improe announce

app/Console/Commands/Test.php

@@ -97,7 +97,9 @@ class Test extends Command
      */
     public function handle()
     {
-        $r = NexusDB::cache_get("user_all_permissions:10001");
+        $authkey = "12|52|abc";
+        $subAuthkey = substr($authkey, 0, strrpos($authkey, "|"));
+        $r = $subAuthkey;
         dd($r);
     }
 

app/Repositories/TorrentRepository.php

@@ -381,12 +381,14 @@ class TorrentRepository extends BaseRepository
 
     private function getTrackerReportAuthKeySecret($id, $uid, $initializeIfNotExists = false)
     {
-        $secret = TorrentSecret::query()
-            ->where('uid', $uid)
-            ->whereIn('torrent_id', [0, $id])
-            ->orderBy('torrent_id', 'desc')
-            ->orderBy('id', 'desc')
-            ->first();
+        $secret = NexusDB::remember("torrent_secret_{$uid}_{$id}", 3600, function () use ($id, $uid) {
+            return TorrentSecret::query()
+                ->where('uid', $uid)
+                ->whereIn('torrent_id', [0, $id])
+                ->orderBy('torrent_id', 'desc')
+                ->orderBy('id', 'desc')
+                ->first();
+        });
 
         if ($secret) {
             return $secret->secret;

include/constants.php

@@ -1,6 +1,6 @@
 <?php
 defined('VERSION_NUMBER') || define('VERSION_NUMBER', '1.8.4');
-defined('RELEASE_DATE') || define('RELEASE_DATE', '2023-05-27');
+defined('RELEASE_DATE') || define('RELEASE_DATE', '2023-05-30');
 defined('IN_TRACKER') || define('IN_TRACKER', false);
 defined('PROJECTNAME') || define("PROJECTNAME","NexusPHP");
 defined('NEXUSPHPURL') || define("NEXUSPHPURL","https://nexusphp.org");

include/globalfunctions.php

@@ -830,7 +830,7 @@ function do_action($name, ...$args)
     return $hook->doAction(...func_get_args());
 }
 
-function isIPSeedBox($ip, $uid = null, $withoutCache = false): bool
+function isIPSeedBox($ip, $uid, $withoutCache = false): bool
 {
     $key = "nexus_is_ip_seed_box:ip:$ip:uid:$uid";
     $cacheData = \Nexus\Database\NexusDB::cache_get($key);
@@ -995,6 +995,8 @@ function clear_user_cache($uid, $passkey = '')
     \Nexus\Database\NexusDB::cache_del("user_{$uid}_roles");
     \Nexus\Database\NexusDB::cache_del("announce_user_passkey_$uid");//announce.php
     \Nexus\Database\NexusDB::cache_del(\App\Models\Setting::DIRECT_PERMISSION_CACHE_KEY_PREFIX . $uid);
+    \Nexus\Database\NexusDB::cache_del("user_role_ids:$uid");
+    \Nexus\Database\NexusDB::cache_del("direct_permissions:$uid");
     if ($passkey) {
         \Nexus\Database\NexusDB::cache_del('user_passkey_'.$passkey.'_content');//announce.php
     }

nexus/Plugin/BasePlugin.php

@@ -4,6 +4,7 @@ namespace Nexus\Plugin;
 use App\Repositories\BaseRepository;
 use Illuminate\Support\Arr;
 use Illuminate\Support\Facades\Artisan;
+use Nexus\Database\NexusDB;
 
 abstract class BasePlugin extends BaseRepository
 {

public/announce.php

@@ -1,6 +1,47 @@
 <?php
 require '../include/bittorrent_announce.php';
 require ROOT_PATH . 'include/core.php';
+$redis = $Cache->getRedis();
+$torrentNotExistsKey = "torrent_not_exists";
+$authKeyInvalidKey = "authkey_invalid";
+$passkeyInvalidKey = "passkey_invalid";
+if (!empty($_GET['authkey'])) {
+    $authkey = $_GET['authkey'];
+    $parts = explode("|", $authkey);
+    if (count($parts) != 3) {
+        err("authkey format error");
+    }
+    $tid = $parts[0];
+    $uid = $parts[1];
+    $subAuthkey = sprintf("%s|%s", $tid, $uid);
+    if (!$redis->set($subAuthkey, TIMENOW, ['nx', 'ex' => 60])) {
+        $msg = "Request too frequent(a)";
+        do_log("[ANNOUNCE] $msg");
+        err($msg);
+    }
+    if ($redis->get("$authKeyInvalidKey:$authkey")) {
+        $msg = "Invalid authkey";
+        do_log("[ANNOUNCE] $msg");
+        err($msg);
+    }
+}
+if (!empty($_GET['passkey'])) {
+    $passkey = $_GET['passkey'];
+    if ($redis->get("$passkeyInvalidKey:$passkey")) {
+        $msg = "Passkey invalid";
+        do_log("[ANNOUNCE] $msg");
+        err($msg);
+    }
+}
+if (!empty($_GET['info_hash'])) {
+    $info_hash = $_GET['info_hash'];
+    if ($redis->get("$torrentNotExistsKey:$info_hash")) {
+        $msg = "Torrent not exists";
+        do_log("[ANNOUNCE] $msg");
+        err($msg);
+    }
+}
+
 //do_log(nexus_json_encode($_SERVER));
 //1. BLOCK ACCESS WITH WEB BROWSERS AND CHEATS!
 $agent = $_SERVER["HTTP_USER_AGENT"] ?? '';
@@ -11,6 +52,7 @@ if (!empty($_REQUEST['authkey'])) {
     try {
         $_GET['passkey'] = get_passkey_by_authkey($_REQUEST['authkey']);
     } catch (\Exception $exception) {
+        $redis->set("$authKeyInvalidKey:".$_REQUEST['authkey'], TIMENOW, ['ex' => 3600*24]);
         err($exception->getMessage());
     }
 }
@@ -87,7 +129,10 @@ if (!$az = $Cache->get_value('user_passkey_'.$passkey.'_content')){
 	do_log("[check passkey], currentUser: " . nexus_json_encode($az));
 	$Cache->cache_value('user_passkey_'.$passkey.'_content', $az, 3600);
 }
-if (!$az) err("Invalid passkey! Re-download the .torrent from $BASEURL");
+if (!$az) {
+    $redis->set("$passkeyInvalidKey:$passkey", TIMENOW, ['ex' => 24*3600]);
+    err("Invalid passkey! Re-download the .torrent from $BASEURL");
+}
 $userid = intval($az['id'] ?? 0);
 unset($GLOBALS['CURUSER']);
 $CURUSER = $GLOBALS["CURUSER"] = $az;
@@ -138,7 +183,7 @@ if (!$torrent) {
     $end = strpos($queryString, "&", $start);
     $infoHashUrlEncode = substr($queryString, $start, $end - $start);
     do_log("[TORRENT NOT EXISTS] $checkTorrentSql, params: $queryString, infoHashUrlEncode: $infoHashUrlEncode");
-
+    $redis->set("$torrentNotExistsKey:$info_hash", TIMENOW, ['ex' => 24*3600]);
     err("torrent not registered with this tracker");
 }
 if ($torrent['banned'] == 'yes') {
@@ -224,7 +269,7 @@ foreach(['info_hash', 'passkey', 'peer_id'] as $lockField) {
 $lockString = http_build_query($lockParams);
 $lockKey = "isReAnnounce:" . md5($lockString);
 $log .= ", [CHECK_RE_ANNOUNCE], lockString: $lockString, lockKey: $lockKey";
-$redis = $Cache->getRedis();
+
 if (!$redis->set($lockKey, TIMENOW, ['nx', 'ex' => 5])) {
     do_log("$log, [YES_RE_ANNOUNCE]");
     benc_resp($rep_dict);