From e5d97870a12ec87bd463b7657923bb79d3bcb4cc Mon Sep 17 00:00:00 2001 From: Logan Hunt Date: Tue, 31 Jan 2023 12:44:15 -0700 Subject: [PATCH] Rate limit game creation --- config/config.exs | 4 +- lib/chessh/ssh/client/client.ex | 21 +++++---- lib/chessh/ssh/client/game/game.ex | 73 ++++++++++++++++++++---------- 3 files changed, 65 insertions(+), 33 deletions(-) diff --git a/config/config.exs b/config/config.exs index a5782d4..e9fca38 100644 --- a/config/config.exs +++ b/config/config.exs @@ -12,7 +12,9 @@ config :chessh, RateLimits, max_concurrent_user_sessions: 5, player_session_message_burst_ms: 500, player_session_message_burst_rate: 8, - player_public_keys: 15 + player_public_keys: 15, + create_game_ms: 60 * 1000, + create_game_rate: 2 config :chessh, Web, github_oauth_login_url: "https://github.com/login/oauth/access_token", diff --git a/lib/chessh/ssh/client/client.ex b/lib/chessh/ssh/client/client.ex index 67aa920..461dfbe 100644 --- a/lib/chessh/ssh/client/client.ex +++ b/lib/chessh/ssh/client/client.ex @@ -45,17 +45,20 @@ defmodule Chessh.SSH.Client do screen_state_initials: screen_state_initials } = state ) do - {:ok, new_screen_pid} = - GenServer.start_link(module, [%{screen_state_initial | client_pid: self()}]) + case GenServer.start_link(module, [%{screen_state_initial | client_pid: self()}]) do + {:ok, new_screen_pid} -> + send(new_screen_pid, {:render, width, height}) - send(new_screen_pid, {:render, width, height}) + {:noreply, + %State{ + state + | screen_pid: new_screen_pid, + screen_state_initials: [{module, screen_state_initial} | screen_state_initials] + }} - {:noreply, - %State{ - state - | screen_pid: new_screen_pid, - screen_state_initials: [{module, screen_state_initial} | screen_state_initials] - }} + _ -> + {:noreply, state} + end end @impl true diff --git a/lib/chessh/ssh/client/game/game.ex b/lib/chessh/ssh/client/game/game.ex index 3ecd2e4..4a79d05 100644 --- a/lib/chessh/ssh/client/game/game.ex +++ b/lib/chessh/ssh/client/game/game.ex @@ -59,32 +59,59 @@ defmodule Chessh.SSH.Client.Game do end def init([ - %State{player_session: player_session, color: color, game: nil} = state + %State{player_session: player_session, color: color, game: nil, client_pid: client_pid} = + state | tail ]) do - # Starting a new game - {:ok, %Game{} = game} = - Game.changeset( - %Game{}, - Map.merge( - if(color == :light, - do: %{light_player_id: player_session.player_id}, - else: %{dark_player_id: player_session.player_id} - ), - %{ - fen: @default_fen - } - ) - ) - |> Repo.insert() + [create_game_ms, create_game_rate] = + Application.get_env(:chessh, RateLimits) + |> Keyword.take([:create_game_ms, :create_game_rate]) + |> Keyword.values() - init([ - %State{ - state - | game: game - } - | tail - ]) + case Hammer.check_rate_inc( + :redis, + "player-#{state.player_session.id}-create-game-rate", + create_game_ms, + create_game_rate, + 1 + ) do + {:allow, _count} -> + # Starting a new game + {:ok, %Game{} = game} = + Game.changeset( + %Game{}, + Map.merge( + if(color == :light, + do: %{light_player_id: player_session.player_id}, + else: %{dark_player_id: player_session.player_id} + ), + %{ + fen: @default_fen + } + ) + ) + |> Repo.insert() + + init([ + %State{ + state + | game: game + } + | tail + ]) + + {:deny, _limit} -> + send( + client_pid, + {:send_to_ssh, + [ + Utils.clear_codes(), + "You are creating too many games, and have been rate limited. Try again later.\n" + ]} + ) + + {:stop, :normal, state} + end end def init([