From 426d65df6354ee5942c9d5cd4e2ce2af760d30f5 Mon Sep 17 00:00:00 2001 From: Riccardo Graziosi <31478034+riggraz@users.noreply.github.com> Date: Tue, 16 Jul 2024 17:30:23 +0200 Subject: [PATCH] Various improvements (#383) * Improve moderation page style * Increase ban period of anti-spam measures to 1 hour * Fix i18n fallbacks in production * Add EMAIL_MAIL_REPLY_TO env variable support --- app/assets/stylesheets/components/Billing.scss | 6 +++--- .../components/Moderation/Feedback/index.scss | 13 +++++++++++-- app/controllers/posts_controller.rb | 2 +- app/javascript/translations/index.js.erb | 2 +- app/views/layouts/_set_js_locale.html.erb | 1 + config/environments/development.rb | 2 +- config/environments/production.rb | 4 ++-- config/initializers/rack_attack.rb | 6 +++--- 8 files changed, 23 insertions(+), 13 deletions(-) diff --git a/app/assets/stylesheets/components/Billing.scss b/app/assets/stylesheets/components/Billing.scss index 6464d319..c8dfc618 100644 --- a/app/assets/stylesheets/components/Billing.scss +++ b/app/assets/stylesheets/components/Billing.scss @@ -39,14 +39,14 @@ .py-1, .mt-2; + background-color: var(--astuto-grey-light); + border-radius: 0.5rem; + .yearlyPlanDiscount { @extend .ml-2; color: red; } - background-color: var(--astuto-grey-light); - border-radius: 0.5rem; - li.nav-item { width: 130px; } diff --git a/app/assets/stylesheets/components/Moderation/Feedback/index.scss b/app/assets/stylesheets/components/Moderation/Feedback/index.scss index 9ac958e2..236dc0b3 100644 --- a/app/assets/stylesheets/components/Moderation/Feedback/index.scss +++ b/app/assets/stylesheets/components/Moderation/Feedback/index.scss @@ -20,18 +20,27 @@ .nav-pills, .align-self-center, .px-2, + .py-1, .mt-4; + background-color: var(--astuto-grey-light); + border-radius: 0.5rem; + .nav-item { cursor: pointer; } .nav-link { + @extend + .px-3, + .py-1; + color: var(--astuto-black); &.active { - color: white; - background-color: var(--astuto-black); + color: var(--astuto-black); + background-color: white; + box-shadow: 0 2px 4px rgba(0, 0, 0, 0.1); } } } diff --git a/app/controllers/posts_controller.rb b/app/controllers/posts_controller.rb index 56d457e4..f0aaa5a6 100644 --- a/app/controllers/posts_controller.rb +++ b/app/controllers/posts_controller.rb @@ -173,7 +173,7 @@ class PostsController < ApplicationController end def anti_spam_checks - params[:post][:dnf1] != "" || params[:post][:dnf2] != "" || Time.now.to_i - params[:post][:form_rendered_at] < 3 + params[:post][:dnf1] != "" || params[:post][:dnf2] != "" || Time.now.to_i - params[:post][:form_rendered_at] < 2 end def invalid_anonymous_submission diff --git a/app/javascript/translations/index.js.erb b/app/javascript/translations/index.js.erb index 94cc2c3d..5c52482f 100644 --- a/app/javascript/translations/index.js.erb +++ b/app/javascript/translations/index.js.erb @@ -3,7 +3,7 @@ import I18n from "i18n-js" I18n.translations = <%= I18n::JS.filtered_translations.to_json %> I18n.locale = LOCALE I18n.defaultLocale = "en" -I18n.fallbacks = <%= not Rails.env.development? %> +I18n.fallbacks = IS_PRODUCTION I18n.pluralization["zh-CN"] = function(count) { return ["other"] } I18n.pluralization["vi"] = function(count) { return ["other"] } diff --git a/app/views/layouts/_set_js_locale.html.erb b/app/views/layouts/_set_js_locale.html.erb index 2355957e..c0bbc694 100644 --- a/app/views/layouts/_set_js_locale.html.erb +++ b/app/views/layouts/_set_js_locale.html.erb @@ -3,4 +3,5 @@ // Variable used in javascript/translations/index.js.erb var LOCALE = "<%= I18n.locale %>"; + var IS_PRODUCTION = <%= Rails.env.production? %>; \ No newline at end of file diff --git a/config/environments/development.rb b/config/environments/development.rb index 8c1784bb..94429064 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -60,7 +60,7 @@ Rails.application.configure do config.action_mailer.default_options = { from: ENV.fetch("EMAIL_MAIL_FROM", "noreply@astuto.io"), - reply_to: "noreply@astuto.io" + reply_to: ENV.fetch("EMAIL_MAIL_REPLY_TO", "noreply@astuto.io") } # Store uploaded files on the local file system (see config/storage.yml for options). diff --git a/config/environments/production.rb b/config/environments/production.rb index 23aa184f..0488cbf2 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -84,12 +84,12 @@ Rails.application.configure do config.action_mailer.default_options = { from: ENV.fetch("EMAIL_MAIL_FROM", "noreply@astuto.io"), - reply_to: "noreply@astuto.io" + reply_to: ENV.fetch("EMAIL_MAIL_REPLY_TO", "noreply@astuto.io") } # Enable locale fallbacks for I18n (makes lookups for any locale fall back to # the I18n.default_locale when a translation cannot be found). - config.i18n.fallbacks = true + config.i18n.fallbacks = [:en] # Send deprecation notices to registered listeners. config.active_support.deprecation = :notify diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb index 387f0455..72971b1c 100644 --- a/config/initializers/rack_attack.rb +++ b/config/initializers/rack_attack.rb @@ -58,7 +58,7 @@ class Rack::Attack end # Throttle POST requests to /posts by IP address using anti-spam measures - throttle('posts/ip', limit: 1, period: 1.minute) do |req| + throttle('posts/ip', limit: 1, period: 1.hour) do |req| if req.path == '/posts' && req.post? ip = req.get_header("action_dispatch.remote_ip") real_req = ActionDispatch::Request.new(req.env) # Needed to parse JSON body @@ -67,10 +67,10 @@ class Rack::Attack honeypot_filled = real_req.params['post']['dnf1'] != "" || real_req.params['post']['dnf2'] != "" # Check for time of form render - too_fast_submit = Time.now.to_i - real_req.params[:post][:form_rendered_at] < 3 + too_fast_submit = Time.now.to_i - real_req.params[:post][:form_rendered_at] < 2 if honeypot_filled || too_fast_submit - Rack::Attack.cache.store.write("post-submit-antispam-#{ip}", true, expires_in: 1.minute) + Rack::Attack.cache.store.write("post-submit-antispam-#{ip}", true, expires_in: 1.hour) end # Block if this IP was previously flagged