edit visibility of Job members and integration of a generic checker for nginx

confs/site/main-lua.conf

@@ -69,6 +69,7 @@ local iputils			= require "resty.iputils"
 local behavior			= require "behavior"
 local logger			= require "logger"
 local redis			= require "resty.redis"
+local checker			= require "checker"
 
 -- user variables
 local antibot_uri		= "{{ ANTIBOT_URI }}"
@@ -157,8 +158,8 @@ end
 
 -- check if IP is in proxies list
 if use_proxies then
-	local value, flags = ngx.shared.proxies_data:get(iputils.ip2bin(ngx.var.remote_addr))
-	if value ~= nil then
+	local checker = checker:new("proxies", ngx.shared.proxies_data, redis_client, "simple")
+	if checker:check(iputils.ip2bin(ngx.var.remote_addr)) then
 		logger.log(ngx.WARN, "PROXIES", "IP " .. ngx.var.remote_addr .. " is in proxies list")
 		ngx.exit(ngx.HTTP_FORBIDDEN)
 	end
@@ -166,8 +167,8 @@ end
 
 -- check if IP is in abusers list
 if use_abusers then
-	local value, flags = ngx.shared.abusers_data:get(iputils.ip2bin(ngx.var.remote_addr))
-	if value ~= nil then
+	local checker = checker:new("abusers", ngx.shared.abusers_data, redis_client, "simple")
+	if checker:check(iputils.ip2bin(ngx.var.remote_addr)) then
 		logger.log(ngx.WARN, "ABUSERS", "IP " .. ngx.var.remote_addr .. " is in abusers list")
 		ngx.exit(ngx.HTTP_FORBIDDEN)
 	end
@@ -175,8 +176,8 @@ end
 
 -- check if IP is in TOR exit nodes list
 if use_tor_exit_nodes then
-	local value, flags = ngx.shared.tor_exit_nodes_data:get(iputils.ip2bin(ngx.var.remote_addr))
-	if value ~= nil then
+	local checker = checker:new("exit-nodes", ngx.shared.tor_exit_nodes_data, redis_client, "simple")
+	if checker:check(iputils.ip2bin(ngx.var.remote_addr)) then
 		logger.log(ngx.WARN, "TOR", "IP " .. ngx.var.remote_addr .. " is in TOR exit nodes list")
 		ngx.exit(ngx.HTTP_FORBIDDEN)
 	end
@@ -193,23 +194,9 @@ if use_user_agents and ngx.var.http_user_agent ~= nil then
 		end
 	end
 	if not whitelisted then
-		local value, flags = ngx.shared.user_agents_cache:get(ngx.var.http_user_agent)
-		if value == nil then
-			local patterns = ngx.shared.user_agents_data:get_keys(0)
-			for i, pattern in ipairs(patterns) do
-				if string.match(ngx.var.http_user_agent, pattern) then
-					value = "ko"
-					ngx.shared.user_agents_cache:set(ngx.var.http_user_agent, "ko", 86400)
-					break
-				end
-			end
-			if value == nil then
-				value = "ok"
-				ngx.shared.user_agents_cache:set(ngx.var.http_user_agent, "ok", 86400)
-			end
-		end
-		if value == "ko" then
-			logger.log(ngx.WARN, "USER-AGENT", "User-Agent " .. ngx.var.http_user_agent .. " is blacklisted")
+		local checker = checker:new("user-agents", ngx.shared.user_agents_data, redis_client, "match")
+		if checker:check(ngx.var.http_user_agent) then
+			logger.log(ngx.WARN, "USER-AGENTS", "User-Agent " .. ngx.var.http_user_agent .. " is blacklisted")
 			ngx.exit(ngx.HTTP_FORBIDDEN)
 		end
 	end
@@ -217,23 +204,9 @@ end
 
 -- check if referrer is allowed
 if use_referrer and ngx.var.http_referer ~= nil then
-	local value, flags = ngx.shared.referrers_cache:get(ngx.var.http_referer)
-	if value == nil then
-		local patterns = ngx.shared.referrers_data:get_keys(0)
-		for i, pattern in ipairs(patterns) do
-			if string.match(ngx.var.http_referer, pattern) then
-				value = "ko"
-				ngx.shared.referrers_cache:set(ngx.var.http_referer, "ko", 86400)
-				break
-			end
-		end
-		if value == nil then
-			value = "ok"
-			ngx.shared.referrers_cache:set(ngx.var.http_referer, "ok", 86400)
-		end
-	end
-	if value == "ko" then
-		logger.log(ngx.WARN, "REFERRER", "Referrer " .. ngx.var.http_referer .. " is blacklisted")
+	local checker = checker:new("referrers", ngx.shared.referrers_data, redis_client, "match")
+	if checker:check(ngx.var.http_referer) then
+		logger.log(ngx.WARN, "REFERRERS", "Referrer " .. ngx.var.http_referer .. " is blacklisted")
 		ngx.exit(ngx.HTTP_FORBIDDEN)
 	end
 end