Discourse-ip-alert：需要帮助创建的插件

OrkoGrayskull · 2025 年3 月 18 日 12:31

此插件旨在在用户从可疑 IP 地址登录时，向所有管理员发送电子邮件警报。它通过从最新的身份验证令牌中提取 IP（使用 client_ip 字段），将此 IP 与站点设置 (ip_alert_suspicious_ips) 中定义的阻止列表进行检查，如果 IP 与任何阻止的模式匹配，则向所有管理员用户发送警告电子邮件。

观察到的错误：

尽管插件代码看起来正确，并且遵循标准的 Discourse 插件模式，但在登录时我仍然遇到通用的“糟糕 – 为此讨论论坛提供支持的软件遇到了意外问题”错误。错误日志没有显示来自我们的 [DiscourseIpAlert] 日志消息的清晰指示，堆栈跟踪也没有直接指出我们插件代码中的问题。

当前状态：

我已经多次审查和修改了插件，包括验证站点设置并确保钩子 (on(:user_logged_in)) 已正确注册。IP 提取和电子邮件发送逻辑也似乎已正确实现，但 500 内部服务器错误仍然存在，而没有明确的堆栈跟踪将其链接到我们的插件。

有什么帮助吗？

plugin.rb：

# frozen_string_literal: true

# name: discourse-ip-alert
# about: Sends an email alert when a user logs in from a suspicious IP address.
# version: 0.7
# authors: OrkoGrayskull (revised)
# required_version: 3.5.0

enabled_site_setting :ip_alert_enabled
enabled_site_setting :ip_alert_suspicious_ips

module ::DiscourseIpAlert
  PLUGIN_NAME = "discourse-ip-alert"

  require 'ipaddr'
  require 'mail'

  # Extracts the IP address from the latest authentication token
  def self.extract_ip(user)
    token = UserAuthToken.where(user_id: user.id).order(created_at: :desc).first
    ip = token&.attributes["client_ip"]
    Rails.logger.info("[DiscourseIpAlert] extract_ip: Extracted IP from UserAuthToken: #{ip.inspect}")
    ip
  rescue => e
    Rails.logger.error("[DiscourseIpAlert] extract_ip error: #{e.message}")
    nil
  end

  # Checks if the given IP address is present in the blocklist
  def self.ip_blocked?(ip_address)
    return false if ip_address.blank?
    blocked_ips = SiteSetting.ip_alert_suspicious_ips.split(",").map(&:strip)
    Rails.logger.info("[DiscourseIpAlert] ip_blocked?: Blocked IPs: #{blocked_ips.inspect}")
    blocked_ips.any? do |blocked|
      if blocked.include?('*')
        regex = Regexp.new("^" + Regexp.escape(blocked).gsub('\*', '\d{1,3}') + "$")
        Rails.logger.info("[DiscourseIpAlert] ip_blocked?: Comparing #{ip_address} with wildcard regex #{regex.inspect}")
        ip_address.match?(regex)
      else
        begin
          result = IPAddr.new(blocked).include?(ip_address)
          Rails.logger.info("[DiscourseIpAlert] ip_blocked?: Comparing #{ip_address} with #{blocked}: #{result}")
          result
        rescue IPAddr::InvalidAddressError => e
          Rails.logger.error("[DiscourseIpAlert] ip_blocked?: Invalid IP in blocklist: #{blocked} (#{e.message})")
          false
        end
      end
    end
  rescue => e
    Rails.logger.error("[DiscourseIpAlert] ip_blocked? error: #{e.message}")
    false
  end

  # Sends a warning email to all admins
  def self.send_warning_email(user, ip_address)
    admin_emails = User.where(admin: true).pluck(:email)
    return if admin_emails.empty?
    subject = "⚠️ Warning: Login from a Suspicious IP!"
    body = <<~BODY
      Attention!

      The user #{user.username} (#{user.email}) has logged in from the IP address #{ip_address},
      which has been flagged as suspicious.

      Please review this account.
    BODY
    admin_emails.each do |email|
      begin
        mail = Mail.new do
          from    ENV['DISCOURSE_NOTIFICATION_EMAIL'] || 'no-reply@example.org'
          to      email
          subject subject
          body    body
        end
        Rails.logger.info("[DiscourseIpAlert] Sending warning email to #{email}")
        mail.deliver!
      rescue => e
        Rails.logger.error("[DiscourseIpAlert] Error sending email to #{email}: #{e.message}")
      end
    end
  rescue => e
    Rails.logger.error("[DiscourseIpAlert] send_warning_email error: #{e.message}")
  end

  # Processes the user login: extracts the IP, checks the blocklist, and sends a warning email if necessary
  def self.process_user_login(user)
    Rails.logger.info("[DiscourseIpAlert] process_user_login for user: #{user.username}")
    ip_address = extract_ip(user)
    unless ip_address
      Rails.logger.warn("[DiscourseIpAlert] No IP address extracted – skipping further processing.")
      return
    end
    if ip_blocked?(ip_address)
      Rails.logger.warn("[DiscourseIpAlert] Suspicious IP detected: #{ip_address}")
      send_warning_email(user, ip_address)
    else
      Rails.logger.info("[DiscourseIpAlert] IP #{ip_address} is considered safe.")
    end
  rescue => e
    Rails.logger.error("[DiscourseIpAlert] process_user_login error: #{e.message}")
  end
end

after_initialize do
  Rails.logger.info("[DiscourseIpAlert] after_initialize: Plugin is being integrated into the login process.")

  # Register the hook that is called on every user login
  on(:user_logged_in) do |user|
    begin
      Rails.logger.info("[DiscourseIpAlert] on(:user_logged_in) hook called for user: #{user.username}")
      ::DiscourseIpAlert.process_user_login(user)
    rescue => e
      Rails.logger.error("[DiscourseIpAlert] Error in on(:user_logged_in) hook: #{e.message}")
    end
  end
end

config/settings.yml：

ip_alert_enabled:
  default: false
  client: true
  type: bool
  description: "Enable the IP alert"

ip_alert_suspicious_ips:
  default: "192.168.1.1,203.0.113.0/24"
  client: true
  type: string
  description: "List of suspicious IP addresses (comma-separated)"

话题		回复	浏览量
Unable to Login to Discourse, using wpdiscourse plugin WordPress	4	1241	2021 年11 月 18 日
Polls disabled caused 500 error Support	10	707	2018 年7 月 26 日
How to alert admins if there is an error in a custom plugin? Dev	5	1012	2017 年9 月 20 日
Discourse none admin side not working returning error 500 Support	9	1507	2023 年8 月 31 日
Discourse Oops message error 500 due to plugin Installation	2	687	2018 年7 月 21 日

Discourse-ip-alert：需要帮助创建的插件

相关话题