livepeer · gioelecerati · Nov 3, 2023 · Nov 20, 2023 · victorges · Nov 21, 2023
@@ -78,6 +78,7 @@
     "express-async-errors": "^3.1.1",
     "express-mung": "^0.5.1",
     "express-prom-bundle": "^6.4.1",
+    "fakefilter": "^0.1.663",
     "fast-stable-stringify": "^1.0.0",
     "fs-extra": "^7.0.1",
     "google-auth-library": "^5.2.2",

@@ -126,11 +126,18 @@ app.post(
       throw new NotFoundError("Content not found");
     }
 
+    console.log(
+      `access-control: gate: checking access for contentId=${content.id} playbackId=${playbackId} user=${user.id}`
+    );
+
     const playbackPolicyType = content.playbackPolicy?.type ?? "public";
 
     if (user.createdAt < HACKER_DISABLE_CUTOFF_DATE) {
       let limitReached = await freeTierLimitReached(content, user, req);
       if (limitReached) {
+        console.log(`
+          access-control: gate: disallowing playback for contentId=${content.id} with playbackId=${playbackId} user=${user.id} reached viewership limit
+        `);
         throw new ForbiddenError("Free tier user reached viewership limit");
       }
     }

@@ -10,6 +10,7 @@ import { products } from "../config";
 import hash from "../hash";
 import logger from "../logger";
 import { authorizer, validatePost } from "../middleware";
+import { isFakeEmail } from "fakefilter";
 import {
   CreateCustomer,
   CreateSubscription,
@@ -317,6 +318,12 @@ app.post("/", validatePost("user"), async (req, res) => {
     return;
   }
 
+  if (isFakeEmail(email)) {
+    res.status(422);
+    res.json({ errors: ["invalid email"] });
+    return;
+  }
+
   const isEmailRegisteredAlready = await isEmailRegistered(email);
   if (isEmailRegisteredAlready) {
     res.status(409);

diff --git a/yarn.lock b/yarn.lock
@@ -13158,6 +13158,11 @@ eyes@^0.1.8:
   resolved "https://registry.npmjs.org/eyes/-/eyes-0.1.8.tgz"
   integrity sha512-GipyPsXO1anza0AOZdy69Im7hGFCNB7Y/NGjDlZGJ3GJJLtwNSb2vrzYrTYJRrRloVx7pl+bhUaTB8yiccPvFQ==
 
+fakefilter@^0.1.663:
+  version "0.1.663"
+  resolved "https://registry.yarnpkg.com/fakefilter/-/fakefilter-0.1.663.tgz#68903a8a45d2ec0b6d18a6ed408eea515927f22d"
+  integrity sha512-0cLVuCX0y1LR9NBT+aOhPJFkYqA9VIooDwLtrlkV2QgWXjyj93E7Nh7sDON+oDyd51HvdBDKnDdO5kZflHFxvQ==
+
 falafel@^2.1.0:
   version "2.2.5"
   resolved "https://registry.npmjs.org/falafel/-/falafel-2.2.5.tgz"