⏪ (radar) Remove IP ban system

baptisteArno · Jan 2, 2024 · 7ce1a4d · 7ce1a4d · vercel · Jan 2, 2024
1 parent 6246429
commit 7ce1a4d
Show file tree

Hide file tree

Showing 4 changed files with 5 additions and 46 deletions.
diff --git a/apps/builder/src/features/auth/components/SignInForm.tsx b/apps/builder/src/features/auth/components/SignInForm.tsx
@@ -89,13 +89,7 @@ export const SignInForm = ({
         redirect: false,
       })
       if (response?.error) {
-        if (response.error.includes('ip-banned'))
-          showToast({
-            status: 'info',
-            description:
-              'Your account has suspicious activity and is being reviewed by our team. Feel free to contact us.',
-          })
-        else if (response.error.includes('rate-limited'))
+        if (response.error.includes('rate-limited'))
           showToast({
             status: 'info',
             description: t('auth.signinErrorToast.tooManyRequests'),

diff --git a/apps/builder/src/features/typebot/api/publishTypebot.ts b/apps/builder/src/features/typebot/api/publishTypebot.ts
@@ -41,7 +41,7 @@ export const publishTypebot = authenticatedProcedure
       message: z.literal('success'),
     })
   )
-  .mutation(async ({ input: { typebotId }, ctx: { user, ip } }) => {
+  .mutation(async ({ input: { typebotId }, ctx: { user } }) => {
     const existingTypebot = await prisma.typebot.findFirst({
       where: {
         id: typebotId,
@@ -102,7 +102,7 @@ export const publishTypebot = authenticatedProcedure
     const riskLevel = typebotWasVerified ? 0 : computeRiskLevel(existingTypebot)
 
     if (riskLevel > 0 && riskLevel !== existingTypebot.riskLevel) {
-      if (env.MESSAGE_WEBHOOK_URL && riskLevel !== 100)
+      if (env.MESSAGE_WEBHOOK_URL && riskLevel !== 100 && riskLevel > 60)
         await fetch(env.MESSAGE_WEBHOOK_URL, {
           method: 'POST',
           body: `⚠️ Suspicious typebot to be reviewed: ${existingTypebot.name} (${env.NEXTAUTH_URL}/typebots/${existingTypebot.id}/edit) (workspace: ${existingTypebot.workspaceId})`,
@@ -125,21 +125,6 @@ export const publishTypebot = authenticatedProcedure
               id: existingTypebot.publishedTypebot.id,
             },
           })
-        if (ip) {
-          const isIpAlreadyBanned = await prisma.bannedIp.findFirst({
-            where: {
-              ip,
-            },
-          })
-          if (!isIpAlreadyBanned)
-            await prisma.bannedIp.create({
-              data: {
-                ip,
-                responsibleTypebotId: existingTypebot.id,
-                userId: user.id,
-              },
-            })
-        }
         throw new TRPCError({
           code: 'FORBIDDEN',
           message:

diff --git a/apps/builder/src/helpers/server/context.ts b/apps/builder/src/helpers/server/context.ts
@@ -1,15 +1,12 @@
 import { getAuthenticatedUser } from '@/features/auth/helpers/getAuthenticatedUser'
 import { inferAsyncReturnType } from '@trpc/server'
 import * as trpcNext from '@trpc/server/adapters/next'
-import { getIp } from '@typebot.io/lib/getIp'
 
 export async function createContext(opts: trpcNext.CreateNextContextOptions) {
   const user = await getAuthenticatedUser(opts.req, opts.res)
-  const ip = getIp(opts.req)
 
   return {
     user,
-    ip,
   }
 }
 

diff --git a/apps/builder/src/pages/api/auth/[...nextauth].ts b/apps/builder/src/pages/api/auth/[...nextauth].ts
@@ -128,7 +128,7 @@ if (env.CUSTOM_OAUTH_WELL_KNOWN_URL) {
 export const getAuthOptions = ({
   restricted,
 }: {
-  restricted?: 'ip-banned' | 'rate-limited'
+  restricted?: 'rate-limited'
 }): AuthOptions => ({
   adapter: customAdapter(prisma),
   secret: env.ENCRYPTION_SECRET,
@@ -159,7 +159,6 @@ export const getAuthOptions = ({
       }
     },
     signIn: async ({ account, user }) => {
-      if (restricted === 'ip-banned') throw new Error('ip-banned')
       if (restricted === 'rate-limited') throw new Error('rate-limited')
       if (!account) return false
       const isNewUser = !('createdAt' in user && isDefined(user.createdAt))
@@ -196,23 +195,7 @@ const handler = async (req: NextApiRequest, res: NextApiResponse) => {
   const requestIsFromCompanyFirewall = req.method === 'HEAD'
   if (requestIsFromCompanyFirewall) return res.status(200).end()
 
-  let restricted: 'ip-banned' | 'rate-limited' | undefined
-
-  if (
-    env.RADAR_HIGH_RISK_KEYWORDS &&
-    ((req.method === 'POST' && req.url?.startsWith('/api/auth/signin')) ||
-      (req.method === 'GET' && req.url?.startsWith('/api/auth/callback')))
-  ) {
-    const ip = getIp(req)
-    if (ip) {
-      const isIpBanned = await prisma.bannedIp.count({
-        where: {
-          ip,
-        },
-      })
-      if (isIpBanned) restricted = 'ip-banned'
-    }
-  }
+  let restricted: 'rate-limited' | undefined
 
   if (
     rateLimit &&