Various improvements (#383)

* Improve moderation page style * Increase ban period of anti-spam measures to 1 hour * Fix i18n fallbacks in production * Add EMAIL_MAIL_REPLY_TO env variable support
2025-12-15 03:07:52 +01:00 · 2024-07-16 17:30:23 +02:00
parent a49b5695f5
commit 426d65df63
8 changed files with 23 additions and 13 deletions
--- a/app/assets/stylesheets/components/Billing.scss
+++ b/app/assets/stylesheets/components/Billing.scss
@@ -39,14 +39,14 @@
        .py-1,
        .mt-2;

+      background-color: var(--astuto-grey-light);
+      border-radius: 0.5rem;
+
      .yearlyPlanDiscount {
        @extend .ml-2;
        color: red;
      }

-      background-color: var(--astuto-grey-light);
-      border-radius: 0.5rem;
-
      li.nav-item {
        width: 130px;
      }
--- a/app/assets/stylesheets/components/Moderation/Feedback/index.scss
+++ b/app/assets/stylesheets/components/Moderation/Feedback/index.scss
@@ -20,18 +20,27 @@
      .nav-pills,
      .align-self-center,
      .px-2,
+      .py-1,
      .mt-4;

+    background-color: var(--astuto-grey-light);
+    border-radius: 0.5rem;
+
    .nav-item {
      cursor: pointer;
    }

    .nav-link {
+      @extend
+        .px-3,
+        .py-1;
+
      color: var(--astuto-black);

      &.active {
-        color: white;
-        background-color: var(--astuto-black);
+        color: var(--astuto-black);
+        background-color: white;
+        box-shadow: 0 2px 4px rgba(0, 0, 0, 0.1);
      }
    }
  }
--- a/app/controllers/posts_controller.rb
+++ b/app/controllers/posts_controller.rb
@@ -173,7 +173,7 @@ class PostsController < ApplicationController
    end

    def anti_spam_checks
-      params[:post][:dnf1] != "" || params[:post][:dnf2] != "" || Time.now.to_i - params[:post][:form_rendered_at] < 3
+      params[:post][:dnf1] != "" || params[:post][:dnf2] != "" || Time.now.to_i - params[:post][:form_rendered_at] < 2
    end

    def invalid_anonymous_submission
--- a/app/javascript/translations/index.js.erb
+++ b/app/javascript/translations/index.js.erb
@@ -3,7 +3,7 @@ import I18n from "i18n-js"
 I18n.translations = <%= I18n::JS.filtered_translations.to_json %>
 I18n.locale = LOCALE
 I18n.defaultLocale = "en"
-I18n.fallbacks = <%= not Rails.env.development? %>
+I18n.fallbacks = IS_PRODUCTION

 I18n.pluralization["zh-CN"] = function(count) { return ["other"] }
 I18n.pluralization["vi"] = function(count) { return ["other"] }
--- a/app/views/layouts/_set_js_locale.html.erb
+++ b/app/views/layouts/_set_js_locale.html.erb
@@ -3,4 +3,5 @@
  // Variable used in javascript/translations/index.js.erb
  
  var LOCALE = "<%= I18n.locale %>";
+  var IS_PRODUCTION = <%= Rails.env.production? %>;
 </script>
--- a/config/environments/development.rb
+++ b/config/environments/development.rb
@@ -60,7 +60,7 @@ Rails.application.configure do

  config.action_mailer.default_options = {
    from: ENV.fetch("EMAIL_MAIL_FROM", "noreply@astuto.io"),
-    reply_to: "noreply@astuto.io"
+    reply_to: ENV.fetch("EMAIL_MAIL_REPLY_TO", "noreply@astuto.io")
  }

  # Store uploaded files on the local file system (see config/storage.yml for options).
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@@ -84,12 +84,12 @@ Rails.application.configure do

  config.action_mailer.default_options = {
    from: ENV.fetch("EMAIL_MAIL_FROM", "noreply@astuto.io"),
-    reply_to: "noreply@astuto.io"
+    reply_to: ENV.fetch("EMAIL_MAIL_REPLY_TO", "noreply@astuto.io")
  }

  # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
  # the I18n.default_locale when a translation cannot be found).
-  config.i18n.fallbacks = true
+  config.i18n.fallbacks = [:en]

  # Send deprecation notices to registered listeners.
  config.active_support.deprecation = :notify
--- a/config/initializers/rack_attack.rb
+++ b/config/initializers/rack_attack.rb
@@ -58,7 +58,7 @@ class Rack::Attack
  end

  # Throttle POST requests to /posts by IP address using anti-spam measures
-  throttle('posts/ip', limit: 1, period: 1.minute) do |req|
+  throttle('posts/ip', limit: 1, period: 1.hour) do |req|
    if req.path == '/posts' && req.post?
      ip = req.get_header("action_dispatch.remote_ip")
      real_req = ActionDispatch::Request.new(req.env) # Needed to parse JSON body
@@ -67,10 +67,10 @@ class Rack::Attack
      honeypot_filled = real_req.params['post']['dnf1'] != "" || real_req.params['post']['dnf2'] != ""

      # Check for time of form render
-      too_fast_submit = Time.now.to_i - real_req.params[:post][:form_rendered_at] < 3
+      too_fast_submit = Time.now.to_i - real_req.params[:post][:form_rendered_at] < 2
  
      if honeypot_filled || too_fast_submit
-        Rack::Attack.cache.store.write("post-submit-antispam-#{ip}", true, expires_in: 1.minute)
+        Rack::Attack.cache.store.write("post-submit-antispam-#{ip}", true, expires_in: 1.hour)
      end
  
      # Block if this IP was previously flagged