GitHub-Bitwarden
/
server
mirror of https://github.com/bitwarden/server.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
The core infrastructure backend (API, database, Docker, etc).
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1547 Commits
477 Branches
221 Tags
116 MiB
 
 
 
 
 
 
Tree: 740453c900
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '740453c900'
${ noResults }
server/util/Function/BlockIp.cs

70 lines
2.6 KiB
Raw Blame History

using System;
using System.Configuration;
using System.Linq;
using System.Net.Http;
using System.Threading.Tasks;
using Bit.Function.Models;
using Microsoft.Azure.WebJobs;
using Microsoft.Azure.WebJobs.Host;
using Newtonsoft.Json;
namespace Bit.Function
{
public static class BlockIp
{
[FunctionName("BlockIp")]
public static void Run(
[QueueTrigger("blockip", Connection = "")]string myQueueItem,
out string outputQueueItem,
TraceWriter log)
{
outputQueueItem = BlockIpAsync(myQueueItem).GetAwaiter().GetResult();
log.Info($"C# Queue trigger function processed: {myQueueItem}, outputted: {outputQueueItem}");
}
private static async Task<string> BlockIpAsync(string ipAddress)
{
var ipWhitelist = ConfigurationManager.AppSettings["WhitelistedIps"];
if(ipWhitelist != null && ipWhitelist.Split(',').Contains(ipAddress))
{
return null;
}
var xAuthEmail = ConfigurationManager.AppSettings["X-Auth-Email"];
var xAuthKey = ConfigurationManager.AppSettings["X-Auth-Key"];
var zoneId = ConfigurationManager.AppSettings["ZoneId"];
using(var client = new HttpClient())
{
client.BaseAddress = new Uri("https://api.cloudflare.com");
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Add("X-Auth-Email", xAuthEmail);
client.DefaultRequestHeaders.Add("X-Auth-Key", xAuthKey);
var response = await client.PostAsJsonAsync(
$"/client/v4/zones/{zoneId}/firewall/access_rules/rules",
new
{
mode = "block",
configuration = new
{
target = "ip",
value = ipAddress
},
notes = $"Rate limit abuse on {DateTime.UtcNow.ToString()}."
});
var responseString = await response.Content.ReadAsStringAsync();
var responseJson = JsonConvert.DeserializeObject<AccessRuleResponse>(responseString);
if(!responseJson.Success)
{
return null;
}
// Uncomment whenever we can delay the returned message. Functions do not support that at this time.
return null; //responseJson.Result?.Id;
}
}
}
}