api,frontend: add Akismet spam flagging integration

api/Gopkg.lock

@@ -9,6 +9,14 @@
   revision = "64a2037ec6be8a4b0c1d1f706ed35b428b989239"
   version = "v0.26.0"
 
+[[projects]]
+  branch = "master"
+  digest = "1:9769b231d8f5ff406a012aa7f293e45ed69d11617832a1c3c7b8c6ce1558a2a1"
+  name = "github.com/adtac/go-akismet"
+  packages = ["akismet"]
+  pruneopts = "UT"
+  revision = "0ca9e1023047c869ecd4bd3c20780511597a4a77"
+
 [[projects]]
   digest = "1:15042ad3498153684d09f393bbaec6b216c8eec6d61f63dff711de7d64ed8861"
   name = "github.com/golang/protobuf"
@@ -143,6 +151,7 @@
   analyzer-name = "dep"
   analyzer-version = 1
   input-imports = [
+    "github.com/adtac/go-akismet/akismet",
     "github.com/gorilla/handlers",
     "github.com/gorilla/mux",
     "github.com/lib/pq",

api/akismet.go

@@ -0,0 +1,31 @@
+package main
+
+import (
+	"github.com/adtac/go-akismet/akismet"
+	"os"
+)
+
+func isSpam(domain string, userIp string, userAgent string, name string, email string, url string, markdown string) bool {
+	akismetKey := os.Getenv("AKISMET_KEY")
+	if akismetKey == "" {
+		return false
+	}
+
+	res, err := akismet.Check(&akismet.Comment{
+		Blog:               domain,
+		UserIP:             userIp,
+		UserAgent:          userAgent,
+		CommentType:        "comment",
+		CommentAuthor:      name,
+		CommentAuthorEmail: email,
+		CommentAuthorURL:   url,
+		CommentContent:     markdown,
+	}, akismetKey)
+
+	if err != nil {
+		logger.Errorf("error: cannot validate commenet using Akismet: %v", err)
+		return true
+	}
+
+	return res
+}

api/comment_new.go

@@ -89,8 +89,12 @@ func commentNewHandler(w http.ResponseWriter, r *http.Request) {
 	var state string
 
 	if *x.CommenterToken == "anonymous" {
-		state = "unapproved"
 		commenterHex = "anonymous"
+		if isSpam(*x.Domain, getIp(r), getUserAgent(r), "Anonymous", "", "", *x.Markdown) {
+			state = "flagged"
+		} else {
+			state = "unapproved"
+		}
 	} else {
 		c, err := commenterGetByCommenterToken(*x.CommenterToken)
 		if err != nil {
@@ -112,10 +116,14 @@ func commentNewHandler(w http.ResponseWriter, r *http.Request) {
 		if isModerator {
 			state = "approved"
 		} else {
-			if d.RequireModeration {
-				state = "unapproved"
+			if isSpam(*x.Domain, getIp(r), getUserAgent(r), c.Name, c.Email, c.Link, *x.Markdown) {
+				state = "flagged"
 			} else {
-				state = "approved"
+				if d.RequireModeration {
+					state = "unapproved"
+				} else {
+					state = "approved"
+				}
 			}
 		}
 	}
@@ -126,5 +134,5 @@ func commentNewHandler(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	bodyMarshal(w, response{"success": true, "commentHex": commentHex, "approved": state == "approved"})
+	bodyMarshal(w, response{"success": true, "commentHex": commentHex, "state": state})
 }

api/config.go

@@ -43,6 +43,8 @@ func configParse() error {
 		"SMTP_PORT":         "",
 		"SMTP_FROM_ADDRESS": "",
 
+		"AKISMET_KEY": "",
+
 		"GOOGLE_KEY":    "",
 		"GOOGLE_SECRET": "",
 	}

api/page.go

@@ -3,9 +3,9 @@ package main
 import ()
 
 type page struct {
-	Domain       string `json:"domain"`
-	Path         string `json:"path"`
-	IsLocked     bool   `json:"isLocked"`
-	CommentCount int    `json:"commentCount"`
+	Domain           string `json:"domain"`
+	Path             string `json:"path"`
+	IsLocked         bool   `json:"isLocked"`
+	CommentCount     int    `json:"commentCount"`
 	StickyCommentHex string `json:"stickyCommentHex"`
 }

api/utils_http.go

@@ -43,3 +43,16 @@ func bodyMarshal(w http.ResponseWriter, x map[string]interface{}) error {
 	w.Write(resp)
 	return nil
 }
+
+func getIp(r *http.Request) string {
+	ip := r.RemoteAddr
+	if r.Header.Get("X-Forwarded-For") != "" {
+		ip = r.Header.Get("X-Forwarded-For")
+	}
+
+	return ip
+}
+
+func getUserAgent(r *http.Request) string {
+	return r.Header.Get("User-Agent")
+}