-
Notifications
You must be signed in to change notification settings - Fork 56
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Save last ip, user-agent and fingerprint on users #499
base: main
Are you sure you want to change the base?
Conversation
bf34dbb
to
b079f0c
Compare
b079f0c
to
8c2268f
Compare
@@ -0,0 +1,3 @@ | |||
ALTER TABLE "userSetting" ADD COLUMN "lastIp" varchar(255);--> statement-breakpoint |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ALTER TABLE "userSetting" ADD COLUMN "lastIp" varchar(255);--> statement-breakpoint | |
ALTER TABLE "userSetting" ADD COLUMN "last_ip" varchar(255);--> statement-breakpoint |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
cols are named in snake case
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
don't you want to implement it this way https://github.com/akash-network/console/blob/main/apps/api/src/core/services/request-context-interceptor/request-context.interceptor.ts ?
@@ -86,7 +99,10 @@ export async function getSettingsOrInit({ anonymousUserId, userId, wantedUsernam | |||
email: email, | |||
emailVerified: emailVerified, | |||
stripeCustomerId: null, | |||
subscribedToNewsletter: subscribedToNewsletter | |||
subscribedToNewsletter: subscribedToNewsletter, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
subscribedToNewsletter: subscribedToNewsletter, | |
subscribedToNewsletter, |
@@ -125,14 +141,26 @@ export async function getSettingsOrInit({ anonymousUserId, userId, wantedUsernam | |||
email: email, | |||
emailVerified: emailVerified, | |||
stripeCustomerId: null, | |||
subscribedToNewsletter: subscribedToNewsletter | |||
subscribedToNewsletter: subscribedToNewsletter, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
subscribedToNewsletter: subscribedToNewsletter, | |
subscribedToNewsletter, |
const user = await this.userRepository.create({ | ||
lastIp: ip, | ||
lastUserAgent: userAgent, | ||
lastFingerprint: lastFingerprint |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lastFingerprint: lastFingerprint | |
lastFingerprint |
@@ -20,8 +20,12 @@ export class UserController { | |||
private readonly staleAnonymousUsersCleanerService: StaleAnonymousUsersCleanerService | |||
) {} | |||
|
|||
async create(): Promise<AnonymousUserResponseOutput> { | |||
const user = await this.userRepository.create(); | |||
async create(ip: string | undefined, userAgent: string | undefined, lastFingerprint: string | undefined): Promise<AnonymousUserResponseOutput> { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
let's pass it as an object with params? controller method would generally accept a payload like so
You can access request via execution context here https://github.com/akash-network/console/blob/main/apps/api/src/core/services/request-context-interceptor/request-context.interceptor.ts
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this is fine for now, we log this and we can do better analysis on the usage and decide if we want to apply it or not.
Implement basic fingerprinting
clientInfoMiddleware
middleware to all routes to add the ip, user-agent and fingerprint to the request context.userSetting
).getConnInfo
fromhono/node-server
.predictedBlockDate
,predictedDateHeight
,providerDeployments
andtransactionList
endpoints were to fix typing issues that surfaced after upgrading.The fingerprinting is done server-side and is inspired by express-fingerprint. It uses information from the following sources to generate a hash: