- gave up from uploading the log periodically to the database

- now we get trusted IPs from user register information

Author: DanielFillol

controllers/controller.go

@@ -2,6 +2,7 @@ package controllers
 
 import (
 	"errors"
+	"fmt"
 	"github.com/Darklabel91/API_Names/database"
 	"github.com/Darklabel91/API_Names/models"
 	Metaphone "github.com/Darklabel91/metaphone-br"
@@ -36,7 +37,7 @@ func Signup(c *gin.Context) {
 	}
 
 	//create the user
-	user := models.User{Email: body.Email, Password: string(hash)}
+	user := models.User{Email: body.Email, Password: string(hash), IP: c.ClientIP()}
 	result := database.Db.Create(&user)
 
 	if result.Error != nil {
@@ -195,6 +196,34 @@ func GetName(c *gin.Context) {
 	return
 }
 
+//GetTrustedIPs return all IPS from user's on the database
+func GetTrustedIPs() []string {
+	var users []models.User
+	if err := database.Db.Find(&users).Error; err != nil {
+		return nil
+	}
+
+	var ips []string
+	for _, user := range users {
+		ips = append(ips, user.IP)
+	}
+
+	fmt.Println(ips)
+
+	return ips
+}
+
+//SetLogger creates a .txt file to store API logs
+func SetLogger(fileName string) gin.HandlerFunc {
+	// Create a file to store the logs
+	file, err := os.OpenFile(fileName, os.O_RDWR|os.O_CREATE, 0666)
+	if err != nil {
+		return nil
+	}
+
+	return gin.LoggerWithWriter(file)
+}
+
 //SearchSimilarNames search for all similar names by metaphone and Levenshtein method
 func SearchSimilarNames(c *gin.Context) {
 	var metaphoneNames []models.NameType

database/db.go

@@ -11,6 +11,8 @@ import (
 	"gorm.io/driver/mysql"
 	"gorm.io/gorm"
 	"io"
+	"log"
+	"net"
 	"os"
 	"time"
 )
@@ -82,13 +84,6 @@ func connectDB() *gorm.DB {
 		return nil
 	}
 
-	//create table log
-	err = db.AutoMigrate(&models.Log{})
-	if err != nil {
-		fmt.Printf("Error on gorm auto migrate to database : error=%v\n", err)
-		return nil
-	}
-
 	return db
 }
 
@@ -132,6 +127,7 @@ func createRoot() error {
 		userRoot := models.User{
 			Email:    "[email protected]",
 			Password: string(hash),
+			IP:       getOutboundIP(),
 		}
 
 		Db.Create(&userRoot)
@@ -143,6 +139,20 @@ func createRoot() error {
 	return nil
 }
 
+//getOutboundIP get preferred outbound ip of the server
+func getOutboundIP() string {
+	conn, err := net.Dial("udp", "8.8.8.8:80")
+	if err != nil {
+		log.Fatal(err)
+	}
+	defer conn.Close()
+
+	localAddr := conn.LocalAddr().(*net.UDPAddr)
+
+	return localAddr.IP.String()
+}
+
+//uploadCSVNameTypes
 func uploadCSVNameTypes() error {
 	var name models.NameType
 	Db.Raw("SELECT * FROM name_types WHERE id = 1").Find(&name)

log/log.go

@@ -3,19 +3,15 @@ package main
 import (
 	"fmt"
 	"github.com/Darklabel91/API_Names/database"
-	"github.com/Darklabel91/API_Names/log"
 	"github.com/Darklabel91/API_Names/routes"
 )
 
-const FILENAME = "logs.txt"
-
 func main() {
 	r := database.InitDb()
 	if r == nil {
 		return
 	}
 
 	fmt.Println("-	Listening and serving")
-	go log.StartExportLog(FILENAME)
 	routes.HandleRequests()
 }

main.go

@@ -12,15 +12,15 @@ import (
 	"time"
 )
 
-const MaxThreadsByToken = 10
+const MaxThreadsByToken = 5
 
-// RequireAuth returns a Gin middleware function that checks for a valid JWT token in the request header or cookie, and limits the rate of requests to prevent DDoS attacks.
+// RequireAuth returns a Gin middleware function that checks for a valid JWT token in the request header or cookie, and limits the rate of requests to`prevent DDoS attacks.
 //	- The rate limit is enforced using a token bucket algorithm.
 //	- The rate limit and queue capacity can be adjusted by modifying the constants in the function.
 //	- If the token is invalid or has expired, or if the request cannot be processed due to an error, the middleware function aborts the request with a 401 Unauthorized HTTP status code.
 func RequireAuth() gin.HandlerFunc {
 	// Create a new rate limiter to limit the number of requests per second
-	limiter := rate.NewLimiter(1000, MaxThreadsByToken)
+	limiter := rate.NewLimiter(20000, MaxThreadsByToken)
 
 	return func(c *gin.Context) {
 		// Check if the request has exceeded the rate limit

middleware/requireAuth.go

@@ -18,16 +18,5 @@ type User struct {
 	gorm.Model
 	Email    string `gorm:"unique"`
 	Password string
-}
-
-//Log is the struct used to register the log file
-// Define a struct to hold the log data
-type Log struct {
-	gorm.Model
-	Time    string
-	Status  string
-	Latency string
-	IP      string
-	Method  string
-	Path    string
+	IP       string
 }

models/modelsGrom.go

@@ -6,31 +6,24 @@ import (
 	"github.com/Darklabel91/API_Names/middleware"
 	"github.com/Darklabel91/API_Names/models"
 	"github.com/gin-gonic/gin"
-	"os"
 	"sync"
 )
 
 const DOOR = ":8080"
 const FILENAME = "logs.txt"
 
-var allowedIPs = []string{"127.0.0.1", "::1"} // List of allowed IP addresses
-
 func HandleRequests() {
 	gin.SetMode(gin.ReleaseMode)
 	r := gin.Default()
 
 	//use the OnlyAllowIPs middleware on all routes
-	err := r.SetTrustedProxies(allowedIPs)
+	err := r.SetTrustedProxies(controllers.GetTrustedIPs())
 	if err != nil {
 		return
 	}
 
 	// Create a file to store the logs
-	file, err := os.OpenFile(FILENAME, os.O_RDWR|os.O_CREATE, 0666)
-	if err != nil {
-		return
-	}
-	r.Use(gin.LoggerWithWriter(file))
+	r.Use(controllers.SetLogger(FILENAME))
 
 	//set up routes
 	r.POST("/signup", controllers.Signup)
@@ -45,9 +38,7 @@ func HandleRequests() {
 	r.PATCH("/:id", middleware.ValidateIDParam(), controllers.UpdateName)
 	r.POST("/name", controllers.CreateName)
 	r.GET("/name/:name", middleware.ValidateNameParam(), waitGroupName)
-	r.GET("/metaphone/:name", middleware.ValidateNameParam(), preloadNameTypes(), middleware.ValidateNameParam(), waitGroupMetaphone)
-
-	gin.Logger()
+	r.GET("/metaphone/:name", middleware.ValidateNameParam(), preloadNameTypes(), waitGroupMetaphone)
 
 	// run
 	err = r.Run(DOOR)