Mirroristas/pockethost
2
0
Fork 0
mirror of https://github.com/pockethost/pockethost.git synced 2025-11-23 22:15:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

enh: CIDR secret override

Browse Source
This commit is contained in:
Ben Allfree 2025-01-09 03:40:51 +00:00
parent be795e4e46
commit 673f897723
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
packages/pockethost/src/cli/commands/FirewallCommand/ServeCommand/firewall/cidr.ts
View File

@ -13,11 +13,12 @@ export const createIpWhitelistMiddleware = (blockedCIDRs: string[]) => {
const ip = req.ip // or req.headers['x-forwarded-for'] || req.connection.remoteAddress;
if (
blockedCIDRs.length === 0 ||
(ip && blockedCIDRObjects.some((cidr) => cidr.contains(ip)))
(ip && blockedCIDRObjects.some((cidr) => cidr.contains(ip))) ||
req.header('x-pockethost-secret') === process.env.PH_SECRET
) {
next()
} else {
res.status(403).send('Nope')
res.status(403).send(`Nope: ${ip}`)
}
}
}