first vpn attempt

package.json

@@ -9,6 +9,7 @@
   "dependencies": {
     "express": "^4.16.3",
     "http-errors": "^1.7.0",
-    "pug": "2.0.0-beta11"
+    "pug": "2.0.0-beta11",
+    "request": "^2.88.0"
   }
 }

routes/index.js

@@ -1,18 +1,27 @@
 const express = require('express')
 const router = express.Router()
 
-const fromTor = require('./tor')
+const { fromTor, fromVpn } = require('./utils')
 
 // magic
 const render = template => (req, res) => res.render(template)
 
 router.get('/', render('index'))
 
-// livello I
+// level I (tor -> read metadata)
 router.get('/subito', fromTor,
-    (req, res) => res.render(req.fromTor ? 'torok' : 'tornook') )
+  (req, res) => res.render(req.fromTor ? 'torok' : 'tornook') )
 
-// livello II
+// level II (read metadata -> mail)
 router.get('/metadata', render('metadata'))
 
+// level IV (mail -> vpn)
+router.get('/mail', render('mail'))
+
+// level V (vpn -> read mail)
+router.get('/vpn', fromTor, fromVpn, (req, res) => {
+  if (!req.isTor && req.isVpn) render('vpnok')
+  else render('vpnnook')
+})
+
 module.exports = router

routes/tor.js

@@ -1,19 +0,0 @@
-const { promisify } = require('util')
-const dns = require('dns')
-const lookup = promisify(dns.lookup)
-
-// https://www.torproject.org/projects/tordnsel.html.en
-// check if request comes from tor
-module.exports = async (req, res, next) => {
-  const source_ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress
-  const ip = source_ip.split('.').reverse().join('.')
-  const server_ip = '51.68.126.235'.split('.').reverse().join('.')
-  const domain = `${ip}.80.${server_ip}.ip-port.exitlist.torproject.org`
-  try {
-    const ret = await lookup(domain, {})
-    req.fromTor = (ret.address === '127.0.0.2')
-  } catch(e) {
-    req.fromTor = false
-  }
-  next()
-}

routes/utils.js

@@ -0,0 +1,39 @@
+const { promisify } = require('util')
+const dns = require('dns')
+const lookup = promisify(dns.lookup)
+const request = require('request')
+
+// https://www.torproject.org/projects/tordnsel.html.en
+// check if request comes from tor
+const fromTor = async (req, res, next) => {
+  const sourceIp = req.headers['x-forwarded-for'] || req.connection.remoteAddress
+  const ip = sourceIp.split('.').reverse().join('.')
+  const serverIp = '51.68.126.235'.split('.').reverse().join('.')
+  const domain = `${ip}.80.${serverIp}.ip-port.exitlist.torproject.org`
+  try {
+    const ret = await lookup(domain, {})
+    req.fromTor = (ret.address === '127.0.0.2')
+  } catch(e) {
+    req.fromTor = false
+  }
+  next()
+}
+
+// check if request comes from proxy/VPN/tor
+const fromVpn = async (req, res, next) => {
+  const sourceIp = req.headers['x-forwarded-for'] || req.connection.remoteAddress
+  const baseUrl = 'https://check.getipintel.net/check.php?ip='
+  const url = `${baseUrl}${sourceIp}&contact=anna@fugadalcontrollo.org`
+  console.log(url);
+  request(url, 
+    (err, res, body) => {
+      if (!err && res.statusCode === 200) {
+        console.log(body)
+      } else {
+        console.log(err, body)
+      }
+    })
+}
+
+
+module.exports = { fromTor, fromVpn }

views/mail.pug

@@ -0,0 +1,5 @@
+extends layout
+
+block content
+  p.
+    Bla bla bla, dovevo usare una VPN per visitare <a href="/vpn">qua</a>.