From 9abd9d86b292273e90ff461ae6118ac1fd302ff0 Mon Sep 17 00:00:00 2001 From: Marcel Baumgartner Date: Mon, 18 Sep 2023 18:58:32 +0200 Subject: [PATCH] Implemented a basic bot check --- Moonlight/App/Configuration/ConfigV1.cs | 8 ++++++ .../App/Services/Sessions/IdentityService.cs | 23 ++++++++++++++- Moonlight/App/Services/UserService.cs | 13 +++++++++ Moonlight/Startup.cs | 2 +- Moonlight/wwwroot/assets/js/moonlight.js | 28 +++++++++++++------ 5 files changed, 64 insertions(+), 10 deletions(-) diff --git a/Moonlight/App/Configuration/ConfigV1.cs b/Moonlight/App/Configuration/ConfigV1.cs index fdc5c32..bae80c8 100644 --- a/Moonlight/App/Configuration/ConfigV1.cs +++ b/Moonlight/App/Configuration/ConfigV1.cs @@ -116,6 +116,14 @@ public class ConfigV1 [JsonProperty("DenyRegister")] [Description("Prevent every new user to register")] public bool DenyRegister { get; set; } = false; + + [JsonProperty("CheckForBots")] + [Description("Check for bots when a user has been registered")] + public bool CheckForBots { get; set; } = true; + + [JsonProperty("BlockLinuxUsers")] + [Description("Blocks linux users from registering")] + public bool BlockLinuxUsers { get; set; } = false; } public class CleanupData diff --git a/Moonlight/App/Services/Sessions/IdentityService.cs b/Moonlight/App/Services/Sessions/IdentityService.cs index b3be75c..77582b7 100644 --- a/Moonlight/App/Services/Sessions/IdentityService.cs +++ b/Moonlight/App/Services/Sessions/IdentityService.cs @@ -3,6 +3,7 @@ using JWT.Algorithms; using JWT.Builder; using JWT.Exceptions; using Microsoft.EntityFrameworkCore; +using Microsoft.JSInterop; using Moonlight.App.Database.Entities; using Moonlight.App.Helpers; using Moonlight.App.Perms; @@ -16,6 +17,7 @@ public class IdentityService private readonly Repository UserRepository; private readonly CookieService CookieService; private readonly IHttpContextAccessor HttpContextAccessor; + private readonly IJSRuntime JsRuntime; private readonly string Secret; public User User { get; private set; } @@ -29,11 +31,13 @@ public class IdentityService CookieService cookieService, Repository userRepository, IHttpContextAccessor httpContextAccessor, - ConfigService configService) + ConfigService configService, + IJSRuntime jsRuntime) { CookieService = cookieService; UserRepository = userRepository; HttpContextAccessor = httpContextAccessor; + JsRuntime = jsRuntime; Secret = configService .Get() @@ -260,4 +264,21 @@ public class IdentityService Permissions.IsReadyOnly = true; } + + public async Task GetBotStatus() + { + var webDriverStatus = await JsRuntime + .InvokeAsync("moonlight.utils.getWebDriverStatus"); + + if (webDriverStatus) + return true; + + var languagesStatus = await JsRuntime + .InvokeAsync("moonlight.utils.getLanguagesStatus"); + + if (languagesStatus) + return true; + + return false; + } } \ No newline at end of file diff --git a/Moonlight/App/Services/UserService.cs b/Moonlight/App/Services/UserService.cs index 2cf8df8..00a30bc 100644 --- a/Moonlight/App/Services/UserService.cs +++ b/Moonlight/App/Services/UserService.cs @@ -61,6 +61,19 @@ public class UserService Logger.Warn($"A user tried to use a blacklisted domain to register. Email: '{email}'", "security"); throw new DisplayException("This email is blacklisted"); } + + if (ConfigService.Get().Moonlight.Auth.BlockLinuxUsers && IdentityService.Device.Contains("Linux")) + throw new DisplayException("This operation was disabled"); + + if (ConfigService.Get().Moonlight.Auth.CheckForBots) + { + var isABot = await IdentityService.GetBotStatus(); + + if (isABot) + { + throw new DisplayException("This operation was disabled"); + } + } // Check if the email is already taken var emailTaken = UserRepository.Get().FirstOrDefault(x => x.Email == email) != null; diff --git a/Moonlight/Startup.cs b/Moonlight/Startup.cs index 9f9356f..4c64775 100644 --- a/Moonlight/Startup.cs +++ b/Moonlight/Startup.cs @@ -82,7 +82,7 @@ public class Startup return; } - if(ConfigService.DebugMode || uri.HostNameType == UriHostNameType.IPv4) + if(ConfigService.DebugMode || uri.HostNameType == UriHostNameType.IPv4 || !ConfigService.Get().Moonlight.LetsEncrypt.Enable) await WebApplication.RunAsync(); else await WebApplication.RunAsync(ConfigService.Get().Moonlight.AppUrl); diff --git a/Moonlight/wwwroot/assets/js/moonlight.js b/Moonlight/wwwroot/assets/js/moonlight.js index 5ab0ec2..d80be91 100644 --- a/Moonlight/wwwroot/assets/js/moonlight.js +++ b/Moonlight/wwwroot/assets/js/moonlight.js @@ -292,6 +292,20 @@ }, showNotification: function (title, text, img) { let notification = new Notification(title, {body: text, icon: img}); + }, + getWebDriverStatus: function () { + if (navigator.webdriver) + return true; + else + return false; + }, + getLanguagesStatus: function() + { + if (!navigator.languages || navigator.languages.length === 0) { + return false; + } else { + return true; + } } }, loading: { @@ -314,20 +328,18 @@ } }); }, - checkConnection: async function(url, threshold) { + checkConnection: async function (url, threshold) { const start = performance.now(); - try - { - const response = await fetch(url, { mode: 'no-cors' }); + try { + const response = await fetch(url, {mode: 'no-cors'}); const latency = performance.now() - start; - if (latency > threshold) - { + if (latency > threshold) { moonlight.toasts.warning(`High latency detected: ${latency}ms. Moonlight might feel laggy. Please check your internet connection`); } + } catch (error) { } - catch (error) {} } }, flashbang: { @@ -429,7 +441,7 @@ const systemZoom = width / window.screen.availWidth; const left = (width - w) / 2 / systemZoom + dualScreenLeft const top = (height - h) / 2 / systemZoom + dualScreenTop - const newWindow = window.open(url, title,`scrollbars=yes,width=${w / systemZoom},height=${h / systemZoom},top=${top},left=${left}`) + const newWindow = window.open(url, title, `scrollbars=yes,width=${w / systemZoom},height=${h / systemZoom},top=${top},left=${left}`) if (window.focus) newWindow.focus(); } }