Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Save initial signup information for users to aid in spam prevention #31852

Merged
merged 14 commits into from
Sep 9, 2024
Merged

Save initial signup information for users to aid in spam prevention #31852

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
6140c1e
Save initial signup information for users to aid in spam prevention
techknowlogick Aug 17, 2024
b8e36bc
fix lint
techknowlogick Aug 17, 2024
081d32c
add setting
techknowlogick Aug 17, 2024
e798b2d
Update setting name
techknowlogick Aug 19, 2024
50038a1
Merge branch 'main' into signup-ip
techknowlogick Sep 7, 2024
f97d3b4
refactor structs
techknowlogick Sep 7, 2024
22b2e4d
refactor structs
techknowlogick Sep 7, 2024
1336651
refactor structs
techknowlogick Sep 7, 2024
98a74c1
fix lint
techknowlogick Sep 7, 2024
801df72
Merge branch 'main' into signup-ip
techknowlogick Sep 7, 2024
53b789b
Merge branch 'main' into signup-ip
GiteaBot Sep 7, 2024
3275068
Merge branch 'main' into signup-ip
GiteaBot Sep 8, 2024
10146d0
Merge branch 'main' into signup-ip
GiteaBot Sep 9, 2024
0bf8b43
Merge branch 'main' into signup-ip
GiteaBot Sep 9, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 19 additions & 0 deletions models/user/user.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -120,6 +120,11 @@ type User struct {
// (ex: in private Gitea instances user won't be allowed to see even organizations/repositories that are set as public)
IsRestricted bool `xorm:"NOT NULL DEFAULT false"`

// Store the initial registration of the user, to aid in spam prevention
// Ensure that one IP isn't creating many accounts (following mediawiki approach)
InitialIP string `xorm:"-"`
InitialUserAgent string `xorm:"-"`
techknowlogick marked this conversation as resolved.
Show resolved Hide resolved

AllowGitHook bool
AllowImportLocal bool // Allow migrate repository by local path
AllowCreateOrganization bool `xorm:"DEFAULT true"`
Expand Down Expand Up @@ -745,6 +750,20 @@ func createUser(ctx context.Context, u *User, createdByAdmin bool, overwriteDefa
return err
}

// insert initial IP and UserAgent
if err = SetUserSetting(ctx, u.ID, "initial_ip", u.InitialIP); err != nil {
return err
}

// trim user agent string to a reasonable length, if necessary
userAgent := strings.TrimSpace(u.InitialUserAgent)
if len(userAgent) > 255 {
userAgent = userAgent[:255]
}
if err = SetUserSetting(ctx, u.ID, "initial_user_agent", userAgent); err != nil {
return err
}

// insert email address
if err := db.Insert(ctx, &EmailAddress{
UID: u.ID,
Expand Down
2 changes: 2 additions & 0 deletions routers/web/auth/auth.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -541,6 +541,8 @@ func createAndHandleCreatedUser(ctx *context.Context, tpl base.TplName, form any
// createUserInContext creates a user and handles errors within a given context.
// Optionally a template can be specified.
func createUserInContext(ctx *context.Context, tpl base.TplName, form any, u *user_model.User, overwrites *user_model.CreateUserOverwriteOptions, gothUser *goth.User, allowLink bool) (ok bool) {
u.InitialIP = ctx.RemoteAddr()
u.InitialUserAgent = ctx.Req.UserAgent()
if err := user_model.CreateUser(ctx, u, overwrites); err != nil {
if allowLink && (user_model.IsErrUserAlreadyExist(err) || user_model.IsErrEmailAlreadyUsed(err)) {
if setting.OAuth2Client.AccountLinking == setting.OAuth2AccountLinkingAuto {
Expand Down
1 change: 1 addition & 0 deletions services/context/access_log.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,7 @@ func AccessLogger() func(http.Handler) http.Handler {
ResponseWriter: rw,
Ctx: map[string]any{
"RemoteAddr": req.RemoteAddr,
"UserAgent": req.UserAgent,
techknowlogick marked this conversation as resolved.
Show resolved Hide resolved
"RemoteHost": reqHost,
"Req": req,
},
Expand Down