||||
}
|
}
|
||||||
|
3
main.go
3
main.go
@ -28,6 +28,9 @@ func main() {
|
|||||||
|
|
||||||
restartChan := make(chan struct{})
|
restartChan := make(chan struct{})
|
||||||
go config.WatchConfigFile("config.yml", restartChan)
|
go config.WatchConfigFile("config.yml", restartChan)
|
||||||
|
go config.WatchConfigFile("whitelist.yml", restartChan)
|
||||||
|
go config.WatchConfigFile("blacklist.yml", restartChan)
|
||||||
|
go config.WatchConfigFile("relay_metadata.json", restartChan)
|
||||||
|
|
||||||
signalChan := make(chan os.Signal, 1)
|
signalChan := make(chan os.Signal, 1)
|
||||||
signal.Notify(signalChan, syscall.SIGINT, syscall.SIGTERM)
|
signal.Notify(signalChan, syscall.SIGINT, syscall.SIGTERM)
|
||||||
|
@ -6,6 +6,7 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"grain/config"
|
"grain/config"
|
||||||
"grain/server/db/mongo"
|
"grain/server/db/mongo"
|
||||||
|
"time"
|
||||||
|
|
||||||
"grain/server/handlers/response"
|
"grain/server/handlers/response"
|
||||||
"grain/server/utils"
|
"grain/server/utils"
|
||||||
@ -16,7 +17,6 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
func HandleEvent(ws *websocket.Conn, message []interface{}) {
|
func HandleEvent(ws *websocket.Conn, message []interface{}) {
|
||||||
|
|
||||||
if len(message) != 2 {
|
if len(message) != 2 {
|
||||||
fmt.Println("Invalid EVENT message format")
|
fmt.Println("Invalid EVENT message format")
|
||||||
response.SendNotice(ws, "", "Invalid EVENT message format")
|
response.SendNotice(ws, "", "Invalid EVENT message format")
|
||||||
@ -44,13 +44,19 @@ func HandleEvent(ws *websocket.Conn, message []interface{}) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Validate event timestamps
|
||||||
|
if !validateEventTimestamp(evt) {
|
||||||
|
response.SendOK(ws, evt.ID, false, "invalid: event created_at timestamp is out of allowed range")
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
// Signature check moved here
|
// Signature check moved here
|
||||||
if !utils.CheckSignature(evt) {
|
if !utils.CheckSignature(evt) {
|
||||||
response.SendOK(ws, evt.ID, false, "invalid: signature verification failed")
|
response.SendOK(ws, evt.ID, false, "invalid: signature verification failed")
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
eventSize := len(eventBytes) // Calculate event size
|
eventSize := len(eventBytes)
|
||||||
|
|
||||||
if !handleBlacklistAndWhitelist(ws, evt) {
|
if !handleBlacklistAndWhitelist(ws, evt) {
|
||||||
return
|
return
|
||||||
@ -60,11 +66,40 @@ func HandleEvent(ws *websocket.Conn, message []interface{}) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// This is where I'll handle storage for multiple database types in the future
|
// Store the event in MongoDB or other storage
|
||||||
mongo.StoreMongoEvent(context.TODO(), evt, ws)
|
mongo.StoreMongoEvent(context.TODO(), evt, ws)
|
||||||
|
|
||||||
fmt.Println("Event processed:", evt.ID)
|
fmt.Println("Event processed:", evt.ID)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate event timestamps against the configured min and max values
|
||||||
|
func validateEventTimestamp(evt nostr.Event) bool {
|
||||||
|
cfg := config.GetConfig()
|
||||||
|
if cfg == nil {
|
||||||
|
fmt.Println("Server configuration is not loaded")
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
|
||||||
|
// Use current time for max and a fixed date for min if not specified
|
||||||
|
now := time.Now().Unix()
|
||||||
|
minCreatedAt := cfg.EventTimeConstraints.MinCreatedAt
|
||||||
|
if minCreatedAt == 0 {
|
||||||
|
// Use January 1, 2020, as the default minimum timestamp
|
||||||
|
minCreatedAt = time.Date(2020, 1, 1, 0, 0, 0, 0, time.UTC).Unix()
|
||||||
|
}
|
||||||
|
|
||||||
|
maxCreatedAt := cfg.EventTimeConstraints.MaxCreatedAt
|
||||||
|
if maxCreatedAt == 0 {
|
||||||
|
// Default to the current time if not set
|
||||||
|
maxCreatedAt = now
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check if the event's created_at timestamp falls within the allowed range
|
||||||
|
if evt.CreatedAt < minCreatedAt || evt.CreatedAt > maxCreatedAt {
|
||||||
|
fmt.Printf("Event %s created_at timestamp %d is out of range [%d, %d]\n", evt.ID, evt.CreatedAt, minCreatedAt, maxCreatedAt)
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
|
||||||
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
func handleBlacklistAndWhitelist(ws *websocket.Conn, evt nostr.Event) bool {
|
func handleBlacklistAndWhitelist(ws *websocket.Conn, evt nostr.Event) bool {
|
||||||
|
34
server/utils/adjustTimeContraints.go
Normal file
34
server/utils/adjustTimeContraints.go
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
package utils
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
config "grain/config/types"
|
||||||
|
"strings"
|
||||||
|
"time"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Adjusts the event time constraints based on the configuration
|
||||||
|
func AdjustEventTimeConstraints(cfg *config.ServerConfig) {
|
||||||
|
now := time.Now()
|
||||||
|
|
||||||
|
// Adjust min_created_at (no changes needed if it's already set in the config)
|
||||||
|
if cfg.EventTimeConstraints.MinCreatedAt == 0 {
|
||||||
|
cfg.EventTimeConstraints.MinCreatedAt = time.Date(2020, 1, 1, 0, 0, 0, 0, time.UTC).Unix()
|
||||||
|
}
|
||||||
|
|
||||||
|
// Adjust max_created_at
|
||||||
|
if strings.HasPrefix(cfg.EventTimeConstraints.MaxCreatedAtString, "now") {
|
||||||
|
// Extract the offset (e.g., "+5m")
|
||||||
|
offset := strings.TrimPrefix(cfg.EventTimeConstraints.MaxCreatedAtString, "now")
|
||||||
|
duration, err := time.ParseDuration(offset)
|
||||||
|
if err != nil {
|
||||||
|
fmt.Printf("Invalid time offset for max_created_at: %s\n", offset)
|
||||||
|
cfg.EventTimeConstraints.MaxCreatedAt = now.Unix() // Default to now if parsing fails
|
||||||
|
} else {
|
||||||
|
cfg.EventTimeConstraints.MaxCreatedAt = now.Add(duration).Unix()
|
||||||
|
}
|
||||||
|
} else if cfg.EventTimeConstraints.MaxCreatedAt == 0 {
|
||||||
|
// Default to the current time if it's set to zero and no "now" keyword is used
|
||||||
|
cfg.EventTimeConstraints.MaxCreatedAt = now.Unix()
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user