mozilla
/
fxa-customs-server
зеркало из
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
455 коммитов 61 ветка 65 Теги 2,4 MiB
Граф коммитов

110 Коммитов

Автор SHA1 Сообщение Дата
Shane Tomlinson 6f73c3c8b8
refactor(server): Extract and simplify record retreival/storage, user defined rules. 
server.js has a whole bunch of mixed concerns, part of which was record retreival
and loading/checking user defined rules.

This PR extracts record handling logic as well as user defined rules logic
into their own modules.

Loading/saving records can now be done through a common interface. fetchRecords no longer
holds the assumption that an ip address will be passed in. setRecord no longer requires
passing in a key as the key is stored on the record, and setRecords now only accepts records
instead of it's confusing signature.  It's now possible to define non-enumerable
properties on a record that are not saved when serialized.

I started to use async/await to simplify logic where it made sense as well as
started down the path to using native promises in places.

Note, no remote tests are modified, so functionality should be the same.

This is groundwork to simplify the DataFlow integration where a simple API is
needed to fetch records of varying types.
 2019-03-21 12:28:56 +00:00
Shane Tomlinson ad16e74d0a
feat(fraud-detection): Listen for DataFlow fraud detection events 
Hook up to GCP PubSub to listen for fraud detection events
from the DataFlow fraud detection pipeline.

fixes #311
 2019-03-01 17:06:56 +00:00
Phil Booth bb91ab59b4
fix(logs): preserve homogeneity of more log properties 2019-02-06 14:17:09 +00:00
Phil Booth 469ca49eab
fix(logs): preserve homogeneity of log properties 2019-01-24 15:53:13 +00:00
Vijay Budhram cd949ae1ae
feat(code): add custom rate limits for token code 2018-09-06 21:39:56 -04:00
Shane Tomlinson d50ec3261f feat(deps): Update to the newest restify. (#264) 
Update to restify@7.2.1, restify-safe-json-formatter@0.3.0
 2018-08-24 08:38:44 -04:00
Aaron Meihm 458f94dd1b test(reputation): adds compose based integration test with iprepd (#253) r=@vladikoff 
Add framework for integration testing between fxa-customs-server and
iprepd (newer version of Tigerblood). The existing tests included a stub
reputation server; this conducts similar testing but uses the actual
reputation service backend.
 2018-06-26 17:30:11 -04:00
Aaron Meihm 6376028ecb Updates to reputation service integration (#251) r=@vladikoff 
* fix(deps): update ip-reputation-js-client to 4.0.2

* feat(reputation): request time logging, update tests

- Modify reputation service integration to log reputation service query
  time
- Include a test to verify ip-reputation-js-client return values contain
  the desired timing value
- The newer version of the reputation service deprecated the POST /
  endpoint for reputation updates. Modify the stub reputation service
  and tests to use the update endpoint (which should be used for both
  new reputation creation and reputation updates now).
 2018-06-25 18:21:48 -04:00
Ryan Kelly d419a53824 feat(actions): Add 'verifyRecoveryCode' as a code-checking action. 2018-06-22 13:38:29 +10:00
Greg Guthe ab1fb6e2e7 fix(deps): update ip rep client to v4 (#249) r=@vladikoff 2018-06-08 07:09:35 -07:00
Vijay Budhram 2633c4cbc9
fix(tests): fix dependent tests (#234), r=@rfk 2018-04-13 00:04:22 -04:00
Vijay Budhram 970f01eaa1
feat(totp): add totp rate limits (#233), r=@rfk 2018-04-11 11:27:05 -04:00
Deepti 475bf23bf8 fix(test): start memcached as part of 'npm test' r=@vladikoff 
Fixes #228
 2018-03-19 15:14:31 -04:00
Vijay Budhram 0f9408124b
feat(token): Add rate limit for tokenCodes (#225), r=@rfk 2018-01-08 10:16:56 -05:00
Shane Tomlinson 35c37d5927 feat(sms): Added tests for `change allowedPhoneNumbers` config 2017-11-15 15:50:01 +00:00
Shane Tomlinson 78226031d4 feat(sms): Add an allow list of non-rate limited phone numbers for testing. 
fixes #217
 2017-11-15 12:11:26 +00:00
Phil Booth b39f993bb6 (iprecord): ignore prior rate-limiting for account access actions 
Requests to /check with allow-listed email addresses cause the IP record
to to be marked as rate-limited, even though those requests aren't
actually blocked. Any subsequent requests to /checkIpOnly will fetch the
rate-limited IP record from memcached and block the request incorrectly.
This is a problem for the content server functional tests.

The change here ignores any previous rate-limiting for account access
actions, effectively putting them into a separate rate-limiting bucket.

https://github.com/mozilla/fxa-customs-server/pull/207
r=rfk
 2017-06-28 05:21:01 -07:00
Phil Booth 08fca60761 feat(actions): add consumeSigninCode as an ACCOUNT_ACCESS_ACTION 
https://github.com/mozilla/fxa-customs-server/pull/203

r=vbudhram
 2017-05-23 13:34:40 +01:00
Sean McArthur 3f03e431f3 Merge pull request #200 from mozilla/pushonempty-rejection 
fix(settings): pushOnMissing no longer updates on unexpected errors
 2017-04-25 15:38:03 -07:00
Sean McArthur a720749931 fix(settings): pushOnMissing no longer updates on unexpected errors 
Closes #194
 2017-04-25 15:08:58 -07:00
Vijay Budhram e2f206cda1 fix(sms): Add ability to rate-limit sms by email (#198), r=@rfk 2017-04-21 09:26:43 -04:00
Vijay Budhram 2a70689b0e fix(tests): Correctly rate limit sms by ip address (#191), r=@rfk 2017-03-28 11:16:50 -04:00
Vijay Budhram 8fef3d152d fix(tests): Update config and testing for sms (#189) r=vladikoff 2017-03-20 19:36:07 -04:00
Sean McArthur b0cb1fa1a7 feat(docker): add Docker support (#176) r=vladikoff,jbuck 2017-03-05 13:02:18 -05:00
Vijay Budhram 14e37c3496 feat(blocklist): Add support to specify the block level for multiple blocklists (#167), r=@rfk 
Ability to specify log only lists for ip blocklist.
 2017-02-20 09:51:21 -05:00
Greg Guthe 89678059e0 Fix rep service config (#172), r=@vbudhram, @jrgm 
Updates ip rep js client to 2.0.1 and makes the relevant test and server changes.
 2017-02-15 09:09:36 -05:00
Vlad Filippov 84d6ca423e fix(tests): remove old code coverage tool (#173), r=@vbudhram 
Fixes #164
 2017-02-10 23:59:54 -05:00
Vijay Budhram dd30b0ea92 feat(sms): Add support for rate-limiting sms actions (#161), r=@philbooth, @rfk 2017-02-09 10:54:07 -05:00
Vijay Budhram 7a73ca4f57 refactor(tests): Add ability to debug child processes (#162), r=@rfk 2017-02-01 15:53:23 -05:00
Ryan Kelly a9f193232d fix(retryAfter): Round blocking periods up instead of down. (#159), r=@vbudhram 
Fix for intermittent test failures associated with `retryAfter`.
 2017-01-24 08:56:51 -05:00
Greg Guthe 4f5d781e6d feat(ipreputation): Use IP reputation service from /check (#152), r=@vbudhram 
This adds support for using the ip reputation service to block requests that the service deems questionable. Disabled by default.
 2017-01-17 14:34:13 -05:00
Greg Guthe 262c210974 fix(test): increase rateLimitInterval for send_violation_tests (#157), r=@vbudhram 2017-01-11 12:11:30 -05:00
Greg Guthe 9b94bd1bdd Send violations to ip service (#148), r=@vbudhram 
This adds the tigerblood-js-client to the customs server. This is used to report when a request has been blocked to the Tigerblood service. It is disabled by default.
 2016-11-28 09:08:23 -05:00
Ryan Kelly 4f20fadca6 fix(ip_record): Correctly total bad logins by unique email address. 2016-10-26 08:36:16 +11:00
Vijay Budhram 9f239034fd feat(blocklist): Add latest firehol sample list (#144); r=rfk 2016-10-19 11:42:09 +11:00
Ryan Kelly 9545e7dc2b chore(config): Don't set allow ALLOWED_IPS by default. (#138); r=jrgm 2016-10-18 06:48:44 +11:00
Ryan Kelly 623de15c80 chore(lint): Fix up some linty issues noticed in PR review. 2016-10-17 12:38:58 +11:00
Ryan Kelly 5ddfcf170a feat(requestChecks): Backport "requestChecks" framework from private repo. 2016-10-14 15:35:16 +11:00
Sean McArthur 03c8c02eee feat(unblock): add unblock rate limits (#131); r=rfk 2016-10-05 14:25:58 +11:00
Ryan Kelly 1dc03ef84a feat(verify-code): Add rate-limiting of code verification attempts. (#132); r=vbudhram 2016-10-04 13:10:41 +11:00
Ryan Kelly 101062c970 fix(settings): Fix reloading of nested settings from mecmached (#133); r=vbudhram 2016-10-04 10:58:51 +11:00
Vijay Budhram 029111d92e feat(blocklist): Add blocklist module (#117), r=@rfk, @seanmonstar 
* feat(blocklist): Add blocklist module

* feat(blocklist): Add log only support and update firehol blocklist

* feat(blocklist): Update shrinkwrap

* feat(blocklist): Add missing dependency and reshrinkwrap

* feat(blocklist): PR Fixs

* feat(blocklist): Add ability to automatically reload blocklist whenever blocklist file has been updated

* feat(blocklist): Add missing test cases for coverage

* feat(blocklist): Add support for multiple lists, updated firehol

* feat(blocklist): Add test cases for multiple lists processing

* feat(blocklist): Renamed to blockclass

* feat(blocklist): update shrinkwrap

* feat(blocklist): PR Updates

* feat(blocklist): PR Updates

* feat(blocklist): PR Updates

* feat(blocklist): PR Updates
 2016-10-03 14:45:55 -04:00
Sean McArthur 112277fc85 feat(block): ip record blocks trump all other conditions 2016-08-09 20:34:07 -07:00
Larissa Gaulia 6fadc52bfa refactor(test): Modify test cases to use promises instead of callbacks (#123) r=vladikoff 
fixes #97
 2016-08-05 17:52:04 -04:00
Larissa Gaulia 3a254c414f feat(server): Add uid_record and checkAuthenticated endpoint (#121) r=vladikoff,rfk 2016-08-05 10:20:29 -04:00
Ryan Kelly 383412c036 chore(server): Remove some left-over references to account lockout. (#124) r=vladikoff 2016-08-02 10:35:32 -04:00
Shane Tomlinson 28343cb7ae feat(server): Remove `badLoginLockout` config and EmailRecord.lf (loginFailure) related code. 2016-07-27 10:36:58 +01:00
Shane Tomlinson f409c6f3d6 feat(server): Remove account lockout. 
fixes #120
 2016-07-27 10:23:02 +01:00
Vlad Filippov 985208ab8a Merge pull request #119 from mozilla/dev-deps-0720 r=vbudhram 2016-07-21 10:47:20 -04:00
Ryan Kelly e578c26ea3 feat(email): Add config option to avoid blocking certain email domains 2016-05-03 14:51:46 +10:00