m/umami
1
0
Fork 0
mirror of https://github.com/kremalicious/umami.git synced 2025-02-14 21:10:34 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'dev' into feat/um-285-report-schema

Browse Source
This commit is contained in:
Brian Cao 2023-05-16 14:12:39 -07:00
commit 748ad84a52
7 changed files with 33 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
components/pages/settings/teams/TeamLeaveForm.js
View File

@ -5,7 +5,7 @@ import useMessages from 'hooks/useMessages';
export function TeamLeaveForm({ teamId, userId, teamName, onSave, onClose }) { export function TeamLeaveForm({ teamId, userId, teamName, onSave, onClose }) {
const { formatMessage, labels, messages, FormattedMessage } = useMessages(); const { formatMessage, labels, messages, FormattedMessage } = useMessages();
const { del, useMutation } = useApi(); const { del, useMutation } = useApi();
const { mutate, error, isLoading } = useMutation(() => del(`/team/${teamId}/users/${userId}`)); const { mutate, error, isLoading } = useMutation(() => del(`/teams/${teamId}/users/${userId}`));
const handleSubmit = async () => { const handleSubmit = async () => {
mutate( mutate(
@ -22,7 +22,7 @@ export function TeamLeaveForm({ teamId, userId, teamName, onSave, onClose }) {
return ( return (
<Form onSubmit={handleSubmit} error={error}> <Form onSubmit={handleSubmit} error={error}>
<p> <p>
<FormattedMessage {...messages.confirmLeave} values={{ name: <b>{teamName}</b> }} /> <FormattedMessage {...messages.confirmDelete} values={{ target: <b>{teamName}</b> }} />
</p> </p>
<FormButtons flex> <FormButtons flex>
<SubmitButton variant="danger" disabled={isLoading}> <SubmitButton variant="danger" disabled={isLoading}>

2
components/pages/settings/teams/TeamMemberRemoveButton.js
View File

@ -5,7 +5,7 @@ import { Icon, Icons, LoadingButton, Text } from 'react-basics';
export function TeamMemberRemoveButton({ teamId, userId, disabled, onSave }) { export function TeamMemberRemoveButton({ teamId, userId, disabled, onSave }) {
const { formatMessage, labels } = useMessages(); const { formatMessage, labels } = useMessages();
const { del, useMutation } = useApi(); const { del, useMutation } = useApi();
const { mutate, isLoading } = useMutation(() => del(`/team/${teamId}/users/${userId}`)); const { mutate, isLoading } = useMutation(() => del(`/teams/${teamId}/users/${userId}`));
const handleRemoveTeamMember = () => { const handleRemoveTeamMember = () => {
mutate( mutate(

6
lib/cache.ts
View File

@ -49,6 +49,11 @@ async function deleteSession(id) {
return deleteObject(`session:${id}`); return deleteObject(`session:${id}`);
} }
async function fetchUserBlock(userId: string) {
const key = `user:block:${userId}`;
return redis.get(key);
}
export default { export default {
fetchWebsite, fetchWebsite,
storeWebsite, storeWebsite,
@ -59,5 +64,6 @@ export default {
fetchSession, fetchSession,
storeSession, storeSession,
deleteSession, deleteSession,
fetchUserBlock,
enabled: redis.enabled, enabled: redis.enabled,
}; };

11
lib/middleware.ts
View File

@ -1,4 +1,10 @@
import { createMiddleware, unauthorized, badRequest, parseSecureToken } from 'next-basics'; import {
createMiddleware,
unauthorized,
badRequest,
parseSecureToken,
tooManyRequest,
} from 'next-basics';
import debug from 'debug'; import debug from 'debug';
import cors from 'cors'; import cors from 'cors';
import { validate } from 'uuid'; import { validate } from 'uuid';
@ -30,6 +36,9 @@ export const useSession = createMiddleware(async (req, res, next) => {
(req as any).session = session; (req as any).session = session;
} catch (e: any) { } catch (e: any) {
if (e.message === 'Usage Limit.') {
return tooManyRequest(res, e.message);
}
return badRequest(res, e.message); return badRequest(res, e.message);
} }

13
lib/session.ts
View File

@ -6,6 +6,7 @@ import { CollectRequestBody, NextApiRequestCollect } from 'pages/api/send';
import { createSession } from 'queries'; import { createSession } from 'queries';
import { validate } from 'uuid'; import { validate } from 'uuid';
import { loadSession, loadWebsite } from './query'; import { loadSession, loadWebsite } from './query';
import cache from './cache';
export async function findSession(req: NextApiRequestCollect) { export async function findSession(req: NextApiRequestCollect) {
const { payload } = getJsonBody<CollectRequestBody>(req); const { payload } = getJsonBody<CollectRequestBody>(req);
@ -21,6 +22,8 @@ export async function findSession(req: NextApiRequestCollect) {
const result = await parseToken(cacheToken, secret()); const result = await parseToken(cacheToken, secret());
if (result) { if (result) {
await checkUserBlock(result?.ownerId);
return result; return result;
} }
} }
@ -39,6 +42,8 @@ export async function findSession(req: NextApiRequestCollect) {
throw new Error(`Website not found: ${websiteId}.`); throw new Error(`Website not found: ${websiteId}.`);
} }
await checkUserBlock(website.userId);
const { userAgent, browser, os, ip, country, subdivision1, subdivision2, city, device } = const { userAgent, browser, os, ip, country, subdivision1, subdivision2, city, device } =
await getClientInfo(req, payload); await getClientInfo(req, payload);
const sessionId = uuid(websiteId, hostname, ip, userAgent); const sessionId = uuid(websiteId, hostname, ip, userAgent);
@ -88,5 +93,11 @@ export async function findSession(req: NextApiRequestCollect) {
} }
} }
return session; return { ...session, ownerId: website.userId };
}
async function checkUserBlock(userId: string) {
if (process.env.ENABLE_BLOCKER && (await cache.fetchUserBlock(userId))) {
throw new Error('Usage Limit.');
}
} }

2
pages/api/auth/login.ts
View File

@ -50,7 +50,7 @@ export default async (
return ok(res, { return ok(res, {
token, token,
user: { id: user.id, username: user.username, createdAt: user.createdAt }, user: { id: user.id, username: user.username, role: user.role, createdAt: user.createdAt },
}); });
} }

1
pages/api/send.ts
View File

@ -28,6 +28,7 @@ export interface NextApiRequestCollect extends NextApiRequest {
session: { session: {
id: string; id: string;
websiteId: string; websiteId: string;
ownerId: string;
hostname: string; hostname: string;
browser: string; browser: string;
os: string; os: string;