feat: add cache to block IPs from brute force attempts

server/src/routes/announcement.ts

@@ -4,11 +4,15 @@
  * @author Naomi Carrigan
  */
 
+import { blockedIps } from "../cache/blockedIps.js";
 import { database } from "../db/database.js";
 import { announceOnDiscord } from "../modules/announceOnDiscord.js";
 import { announceOnForum } from "../modules/announceOnForum.js";
+import { getIpFromRequest } from "../modules/getIpFromRequest.js";
 import type { FastifyPluginAsync } from "fastify";
 
+const oneDay = 24 * 60 * 60 * 1000;
+
 /**
  * Mounts the entry routes for the application. These routes
  * should not require CORS, as they are used by external services
@@ -34,10 +38,14 @@ export const announcementRoutes: FastifyPluginAsync = async(server) => {
     async(request, reply) => {
       const token = request.headers.authorization;
       if (token === undefined || token !== process.env.ANNOUNCEMENT_TOKEN) {
+        blockedIps.push({
+          ip:  getIpFromRequest(request),
+          ttl: new Date(Date.now() + oneDay),
+        });
         return await reply.status(401).send({
           error:
             // eslint-disable-next-line stylistic/max-len -- Big boi string.
-            "This endpoint requires a special auth token. If you believe you should have access, please contact Naomi.",
+            "This endpoint requires a special auth token. If you believe you should have access, please contact Naomi. To protect our services, your IP has been blocked from all routes for 24 hours.",
         });
       }