mirror/PrivateCaptcha
1
0
Fork 0
mirror of https://github.com/PrivateCaptcha/PrivateCaptcha.git synced 2026-02-11 00:08:47 -06:00
Code Issues Packages Projects Releases Wiki Activity

Add more logs for requests cut by user limiter

Browse Source
This commit is contained in:
Taras Kushnir
2025-11-19 09:33:23 +02:00
parent 0ae7d84009
commit cf374ab0e3
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
pkg/api/middlewares.go
View File

@@ -291,6 +291,7 @@ func (am *AuthMiddleware) Sitekey(next http.Handler) http.Handler {
if softRestriction, err := am.Limiter.EvaluatePropertyAccess(ctx, property.OrgOwnerID.Int32); err == nil {
// if user is not an active subscriber, their properties and orgs might still exist but should not serve puzzles
slog.WarnContext(ctx, "User is limited for property access", "userID", property.OrgOwnerID.Int32, "soft", softRestriction)
if !softRestriction {
http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden)
} else {
@@ -377,7 +378,7 @@ func (am *AuthMiddleware) APIKey(keyFunc func(r *http.Request) string) func(http
// if user is not an active subscriber, their properties and orgs might still exist but should not allow API
if softRestriction, err := am.Limiter.EvaluateAPIAccess(ctx, apiKey.UserID.Int32); (err == nil) && !softRestriction {
slog.WarnContext(ctx, "User is limited", "userID", apiKey.UserID.Int32)
slog.WarnContext(ctx, "User is limited for API access", "userID", apiKey.UserID.Int32)
http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden)
return
}