(interaction, command, commandName)
| 147 | } |
| 148 | |
| 149 | export async function enforceAbuseProtection(interaction, command, commandName) { |
| 150 | if (!isRiskyCommand(command, commandName)) { |
| 151 | return { |
| 152 | allowed: true, |
| 153 | risky: false, |
| 154 | remainingMs: 0, |
| 155 | policy: null |
| 156 | }; |
| 157 | } |
| 158 | |
| 159 | const policy = getCommandPolicy(command); |
| 160 | const key = getProtectionKey(interaction, commandName); |
| 161 | const allowed = await checkRateLimit(key, policy.maxAttempts, policy.windowMs); |
| 162 | |
| 163 | if (allowed) { |
| 164 | return { |
| 165 | allowed: true, |
| 166 | risky: true, |
| 167 | remainingMs: 0, |
| 168 | policy |
| 169 | }; |
| 170 | } |
| 171 | |
| 172 | const status = getRateLimitStatus(key, policy.windowMs); |
| 173 | const remainingMs = Math.max(0, status?.remaining || 0); |
| 174 | |
| 175 | logger.info('Risky command blocked by cooldown policy', { |
| 176 | event: 'interaction.command.abuse_blocked', |
| 177 | guildId: interaction.guildId, |
| 178 | userId: interaction.user?.id, |
| 179 | command: normalizeCommandName(commandName), |
| 180 | maxAttempts: policy.maxAttempts, |
| 181 | windowMs: policy.windowMs, |
| 182 | remainingMs, |
| 183 | attemptCount: status?.attempts || 0 |
| 184 | }); |
| 185 | |
| 186 | recordBlockedAttempt(key, commandName, interaction, command, remainingMs); |
| 187 | |
| 188 | return { |
| 189 | allowed: false, |
| 190 | risky: true, |
| 191 | remainingMs, |
| 192 | policy |
| 193 | }; |
| 194 | } |
| 195 | |
| 196 | export function resetAbuseProtectionState() { |
| 197 | blockedAttemptStore.clear(); |
no test coverage detected