Skip to content
master
Switch branches/tags
Code

Latest commit

This diff adds a email rate limiter functionality for the `mail`
package. It extends`client` with the rate limiting functionality. This
is done in order to avoid malicious behaviour and avoid spams on the
politeia's smtp server.

- Adds a `Mailer` interface to the `mail` package, providing an API to
  interact with the smtp client.
  - `IsEnabled` returns wether the smtp server is enabled 
  - `SendTo` sends emails to anyone _without_ rate limiting functionality
  - `SendToUsers` sends emails to politeiawww users _with_ rate limiting
     functionality
  
- Adds a new `email_histories` table to the `user` database.
  - `user_id` as primary key.
  - `blob` containing the user's encrypted email history, which in turn
     contains the unix timestamps in which the last emails were sent in a
     24h window for that user, and a `bool` to tell if the user has already
     received the rate limit warning email.
  
- Adds a `MailerDB` interface to the `user` package, used to interact
  with the `email_histories` table.
  - `EmailHistoriesSave` upsert email histories for the given users
  - `EmailHistoriesGet` retrieve email histories for the given users

- Adds a `TestMailerDB` interface to the `user` package, used to test
the rate limiting functionality from the `mail` package.

The reason a new table was created for this, instead of just adding this
data to the user object, was to avoid race conditions on database calls,
since our `user` database currently does not support transactions, and
email notifications run in a separate go routine. This will not be the
case once the user layer gets rewritten.
84a52cf

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

politeia

Build Status ISC License Go Report Card

Politeia is a system for storing off-chain data that is both versioned and timestamped, essentially “git, a popular revision control system, plus timestamping”. Instead of attempting to store all the data related to Decred’s governance on-chain, we have opted to create an off-chain store of data that is anchored into Decred’s blockchain, minimizing its on-chain footprint.

The politeia stack is as follows:

~~~~~~~~ Internet ~~~~~~~~~
            |
+-------------------------+
|      politeiawww        |
+-------------------------+
            |
+-------------------------+
|        politeiad        |
+-------------------------+
            |
~~~~~~~~ Internet ~~~~~~~~~
            |
+-------------------------+
|        dcrtimed         |
+-------------------------+

Core software:

  • politeiad - Reference server daemon. Data layer.
  • politeiawww - Web backend server; depends on politeiad. User layer.

The politeiawww APIs and politeiawww client can be treated as stable. All other APIs and libraries should be treated as unstable and subject to breaking changes.

See the politeiad README for instructions on building and running politeiad.

See the politeiawww README for instructions on building and running politeiawww.