diff --git a/app/controllers/api/account.php b/app/controllers/api/account.php index bcea3387a2..ce655bfe18 100644 --- a/app/controllers/api/account.php +++ b/app/controllers/api/account.php @@ -33,9 +33,9 @@ use Appwrite\Utopia\Database\Validator\CustomId; use Appwrite\Utopia\Database\Validator\Queries\Identities; use Appwrite\Utopia\Request; use Appwrite\Utopia\Response; +use libphonenumber\NumberParseException; use libphonenumber\PhoneNumberUtil; use MaxMind\Db\Reader; -use Utopia\Abuse\Abuse; use Utopia\App; use Utopia\Audit\Audit; use Utopia\Auth\Hashes\Sha; @@ -2908,26 +2908,21 @@ App::post('/v1/account/tokens/phone') ->setRecipients([$phone]) ->setProviderType(MESSAGE_TYPE_SMS); - if (isset($plan['authPhone'])) { - $timelimit = $timelimit('organization:{organizationId}', $plan['authPhone'], 30 * 24 * 60 * 60); // 30 days - $timelimit - ->setParam('{organizationId}', $project->getAttribute('teamId')); + $helper = PhoneNumberUtil::getInstance(); + try { + $countryCode = $helper->parse($phone)->getCountryCode(); - $abuse = new Abuse($timelimit); - if ($abuse->check() && System::getEnv('_APP_OPTIONS_ABUSE', 'enabled') === 'enabled') { - $helper = PhoneNumberUtil::getInstance(); - $countryCode = $helper->parse($phone)->getCountryCode(); - - if (!empty($countryCode)) { - $queueForStatsUsage - ->addMetric(str_replace('{countryCode}', $countryCode, METRIC_AUTH_METHOD_PHONE_COUNTRY_CODE), 1); - } + if (!empty($countryCode)) { + $queueForStatsUsage + ->addMetric(str_replace('{countryCode}', $countryCode, METRIC_AUTH_METHOD_PHONE_COUNTRY_CODE), 1); } - $queueForStatsUsage - ->addMetric(METRIC_AUTH_METHOD_PHONE, 1) - ->setProject($project) - ->trigger(); + } catch (NumberParseException $e) { + // Ignore invalid phone number for country code stats } + $queueForStatsUsage + ->addMetric(METRIC_AUTH_METHOD_PHONE, 1) + ->setProject($project) + ->trigger(); } $token->setAttribute('secret', $secret); @@ -4244,26 +4239,21 @@ App::post('/v1/account/verifications/phone') ->setRecipients([$user->getAttribute('phone')]) ->setProviderType(MESSAGE_TYPE_SMS); - if (isset($plan['authPhone'])) { - $timelimit = $timelimit('organization:{organizationId}', $plan['authPhone'], 30 * 24 * 60 * 60); // 30 days - $timelimit - ->setParam('{organizationId}', $project->getAttribute('teamId')); + $helper = PhoneNumberUtil::getInstance(); + try { + $countryCode = $helper->parse($phone)->getCountryCode(); - $abuse = new Abuse($timelimit); - if ($abuse->check() && System::getEnv('_APP_OPTIONS_ABUSE', 'enabled') === 'enabled') { - $helper = PhoneNumberUtil::getInstance(); - $countryCode = $helper->parse($phone)->getCountryCode(); - - if (!empty($countryCode)) { - $queueForStatsUsage - ->addMetric(str_replace('{countryCode}', $countryCode, METRIC_AUTH_METHOD_PHONE_COUNTRY_CODE), 1); - } + if (!empty($countryCode)) { + $queueForStatsUsage + ->addMetric(str_replace('{countryCode}', $countryCode, METRIC_AUTH_METHOD_PHONE_COUNTRY_CODE), 1); } - $queueForStatsUsage - ->addMetric(METRIC_AUTH_METHOD_PHONE, 1) - ->setProject($project) - ->trigger(); + } catch (NumberParseException $e) { + // Ignore invalid phone number for country code stats } + $queueForStatsUsage + ->addMetric(METRIC_AUTH_METHOD_PHONE, 1) + ->setProject($project) + ->trigger(); } $verification->setAttribute('secret', $secret); diff --git a/app/controllers/api/teams.php b/app/controllers/api/teams.php index aa67a90885..a68939daa3 100644 --- a/app/controllers/api/teams.php +++ b/app/controllers/api/teams.php @@ -23,9 +23,9 @@ use Appwrite\Utopia\Database\Validator\Queries\Memberships; use Appwrite\Utopia\Database\Validator\Queries\Teams; use Appwrite\Utopia\Request; use Appwrite\Utopia\Response; +use libphonenumber\NumberParseException; use libphonenumber\PhoneNumberUtil; use MaxMind\Db\Reader; -use Utopia\Abuse\Abuse; use Utopia\App; use Utopia\Audit\Audit; use Utopia\Auth\Proofs\Password; @@ -801,26 +801,21 @@ App::post('/v1/teams/:teamId/memberships') ->setRecipients([$phone]) ->setProviderType('SMS'); - if (isset($plan['authPhone'])) { - $timelimit = $timelimit('organization:{organizationId}', $plan['authPhone'], 30 * 24 * 60 * 60); // 30 days - $timelimit - ->setParam('{organizationId}', $project->getAttribute('teamId')); + $helper = PhoneNumberUtil::getInstance(); + try { + $countryCode = $helper->parse($phone)->getCountryCode(); - $abuse = new Abuse($timelimit); - if ($abuse->check() && System::getEnv('_APP_OPTIONS_ABUSE', 'enabled') === 'enabled') { - $helper = PhoneNumberUtil::getInstance(); - $countryCode = $helper->parse($phone)->getCountryCode(); - - if (!empty($countryCode)) { - $queueForStatsUsage - ->addMetric(str_replace('{countryCode}', $countryCode, METRIC_AUTH_METHOD_PHONE_COUNTRY_CODE), 1); - } + if (!empty($countryCode)) { + $queueForStatsUsage + ->addMetric(str_replace('{countryCode}', $countryCode, METRIC_AUTH_METHOD_PHONE_COUNTRY_CODE), 1); } - $queueForStatsUsage - ->addMetric(METRIC_AUTH_METHOD_PHONE, 1) - ->setProject($project) - ->trigger(); + } catch (NumberParseException $e) { + // Ignore invalid phone number for country code stats } + $queueForStatsUsage + ->addMetric(METRIC_AUTH_METHOD_PHONE, 1) + ->setProject($project) + ->trigger(); } } diff --git a/src/Appwrite/Platform/Modules/Account/Http/Account/MFA/Challenges/Create.php b/src/Appwrite/Platform/Modules/Account/Http/Account/MFA/Challenges/Create.php index 4dc50a8ec7..517963bbda 100644 --- a/src/Appwrite/Platform/Modules/Account/Http/Account/MFA/Challenges/Create.php +++ b/src/Appwrite/Platform/Modules/Account/Http/Account/MFA/Challenges/Create.php @@ -17,8 +17,8 @@ use Appwrite\SDK\Response as SDKResponse; use Appwrite\Template\Template; use Appwrite\Utopia\Request; use Appwrite\Utopia\Response; +use libphonenumber\NumberParseException; use libphonenumber\PhoneNumberUtil; -use Utopia\Abuse\Abuse; use Utopia\Auth\Proofs\Code as ProofsCode; use Utopia\Auth\Proofs\Token as ProofsToken; use Utopia\Database\Database; @@ -196,26 +196,21 @@ class Create extends Action ->setRecipients([$phone]) ->setProviderType(MESSAGE_TYPE_SMS); - if (isset($plan['authPhone'])) { - $timelimit = $timelimit('organization:{organizationId}', $plan['authPhone'], 30 * 24 * 60 * 60); // 30 days - $timelimit - ->setParam('{organizationId}', $project->getAttribute('teamId')); + $helper = PhoneNumberUtil::getInstance(); + try { + $countryCode = $helper->parse($phone)->getCountryCode(); - $abuse = new Abuse($timelimit); - if ($abuse->check() && System::getEnv('_APP_OPTIONS_ABUSE', 'enabled') === 'enabled') { - $helper = PhoneNumberUtil::getInstance(); - $countryCode = $helper->parse($phone)->getCountryCode(); - - if (!empty($countryCode)) { - $queueForStatsUsage - ->addMetric(str_replace('{countryCode}', $countryCode, METRIC_AUTH_METHOD_PHONE_COUNTRY_CODE), 1); - } + if (!empty($countryCode)) { + $queueForStatsUsage + ->addMetric(str_replace('{countryCode}', $countryCode, METRIC_AUTH_METHOD_PHONE_COUNTRY_CODE), 1); } - $queueForStatsUsage - ->addMetric(METRIC_AUTH_METHOD_PHONE, 1) - ->setProject($project) - ->trigger(); + } catch (NumberParseException $e) { + // Ignore invalid phone number for country code stats } + $queueForStatsUsage + ->addMetric(METRIC_AUTH_METHOD_PHONE, 1) + ->setProject($project) + ->trigger(); break; case Type::EMAIL: if (empty(System::getEnv('_APP_SMTP_HOST'))) {