* ban downloaders on second download

ruby/lib/jam_ruby/models/download_tracker.rb

@@ -37,14 +37,16 @@ module JamRuby
     def self.check(user, remote_ip, target, owned, fingerprint, is_client)
 
 
-      return unless APP_CONFIG.guard_against_browser_fraud
+      return false unless APP_CONFIG.guard_against_browser_fraud
 
       create(user, remote_ip, target, owned, fingerprint, is_client)
 
       # let's check the following
-      alert_freebies_snarfer(remote_ip)
+      blacklisted = alert_freebies_snarfer(remote_ip)
 
       alert_user_sharer(user)
+
+      blacklisted
     end
 
     # somebody who has shared account info with a large number of people
@@ -108,7 +110,17 @@ module JamRuby
              subject:"Single IP Access Violation. IP:#{remote_ip}",
              body:body
          }).deliver
+
+        # and now shut them down
+        if Rails.application.config.ban_jamtrack_downloaders
+          blacklist = IpBlacklist.new
+          blacklist.remote_ip = remote_ip
+          blacklist.notes = 'auto'
+          blacklist.save
+          return blacklist
+        end
       end
+      return false
     end
 
     def admin_url

web/app/controllers/api_jam_track_mixdowns_controller.rb

@@ -94,10 +94,16 @@ class ApiJamTrackMixdownsController < ApiController
         @package.save!
 
         if params[:download]
-          DownloadTracker.check(current_user, request.remote_ip, @package, !@jam_track_right.redeemed, params[:mark], false)
+          if DownloadTracker.check(current_user, request.remote_ip, @package, !@jam_track_right.redeemed, params[:mark], false)
+            render :json => { :message => "IP blacklisted"}, :status => 403
+            return
+          end
           redirect_to @package.sign_url(120, 'application/octet-stream', "attachment; filename=\"#{@package.jam_track_mixdown.name}.#{params[:file_type]}\"")
         else
-          DownloadTracker.check(current_user, request.remote_ip, @package, !@jam_track_right.redeemed, params[:mark], true)
+          if DownloadTracker.check(current_user, request.remote_ip, @package, !@jam_track_right.redeemed, params[:mark], true)
+            render :json => { :message => "IP blacklisted"}, :status => 403
+            return
+          end
           redirect_to @package.sign_url(120)
         end
 

web/app/controllers/api_jam_tracks_controller.rb

@@ -167,10 +167,18 @@ class ApiJamTracksController < ApiController
       end
 
       if params[:download]
-        DownloadTracker.check(current_user, request.remote_ip, jam_track_track, !@jam_track_right.redeemed, params[:mark], false)
+        if DownloadTracker.check(current_user, request.remote_ip, jam_track_track, !@jam_track_right.redeemed, params[:mark], false)
+          render :json => { :message => "IP blacklisted"}, :status => 403
+          return
+        end
+
         redirect_to jam_track_track.web_download_sign_url(120, params[:file_type], 'application/octet-stream', "attachment; filename=\"#{@jam_track_right.jam_track.name + '-' + jam_track_track.display_name}.mp3\"")
       else
-        DownloadTracker.check(current_user, request.remote_ip, jam_track_track, !@jam_track_right.redeemed, params[:mark], true)
+        if DownloadTracker.check(current_user, request.remote_ip, jam_track_track, !@jam_track_right.redeemed, params[:mark], true)
+          render :json => { :message => "IP blacklisted"}, :status => 403
+          return
+        end
+
         redirect_to jam_track_track.web_download_sign_url(120, params[:file_type])
       end
 
@@ -189,7 +197,10 @@ class ApiJamTracksController < ApiController
 
       fingerprint = params[:mark]
 
-      DownloadTracker.check(current_user, request.remote_ip, @jam_track_right.jam_track, !@jam_track_right.redeemed, fingerprint, jkclient_agent?)
+      if DownloadTracker.check(current_user, request.remote_ip, @jam_track_right.jam_track, !@jam_track_right.redeemed, fingerprint, jkclient_agent?)
+        render :json => { :message => "IP blacklisted"}, :status => 403
+        return
+      end
 
       all_fingerprint = params[:all_fp]
       running_fingerprint = params[:running_fp]

web/config/application.rb

@@ -379,7 +379,7 @@ if defined?(Bundler)
 
     config.middleware.use Rack::Deflater
 
-    config.download_tracker_day_range = 30
+    config.download_tracker_day_range = 90
     config.max_user_ip_address = 10
     config.max_multiple_users_same_ip = 2
     config.session_stat_thresholds = {
@@ -415,5 +415,6 @@ if defined?(Bundler)
     config.verify_email_enabled = false
     config.kickbox_api_key = 'e262991e292dd5fe382c4a69f2b359f718cf267712b8684c9c28d6402ec18965'
     config.check_bounced_emails = false
+    config.ban_jamtrack_downloaders = true
   end
 end