partoschph68073
/
SmartMirror-Projektarbeit
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Software zum Installieren eines Smart-Mirror Frameworks , zum Nutzen von hochschulrelevanten Informationen, auf einem Raspberry-Pi.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
SmartMirror-Projektarbeit/node_modules/express-ipfilter/lib/ipfilter.js

ipfilter.js 5.0KB
Raw Permalink Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203 
  1. /*!

  2.  * Express - IP Filter

  3.  * Copyright(c) 2014 Bradley and Montgomery Inc.

  4.  * MIT Licensed

  5.  */

  6. 

  7. 'use strict'

  8. 

  9. /**

  10.  * Module dependencies.

  11.  */

  12. const _ = require('lodash')

  13. const iputil = require('ip')

  14. const rangeCheck = require('range_check')

  15. const IpDeniedError = require('./deniedError')

  16. const proxyaddr = require('proxy-addr')

  17. 

  18. /**

  19.  * express-ipfilter:

  20.  *

  21.  * IP Filtering middleware;

  22.  *

  23.  * Examples:

  24.  *

  25.  *      const ipfilter = require('ipfilter'),

  26.  *          ips = ['127.0.0.1'];

  27.  *          getIps = function() { return ['127.0.0.1']; };

  28.  *

  29.  *      app.use(ipfilter(ips));

  30.  *      app.use(ipfilter(getIps));

  31.  *

  32.  * Options:

  33.  *

  34.  *  - `mode` whether to deny or grant access to the IPs provided. Defaults to 'deny'.

  35.  *  - `logF` Function to use for logging.

  36.  *  - `log` console log actions. Defaults to true.

  37.  *  - 'excluding' routes that should be excluded from ip filtering

  38.  *  - 'trustProxy' trust proxy settings just like in express. The trust proxy setting is implemented using the proxy-addr package. (http://expressjs.com/en/guide/behind-proxies.html)

  39.  *

  40.  * @param [ips] {Array} IP addresses or {Function} that returns the array of IP addresses

  41.  * @param [opts] {Object} options

  42.  * @api public

  43.  */

  44. module.exports = function ipfilter(ips, opts) {

  45.   ips = ips || false

  46. 

  47.   const getIps = _.isFunction(ips) ? ips : () => ips

  48.   const logger = message => console.log(message)

  49. 

  50.   /**

  51.    * Compile "proxy trust" value to function. (from express)

  52.    *

  53.    * @param  {Boolean|String|Number|Array|Function} val

  54.    * @return {Function}

  55.    * @api private

  56.    */

  57.   const compileTrust = val => {

  58.     if (typeof val === 'function') return val

  59. 

  60.     if (val === true) {

  61.       // Support plain true/falses

  62.       return () => true

  63.     }

  64. 

  65.     if (typeof val === 'number') {

  66.       // Support trusting hop count

  67.       return (a, i) => i < val

  68.     }

  69. 

  70.     if (typeof val === 'string') {

  71.       // Support comma-separated values

  72.       val = val.split(',')

  73.     }

  74. 

  75.     return proxyaddr.compile(val || [])

  76.   }

  77. 

  78.   const settings = _.defaults(opts || {}, {

  79.     mode: 'deny',

  80.     log: true,

  81.     logF: logger,

  82.     excluding: [],

  83.     trustProxy: false // This is the default used by express.

  84.   })

  85. 

  86.   if (!_.isFunction(settings.detectIp)) {

  87.     settings.detectIp = req => proxyaddr(req, compileTrust(settings.trustProxy))

  88.   }

  89. 

  90.   const testExplicitIp = (ip, constraint, mode) => {

  91.     if (ip === constraint) {

  92.       return mode === 'allow'

  93.     } else {

  94.       return mode === 'deny'

  95.     }

  96.   }

  97. 

  98.   const testCidrBlock = (ip, constraint, mode) => {

  99.     if (rangeCheck.inRange(ip, constraint)) {

  100.       return mode === 'allow'

  101.     } else {

  102.       return mode === 'deny'

  103.     }

  104.   }

  105. 

  106.   const testRange = (ip, constraint, mode) => {

  107.     const filteredSet = _.filter(getIps(), constraint => {

  108.       if (constraint.length > 1) {

  109.         const startIp = iputil.toLong(constraint[0])

  110.         const endIp = iputil.toLong(constraint[1])

  111.         const longIp = iputil.toLong(ip)

  112.         return longIp >= startIp && longIp <= endIp

  113.       } else {

  114.         return ip === constraint[0]

  115.       }

  116.     })

  117. 

  118.     if (filteredSet.length > 0) {

  119.       return mode === 'allow'

  120.     } else {

  121.       return mode === 'deny'

  122.     }

  123.   }

  124. 

  125.   const testIp = function(ip, mode) {

  126.     const constraint = this

  127. 

  128.     // Check if it is an array or a string

  129.     if (typeof constraint === 'string') {

  130.       if (rangeCheck.validRange(constraint)) {

  131.         return testCidrBlock(ip, constraint, mode)

  132.       } else {

  133.         return testExplicitIp(ip, constraint, mode)

  134.       }

  135.     }

  136. 

  137.     if (typeof constraint === 'object') {

  138.       return testRange(ip, constraint, mode)

  139.     }

  140.   }

  141. 

  142.   const matchClientIp = ip => {

  143.     const mode = settings.mode.toLowerCase()

  144. 

  145.     const result = _.invokeMap(getIps(), testIp, ip, mode)

  146. 

  147.     if (mode === 'allow') {

  148.       return _.some(result)

  149.     } else {

  150.       return _.every(result)

  151.     }

  152.   }

  153. 

  154.   const error = (ip, next) => {

  155.     const err = new IpDeniedError('Access denied to IP address: ' + ip)

  156.     return next(err)

  157.   }

  158. 

  159.   return (req, res, next) => {

  160.     if (settings.excluding.length > 0) {

  161.       const results = _.filter(settings.excluding, exclude => {

  162.         const regex = new RegExp(exclude)

  163.         return regex.test(req.url)

  164.       })

  165. 

  166.       if (results.length > 0) {

  167.         if (settings.log && settings.logLevel !== 'deny') {

  168.           settings.logF('Access granted for excluded path: ' + results[0])

  169.         }

  170.         return next()

  171.       }

  172.     }

  173. 

  174.     const _ips = getIps()

  175.     if (!_ips || !_ips.length) {

  176.       if (settings.mode == 'allow') {

  177.         // ip list is empty, thus no one allowed

  178.         return error('0.0.0.0/0', next)

  179.       } else {

  180.         // there are no blocked ips, skip

  181.         return next()

  182.       }

  183.     }

  184. 

  185.     const ip = settings.detectIp(req)

  186. 

  187.     if (matchClientIp(ip, req)) {

  188.       // Grant access

  189.       if (settings.log && settings.logLevel !== 'deny') {

  190.         settings.logF('Access granted to IP address: ' + ip)

  191.       }

  192. 

  193.       return next()

  194.     }

  195. 

  196.     // Deny access

  197.     if (settings.log && settings.logLevel !== 'allow') {

  198.       settings.logF('Access denied to IP address: ' + ip)

  199.     }

  200. 

  201.     return error(ip, next)

  202.   }

  203. }