You've already forked Epicnabbo-Catalogus-Updated-Daily
Remco
82 lines
2.9 KiB
PHP
82 lines
2.9 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Middleware;
|
|
|
|
use App\Models\Miscellaneous\WebsiteIpBlacklist;
|
|
use App\Models\Miscellaneous\WebsiteIpWhitelist;
|
|
use App\Services\IpLookupService;
|
|
use Closure;
|
|
use Illuminate\Http\Request;
|
|
use Symfony\Component\HttpFoundation\Response;
|
|
|
|
class VPNCheckerMiddleware
|
|
{
|
|
public function handle(Request $request, Closure $next): Response
|
|
{
|
|
// Skip check if vpn checker is disabled
|
|
if (setting('vpn_block_enabled') === '0' || setting('ipdata_api_key') === 'ADD-API-KEY-HERE') {
|
|
return $next($request);
|
|
}
|
|
|
|
// Skip check if the rank is allowed to bypass the checker
|
|
if (hasPermission('bypass_vpn')) {
|
|
return $next($request);
|
|
}
|
|
|
|
// Skip check if the IP is in the whitelist table
|
|
if (WebsiteIpWhitelist::where('ip_address', $request->ip())->exists()) {
|
|
return $next($request);
|
|
}
|
|
|
|
// Restrict user if IP is blacklisted
|
|
if (WebsiteIpBlacklist::where('ip_address', $request->ip())->exists()) {
|
|
return to_route('me.show')->withErrors([
|
|
'message' => __('Your IP have been restricted - If you think this is a mistake, you can contact us on our Discord.'),
|
|
]);
|
|
}
|
|
|
|
// Instantiate the necessary things to look up the visitor IP
|
|
$ipService = new IpLookupService(setting('ipdata_api_key'));
|
|
$userIp = $request->ip();
|
|
$apiResponse = $ipService->ipLookup($userIp);
|
|
|
|
$asn = $apiResponse['asn']['asn'] ?? '';
|
|
$asnWhitelisted = WebsiteIpWhitelist::where('asn', $asn)
|
|
->where('whitelist_asn', '=', '1')
|
|
->exists();
|
|
|
|
if ($asnWhitelisted) {
|
|
return $next($request);
|
|
}
|
|
|
|
// Fetch all blacklisted ASNs
|
|
$asnBlacklisted = WebsiteIpBlacklist::where('asn', $asn)
|
|
->where('blacklist_asn', '=', '1')
|
|
->exists();
|
|
|
|
// Restrict the user if their ASN is within the blacklist table
|
|
if ($asnBlacklisted) {
|
|
return to_route('me.show')->withErrors([
|
|
'message' => __('Your IP have been restricted - If you think this is a mistake, you can contact us on our Discord.'),
|
|
]);
|
|
}
|
|
|
|
if (isset($apiResponse['threat']) && is_array($apiResponse['threat'])) {
|
|
$filteredThreats = array_diff_key($apiResponse['threat'], array_flip(['blocklists', 'is_icloud_relay', 'is_datacenter', 'is_tor', 'is_proxy']));
|
|
|
|
if (in_array(true, $filteredThreats, true)) {
|
|
WebsiteIpBlacklist::create([
|
|
'ip_address' => $userIp,
|
|
'asn' => null,
|
|
]);
|
|
|
|
return to_route('me.show')->withErrors([
|
|
'message' => __('Your IP has been restricted - If you think this is a mistake, you can contact us on our Discord.'),
|
|
]);
|
|
}
|
|
}
|
|
|
|
return $next($request);
|
|
}
|
|
}
|