public RequestAttemptLog LogRequest(string ipAddress, string requestType)
{
ipAddress = ipAddress.Trim();
// CHECK FOR BANNED IPS
if (_context.IpBlacklists.Any(p => p.IpAddress == ipAddress && p.BanExpires > DateTime.Now))
{
return new RequestAttemptLog()
{
Rejected = true, SystemComment = RequestRejectionReasons.Abuse
}
}
;
// CHECK FOR TOO MANY REQUESTS
var attempt = new RequestAttemptLog()
{
IpAddress = ipAddress, AttemptType = requestType
};
var attempts = _context.RequestAttemptLogs.Where(p => p.IpAddress == ipAddress && p.AttemptType == requestType).ToList();
attempts = attempts.Where(p => p.Date.Year == DateTime.Now.Year &&
p.Date.Month == DateTime.Now.Month &&
p.Date.Day == DateTime.Now.Day &&
(DateTime.Now - p.Date).Hours <= AttemptHourTimelimit).ToList();
if (attempts.Count() > RejectionAttemptThreshhold)
{
attempt.Rejected = true;
attempt.SystemComment = RequestRejectionReasons.TooFrequent;
}
// BAN IP IF ACTING MALICIOUSLY
if (attempts.Count() > BannableAttemptThreshhold)
{
var previousBans = _context.IpBlacklists.Count(p => p.IpAddress == ipAddress);
var daysForBan = (int)Math.Pow(2d, previousBans); // 2^NumberOfBans days
_context.IpBlacklists.Add(new IpBlacklist()
{
IpAddress = ipAddress,
BannedReason = $"{BannableAttemptThreshhold} attempts for {requestType} in {AttemptHourTimelimit} hour(s).",
BanExpires = daysForBan < 100 ? DateTime.Now.AddDays(daysForBan) : DateTime.Now.AddYears(10)
});
attempt.Rejected = true;
attempt.SystemComment = RequestRejectionReasons.Abuse;
}
_context.RequestAttemptLogs.Add(attempt);
_context.SaveChanges();
return(attempt);
}
public Location AddLocation(Location location)
{
ValidateLocation(location);
_context.Locations.Add(location);
_context.SaveChanges();
return(location);
}
