Merge pull request #89 from julienloizelet/feat/87-no-more-session

Feat/87 no more session

Author: julienloizelet

CHANGELOG.md

@@ -5,6 +5,17 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
 
+## [0.22.0] - 2022-06-02
+
+### Added
+- Add configurations for captcha and geolocation variables cache duration
+### Changed
+- *Breaking change*: Use cache instead of session to store captcha and geolocation variables
+- *Breaking change*: Use symfony cache tag adapter
+- Change `geolocation/save_in_session` setting into `geolocation/save_result`
+### Fixed
+- Fix deleted decision count during cache update
+
 ## [0.21.0] - 2022-04-15
 
 ### Changed

docs/DEVELOPER.md

@@ -177,7 +177,7 @@ In most cases, you will test to bounce your current IP. As we are running on a d
 
 To find it, just run: 
 
-```
+```bash
 ddev find-ip
 ```
 
@@ -186,7 +186,7 @@ You will have to know also the IP of the `ddev-router` container as it acts as a
 
 To find this IP, just run:
 
-```
+```bash
 ddev find-ip ddev-router
 ```
 
@@ -436,7 +436,7 @@ use CrowdSecBouncer\Bouncer;
 use Symfony\Component\Cache\Adapter\RedisAdapter;
 
 // Init cache adapter
-$cacheAdapter = new PhpFilesAdapter('', 0, __DIR__.'/.cache');
+$cacheAdapter = new TagAwareAdapter(new PhpFilesAdapter('', 0, __DIR__.'/.cache'));
 
 ...
 ```
@@ -453,7 +453,7 @@ use Symfony\Component\Cache\Adapter\RedisAdapter;
 
 // Init cache adapter
 
-$cacheAdapter = new RedisAdapter(RedisAdapter::createConnection('redis://redis:6379'));
+$cacheAdapter = new RedisTagAwareAdapter(RedisAdapter::createConnection('redis://redis:6379'));
 
 ...
 ```
@@ -470,7 +470,8 @@ use Symfony\Component\Cache\Adapter\MemcachedAdapter;
 
 // Init cache adapter
 
-$cacheAdapter = new MemcachedAdapter(MemcachedAdapter::createConnection('memcached://memcached:11211'));
+$cacheAdapter =
+new TagAwareAdapter(new MemcachedAdapter(MemcachedAdapter::createConnection('memcached://memcached:11211')));
 
 ...
 ```

docs/USER_GUIDE.md

@@ -162,6 +162,12 @@ Here is the list of available settings:
 
 - `bad_ip_cache_duration`: Set the duration we keep in cache the fact that an IP is bad. In seconds. Defaults to 20.
 
+- `captcha_cache_duration`: Set the duration we keep in cache the captcha flow variables for an IP. In seconds. 
+  Defaults to 86400.. In seconds. Defaults to 20.
+
+- `geolocation_cache_duration`: Set the duration we keep in cache a geolocation result for an IP . In seconds. 
+  Defaults to 86400. Depends on the below `geolocation[save_result]` configuration.
+
 - `stream_mode`: true to enable stream mode, false to enable the live mode. Default to false. By default, the `live mode` is enabled. The first time a stranger connects to your website, this mode means that the IP will be checked directly by the CrowdSec API. The rest of your user’s browsing will be even more transparent thanks to the fully customizable cache system. But you can also activate the `stream mode`. This mode allows you to constantly feed the bouncer with the malicious IP list via a background task (CRON), making it to be even faster when checking the IP of your visitors. Besides, if your site has a lot of unique visitors at the same time, this will not influence the traffic to the API of your CrowdSec instance.
 
 ##### Geolocation
@@ -170,7 +176,7 @@ Here is the list of available settings:
 - `geolocation[enabled]`: true to enable remediation based on country. Default to false.
 - `geolocation[type]`:  Geolocation system. Only 'maxmind' is available for the moment. Default to `maxmind`
 
-- `geolocation[save_in_session]`: true to store the geolocalized country in session. Default to true. Setting true 
+- `geolocation[save_result]`: true to store the geolocalized country in cache. Default to true. Setting true 
   will avoid multiple call to the geolocalized system (e.g. maxmind database)
 - `geolocation[maxmind]`: MaxMind settings
 - `geolocation[maxmind][database_type]`: Select from `country` or `city`. Default to `country`. These are the two available MaxMind database types.

scripts/auto-prepend/refresh-cache.php

@@ -19,4 +19,4 @@
 
 $bouncer = $bounce->init($crowdSecStandaloneBouncerConfig);
 $bouncer->refreshBlocklistCache();
-echo 'Cache has been refreshed';
+echo 'Cache has been refreshed'.PHP_EOL;

scripts/auto-prepend/settings.example.php

@@ -91,9 +91,15 @@
     // Set the duration we keep in cache the fact that an IP is clean. In seconds. Defaults to 5.
     'clean_ip_cache_duration'=> Constants::CACHE_EXPIRATION_FOR_CLEAN_IP,
 
-    // Optional. Set the duration we keep in cache the fact that an IP is bad. In seconds. Defaults to 20.
+    // Set the duration we keep in cache the fact that an IP is bad. In seconds. Defaults to 20.
     'bad_ip_cache_duration'=> Constants::CACHE_EXPIRATION_FOR_BAD_IP,
 
+    // Set the duration we keep in cache the captcha flow variables for an IP. In seconds. Defaults to 86400.
+    'captcha_cache_duration'=> Constants::CACHE_EXPIRATION_FOR_CAPTCHA,
+
+    // Set the duration we keep in cache a geolocation result for an IP . In seconds. Defaults to 86400.
+    'geolocation_cache_duration'=> Constants::CACHE_EXPIRATION_FOR_GEO,
+
     /** true to enable stream mode, false to enable the live mode. Default to false.
      *
      * By default, the `live mode` is enabled. The first time a stranger connects to your website, this mode
@@ -117,7 +123,7 @@
          *
          * Setting true will avoid multiple call to the geolocalized system (e.g. maxmind database)
          */
-        'save_in_session' => true,
+        'save_result' => true,
         // MaxMind settings
         'maxmind' => [
             /**Select from 'country' or 'city'. Default to 'country'

scripts/check-ip.php

@@ -4,6 +4,7 @@
 
 use CrowdSecBouncer\Bouncer;
 use Symfony\Component\Cache\Adapter\PhpFilesAdapter;
+use Symfony\Component\Cache\Adapter\TagAwareAdapter;
 use Monolog\Formatter\LineFormatter;
 use Monolog\Handler\RotatingFileHandler;
 use Monolog\Handler\StreamHandler;
@@ -12,7 +13,7 @@
 
 // Init cache adapter
 
-$cacheAdapter = new PhpFilesAdapter('', 0, __DIR__ . '/.cache');
+$cacheAdapter = new TagAwareAdapter(new PhpFilesAdapter('', 0, __DIR__ . '/.cache'));
 
 // Parse argument
 

scripts/clear-cache.php

@@ -7,6 +7,11 @@
 use Monolog\Handler\RotatingFileHandler;
 use Monolog\Handler\StreamHandler;
 use Monolog\Logger;
+use Symfony\Component\Cache\Adapter\RedisTagAwareAdapter;
+use Symfony\Component\Cache\Adapter\TagAwareAdapter;
+
+
+
 
 // Parse arguments
 $bouncerApiKey = $argv[1]; // required
@@ -23,9 +28,10 @@
 $cachePath = __DIR__ . '/.cache';
 
 // Instantiate the "PhpFilesAdapter" cache adapter
-$cacheAdapter = new Symfony\Component\Cache\Adapter\PhpFilesAdapter('', 0, $cachePath);
-// Or Redis: $cacheAdapter = new RedisAdapter(RedisAdapter::createConnection('redis://your-redis-host:6379'));
-// Or Memcached: $cacheAdapter = new MemcachedAdapter(MemcachedAdapter::createConnection('memcached://your-memcached-host:11211'));
+$cacheAdapter = new TagAwareAdapter(new Symfony\Component\Cache\Adapter\PhpFilesAdapter('', 0, $cachePath));
+// 0Or Redis: $cacheAdapter = new RedisTagAwareAdapter(RedisAdapter::createConnection('redis://your-redis-host:6379'));
+// Or Memcached: $cacheAdapter = new TagAwareAdapter(new MemcachedAdapter(MemcachedAdapter::createConnection
+//('memcached://your-memcached-host:11211')));
 
 // Instantiate the Stream logger with info level(optional)
 $logger = new Logger('example');

scripts/full-example-live-mode.php

@@ -7,6 +7,8 @@
 use Monolog\Handler\RotatingFileHandler;
 use Monolog\Handler\StreamHandler;
 use Monolog\Logger;
+use Symfony\Component\Cache\Adapter\RedisTagAwareAdapter;
+use Symfony\Component\Cache\Adapter\TagAwareAdapter;
 
 // Parse arguments
 $bouncerApiKey = $argv[1]; // required
@@ -24,9 +26,10 @@
 $cachePath = __DIR__ . '/../.cache';
 
 // Instantiate the "PhpFilesAdapter" cache adapter
-$cacheAdapter = new Symfony\Component\Cache\Adapter\PhpFilesAdapter('', 0, $cachePath);
-// Or Redis: $cacheAdapter = new RedisAdapter(RedisAdapter::createConnection('redis://your-redis-host:6379'));
-// Or Memcached: $cacheAdapter = new MemcachedAdapter(MemcachedAdapter::createConnection('memcached://your-memcached-host:11211'));
+$cacheAdapter = new TagAwareAdapter(new Symfony\Component\Cache\Adapter\PhpFilesAdapter('', 0, $cachePath));
+// 0Or Redis: $cacheAdapter = new RedisTagAwareAdapter(RedisAdapter::createConnection('redis://your-redis-host:6379'));
+// Or Memcached: $cacheAdapter = new TagAwareAdapter(new MemcachedAdapter(MemcachedAdapter::createConnection
+//('memcached://your-memcached-host:11211')));
 
 // Instantiate the Stream logger with info level(optional)
 $logger = new Logger('example');

scripts/refresh-cache.php

@@ -5,16 +5,18 @@
 use CrowdSecBouncer\Bouncer;
 use Monolog\Handler\RotatingFileHandler;
 use Monolog\Logger;
+use Symfony\Component\Cache\Adapter\RedisTagAwareAdapter;
+use Symfony\Component\Cache\Adapter\TagAwareAdapter;
 
 // Configure paths
 $logPath = __DIR__.'/.crowdsec.log';
 $cachePath = __DIR__ . '/.cache';
 
 // Instantiate the "PhpFilesAdapter" cache adapter
-$cacheAdapter = new Symfony\Component\Cache\Adapter\PhpFilesAdapter('', 0, $cachePath);
-// Or Redis: $cacheAdapter = new RedisAdapter(RedisAdapter::createConnection('redis://your-redis-host:6379'));
-// Or Memcached: $cacheAdapter = new MemcachedAdapter(MemcachedAdapter::createConnection('memcached://your-memcached-host:11211'));
-
+$cacheAdapter = new TagAwareAdapter(new Symfony\Component\Cache\Adapter\PhpFilesAdapter('', 0, $cachePath));
+// 0Or Redis: $cacheAdapter = new RedisTagAwareAdapter(RedisAdapter::createConnection('redis://your-redis-host:6379'));
+// Or Memcached: $cacheAdapter = new TagAwareAdapter(new MemcachedAdapter(MemcachedAdapter::createConnection
+//('memcached://your-memcached-host:11211')));
 // Parse argument
 
 $bouncerKey = $argv[1];