journalduhacker/app/controllers/application_controller.rb

class ApplicationController < ActionController::Base
  protect_from_forgery
  before_filter :authenticate_user
  before_filter :increase_traffic_counter

  TRAFFIC_DECREMENTER = 0.40

  TAG_FILTER_COOKIE = :tag_filters

  def authenticate_user
    # eagerly evaluate, in case this triggers an IpSpoofAttackError
    request.remote_ip

    if session[:u] &&
    (user = User.where(:session_token => session[:u].to_s).first) &&
    user.is_active?
      @user = user
      Rails.logger.info "  Logged in as user #{@user.id} (#{@user.username})"
    end

    true
  end

  def increase_traffic_counter
    @traffic = 1.0

    Keystore.transaction do
      now_i = Time.now.to_i
      date_kv = Keystore.find_or_create_key_for_update("traffic:date", now_i)
      traffic_kv = Keystore.find_or_create_key_for_update("traffic:hits", 0)

      traffic = traffic_kv.value.to_i

      # don't increase traffic counter for bots or api requests
      unless agent_is_spider? || [ "json", "rss" ].include?(params[:format])
        traffic += 100
      end

      # every second, decrement traffic by some amount
      traffic -= (100.0 * (now_i - date_kv.value) * TRAFFIC_DECREMENTER).to_i

      # clamp to 100, 1000
      traffic = [ [ 100, traffic ].max, 10000 ].min

      @traffic = traffic * 0.01

      traffic_kv.value = traffic
      traffic_kv.save!

      date_kv.value = now_i
      date_kv.save!

      Rails.logger.info "  Traffic level: #{@traffic.to_i}"
    end

    intensity = (@traffic * 7).floor + 50.0
    if (blue = (rand(2000000) == 1)) && @user
      Rails.logger.info "  User #{@user.id} (#{@user.username}) saw blue logo"
    end
    color = (blue ? "0000%02x" : "%02x0000")
    @traffic_color = sprintf(color, intensity > 255 ? 255 : intensity)

    true
  end

  def require_logged_in_user
    if @user
      true
    else
      if request.get?
        session[:redirect_to] = request.original_fullpath
      end

      redirect_to "/login"
    end
  end

  def require_logged_in_moderator
    require_logged_in_user

    if @user
      if @user.is_moderator?
        true
      else
        flash[:error] = "You are not authorized to access that resource."
        return redirect_to "/"
      end
    end
  end

  def require_logged_in_user_or_400
    if @user
      true
    else
      render :text => "not logged in", :status => 400
      return false
    end
  end

  @_tags_filtered = nil
  def tags_filtered_by_cookie
    @_tags_filtered ||= Tag.where(
      :tag => cookies[TAG_FILTER_COOKIE].to_s.split(",")
    )
  end

  def agent_is_spider?
    ua = request.env["HTTP_USER_AGENT"].to_s
    (ua == "" || ua.match(/(Google|bing|Slack|Twitter)bot|Slurp|crawler|Feedly|FeedParser|RSS/))
  end

  def find_user_from_rss_token
    if !@user && request[:format] == "rss" && params[:token].to_s.present?
      @user = User.where(:rss_token => params[:token].to_s).first
    end
  end
end
initial work on conversion from php tree 2012-06-17 03:15:46 +02:00			`class ApplicationController < ActionController::Base`
			`protect_from_forgery`
how did all of these tabs get here 2012-07-01 00:43:45 +02:00			`before_filter :authenticate_user`
implement traffic counter that adjusts redness of lobsters logo 2012-08-16 23:11:30 +02:00			`before_filter :increase_traffic_counter`

decrement traffic faster 2016-10-30 19:10:29 +01:00			`TRAFFIC_DECREMENTER = 0.40`
initial work on conversion from php tree 2012-06-17 03:15:46 +02:00
allow non-logged-in users to define tag filters when not logged in, store the filters in a long-lasting cookie and do not cache the home page for that one guy on hacker news that complained about lobste.rs not having this 2013-08-05 09:16:33 +02:00			`TAG_FILTER_COOKIE = :tag_filters`

how did all of these tabs get here 2012-07-01 00:43:45 +02:00			`def authenticate_user`
add a workaround to stop getting exception emails about IpSpoofAttackErrors 2017-05-20 15:21:07 +02:00			`# eagerly evaluate, in case this triggers an IpSpoofAttackError`
			`request.remote_ip`

log user id when logged in 2014-01-12 20:27:52 +01:00			`if session[:u] &&`
add stuff to deal with banning users 2014-01-12 22:09:32 +01:00			`(user = User.where(:session_token => session[:u].to_s).first) &&`
allow users to delete their own accounts not much can actually be deleted, but it can be put into a deleted state 2014-01-13 17:12:17 +01:00			`user.is_active?`
add stuff to deal with banning users 2014-01-12 22:09:32 +01:00			`@user = user`
log user id when logged in 2014-01-12 20:27:52 +01:00			`Rails.logger.info " Logged in as user #{@user.id} (#{@user.username})"`
initial work on conversion from php tree 2012-06-17 03:15:46 +02:00			`end`

			`true`
			`end`

implement traffic counter that adjusts redness of lobsters logo 2012-08-16 23:11:30 +02:00			`def increase_traffic_counter`
			`@traffic = 1.0`

			`Keystore.transaction do`
optimize traffic counter queries 2014-01-09 06:01:54 +01:00			`now_i = Time.now.to_i`
			`date_kv = Keystore.find_or_create_key_for_update("traffic:date", now_i)`
			`traffic_kv = Keystore.find_or_create_key_for_update("traffic:hits", 0)`
implement traffic counter that adjusts redness of lobsters logo 2012-08-16 23:11:30 +02:00
don't increase traffic for tor users 2016-03-22 20:07:39 +01:00			`traffic = traffic_kv.value.to_i`

			`# don't increase traffic counter for bots or api requests`
not using tor anymore, add some more bot UAs 2016-11-03 22:19:39 +01:00			`unless agent_is_spider? \|\| [ "json", "rss" ].include?(params[:format])`
don't increase traffic for tor users 2016-03-22 20:07:39 +01:00			`traffic += 100`
			`end`

implement traffic counter that adjusts redness of lobsters logo 2012-08-16 23:11:30 +02:00			`# every second, decrement traffic by some amount`
optimize traffic counter queries 2014-01-09 06:01:54 +01:00			`traffic -= (100.0 * (now_i - date_kv.value) * TRAFFIC_DECREMENTER).to_i`
don't increase traffic for tor users 2016-03-22 20:07:39 +01:00
set ceiling for traffic counter 2015-06-19 20:25:02 +02:00			`# clamp to 100, 1000`
			`traffic = [ [ 100, traffic ].max, 10000 ].min`
implement traffic counter that adjusts redness of lobsters logo 2012-08-16 23:11:30 +02:00
optimize traffic counter queries 2014-01-09 06:01:54 +01:00			`@traffic = traffic * 0.01`

			`traffic_kv.value = traffic`
			`traffic_kv.save!`

			`date_kv.value = now_i`
			`date_kv.save!`
move header into layout, no need for another file 2012-08-17 20:36:30 +02:00
don't increase traffic for tor users 2016-03-22 20:07:39 +01:00			`Rails.logger.info " Traffic level: #{@traffic.to_i}"`
set ceiling for traffic counter 2015-06-19 20:25:02 +02:00			`end`
move header into layout, no need for another file 2012-08-17 20:36:30 +02:00
Tiny refactor for blue lobsters (#333) 2017-05-16 19:35:07 +02:00			`intensity = (@traffic * 7).floor + 50.0`
log when blue logo shows up 2017-05-23 14:18:03 +02:00			`if (blue = (rand(2000000) == 1)) && @user`
			`Rails.logger.info " User #{@user.id} (#{@user.username}) saw blue logo"`
			`end`
			`color = (blue ? "0000%02x" : "%02x0000")`
Tiny refactor for blue lobsters (#333) 2017-05-16 19:35:07 +02:00			`@traffic_color = sprintf(color, intensity > 255 ? 255 : intensity)`
1 in 2 million! 2016-06-19 02:25:57 +02:00
move header into layout, no need for another file 2012-08-17 20:36:30 +02:00			`true`
implement traffic counter that adjusts redness of lobsters logo 2012-08-16 23:11:30 +02:00			`end`

how did all of these tabs get here 2012-07-01 00:43:45 +02:00			`def require_logged_in_user`
			`if @user`
initial work on conversion from php tree 2012-06-17 03:15:46 +02:00			`true`
			`else`
when redirecting to /login, save the url and params to redirect back to closes #164 2014-08-08 17:16:06 +02:00			`if request.get?`
			`session[:redirect_to] = request.original_fullpath`
			`end`

initial work on conversion from php tree 2012-06-17 03:15:46 +02:00			`redirect_to "/login"`
			`end`
			`end`

add user banning/unbanning from user view page 2015-06-26 17:27:04 +02:00			`def require_logged_in_moderator`
			`require_logged_in_user`

			`if @user`
			`if @user.is_moderator?`
			`true`
			`else`
			`flash[:error] = "You are not authorized to access that resource."`
			`return redirect_to "/"`
			`end`
			`end`
			`end`

initial work on conversion from php tree 2012-06-17 03:15:46 +02:00			`def require_logged_in_user_or_400`
			`if @user`
			`true`
			`else`
			`render :text => "not logged in", :status => 400`
			`return false`
			`end`
			`end`
don't count spider traffic towards traffic counter 2012-12-17 01:46:38 +01:00
allow non-logged-in users to define tag filters when not logged in, store the filters in a long-lasting cookie and do not cache the home page for that one guy on hacker news that complained about lobste.rs not having this 2013-08-05 09:16:33 +02:00			`@_tags_filtered = nil`
			`def tags_filtered_by_cookie`
use activerecord query interface instead of deprecated finder methods 2013-12-24 04:20:06 +01:00			`@_tags_filtered \|\|= Tag.where(`
			`:tag => cookies[TAG_FILTER_COOKIE].to_s.split(",")`
			`)`
allow non-logged-in users to define tag filters when not logged in, store the filters in a long-lasting cookie and do not cache the home page for that one guy on hacker news that complained about lobste.rs not having this 2013-08-05 09:16:33 +02:00			`end`

don't increase traffic for tor users 2016-03-22 20:07:39 +01:00			`def agent_is_spider?`
bingbot is a bot too 2014-06-12 02:34:41 +02:00			`ua = request.env["HTTP_USER_AGENT"].to_s`
not using tor anymore, add some more bot UAs 2016-11-03 22:19:39 +01:00			`(ua == "" \|\| ua.match(/(Google\|bing\|Slack\|Twitter)bot\|Slurp\|crawler\|Feedly\|FeedParser\|RSS/))`
don't increase traffic for tor users 2016-03-22 20:07:39 +01:00			`end`

show rss <link> header on /comments 2013-01-14 04:39:52 +01:00			`def find_user_from_rss_token`
			`if !@user && request[:format] == "rss" && params[:token].to_s.present?`
use activerecord query interface instead of deprecated finder methods 2013-12-24 04:20:06 +01:00			`@user = User.where(:rss_token => params[:token].to_s).first`
show rss <link> header on /comments 2013-01-14 04:39:52 +01:00			`end`
			`end`
initial work on conversion from php tree 2012-06-17 03:15:46 +02:00			`end`