AuthMeReloaded/src/main/java/fr/xephi/authme/data/TempbanManager.java at 1b53261add9806e77ba12e168ae5bd71f4e1172f · AuthMe/AuthMeReloaded · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
package fr.xephi.authme.data;

import fr.xephi.authme.initialization.HasCleanup;
import fr.xephi.authme.initialization.SettingsDependent;
import fr.xephi.authme.message.MessageKey;
import fr.xephi.authme.message.Messages;
import fr.xephi.authme.service.BukkitService;
import fr.xephi.authme.settings.Settings;
import fr.xephi.authme.settings.properties.SecuritySettings;
import fr.xephi.authme.util.PlayerUtils;
import fr.xephi.authme.util.expiring.TimedCounter;
import org.bukkit.entity.Player;

import javax.inject.Inject;
import java.util.Date;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.TimeUnit;

import static fr.xephi.authme.util.Utils.MILLIS_PER_MINUTE;

/**
 * Manager for handling temporary bans.
 */
public class TempbanManager implements SettingsDependent, HasCleanup {

    private final Map<String, TimedCounter<String>> ipLoginFailureCounts;
    private final BukkitService bukkitService;
    private final Messages messages;

    private boolean isEnabled;
    private int threshold;
    private int length;
    private long resetThreshold;
    private String customCommand;

    @Inject
    TempbanManager(BukkitService bukkitService, Messages messages, Settings settings) {
        this.ipLoginFailureCounts = new ConcurrentHashMap<>();
        this.bukkitService = bukkitService;
        this.messages = messages;
        reload(settings);
    }

    /**
     * Increases the failure count for the given IP address/username combination.
     *
     * @param address The player's IP address
     * @param name The username
     */
    public void increaseCount(String address, String name) {
        if (isEnabled) {
            TimedCounter<String> countsByName = ipLoginFailureCounts.computeIfAbsent(
                address, k -> new TimedCounter<>(resetThreshold, TimeUnit.MINUTES));
            countsByName.increment(name);
        }
    }

    /**
     * Set the failure count for a given IP address / username combination to 0.
     *
     * @param address The IP address
     * @param name The username
     */
    public void resetCount(String address, String name) {
        if (isEnabled) {
            TimedCounter<String> counter = ipLoginFailureCounts.get(address);
            if (counter != null) {
                counter.remove(name);
            }
        }
    }

    /**
     * Return whether the IP address should be tempbanned.
     *
     * @param address The player's IP address
     * @return True if the IP should be tempbanned
     */
    public boolean shouldTempban(String address) {
        if (isEnabled) {
            TimedCounter<String> countsByName = ipLoginFailureCounts.get(address);
            if (countsByName != null) {
                return countsByName.total() >= threshold;
            }
        }
        return false;
    }

    /**
     * Tempban a player's IP address for failing to log in too many times.
     * This calculates the expire time based on the time the method was called.
     *
     * @param player The player to tempban
     */
    public void tempbanPlayer(final Player player) {
        if (isEnabled) {
            final String name = player.getName();
            final String ip = PlayerUtils.getPlayerIp(player);
            final String reason = messages.retrieveSingle(player, MessageKey.TEMPBAN_MAX_LOGINS);

            final Date expires = new Date();
            long newTime = expires.getTime() + (length * MILLIS_PER_MINUTE);
            expires.setTime(newTime);

            bukkitService.runOnGlobalRegionScheduler(task -> {
                if (customCommand.isEmpty()) {
                    bukkitService.banIp(ip, reason, expires, "AuthMe");
                    player.kickPlayer(reason);
                } else {
                    String command = customCommand
                        .replace("%player%", name)
                        .replace("%ip%", ip);
                    bukkitService.dispatchConsoleCommand(command);
                }
            });

            ipLoginFailureCounts.remove(ip);
        }
    }

    @Override
    public void reload(Settings settings) {
        this.isEnabled = settings.getProperty(SecuritySettings.TEMPBAN_ON_MAX_LOGINS);
        this.threshold = settings.getProperty(SecuritySettings.MAX_LOGIN_TEMPBAN);
        this.length = settings.getProperty(SecuritySettings.TEMPBAN_LENGTH);
        this.resetThreshold = settings.getProperty(SecuritySettings.TEMPBAN_MINUTES_BEFORE_RESET);
        this.customCommand = settings.getProperty(SecuritySettings.TEMPBAN_CUSTOM_COMMAND);
    }

    @Override
    public void performCleanup() {
        for (TimedCounter<String> countsByIp : ipLoginFailureCounts.values()) {
            countsByIp.removeExpiredEntries();
        }
        ipLoginFailureCounts.entrySet().removeIf(e -> e.getValue().isEmpty());
    }
}