Add filtering by IP

This commit is contained in:
Jake Howard 2017-02-13 09:49:32 +00:00
parent 04c7647687
commit c8862c1a2a
3 changed files with 13 additions and 0 deletions

View file

@ -30,6 +30,7 @@
"connect-static-file": "=1.1.2", "connect-static-file": "=1.1.2",
"express": "=4.14.0", "express": "=4.14.0",
"express-basic-auth": "=0.2.3", "express-basic-auth": "=0.2.3",
"express-ip-access-control": "=1.0.5",
"express-winston": "=2.1.2", "express-winston": "=2.1.2",
"helmet": "=3.4.0", "helmet": "=3.4.0",
"opbeat": "=4.7.0", "opbeat": "=4.7.0",

View file

@ -3,6 +3,7 @@ const IN_TEST = process.env.NODE_ENV === 'test';
module.exports = { module.exports = {
SERVE_DIR: IN_TEST ? 'site/' : process.argv[process.argv.length - 1], SERVE_DIR: IN_TEST ? 'site/' : process.argv[process.argv.length - 1],
PORT: process.env.PORT || 5000, PORT: process.env.PORT || 5000,
ALLOWED_IPS: process.env.ALLOWED_IPS ? process.env.ALLOWED_IPS.split(',') : undefined,
IN_TEST, IN_TEST,
IN_PRODUCTION: process.env.NODE_ENV === 'production', IN_PRODUCTION: process.env.NODE_ENV === 'production',
DIR_LIST: process.env.DIR_LIST, DIR_LIST: process.env.DIR_LIST,

View file

@ -8,6 +8,7 @@ const consts = require('./consts');
const compression = require('compression'); const compression = require('compression');
const helmet = require('helmet'); const helmet = require('helmet');
const serveIndex = require('serve-index'); const serveIndex = require('serve-index');
const AccessControl = require('express-ip-access-control');
const opbeat = require('opbeat').start({ const opbeat = require('opbeat').start({
active: consts.IN_PRODUCTION active: consts.IN_PRODUCTION
}); });
@ -17,6 +18,16 @@ const staticFiles = require('./static-files');
const handle404 = require('./404'); const handle404 = require('./404');
const basicAuth = require('./basic-auth'); const basicAuth = require('./basic-auth');
if (consts.ALLOWED_IPS) {
app.set('trust proxy', true);
app.use(AccessControl({
mode: 'allow',
allows: consts.ALLOWED_IPS,
forceConnectionAddress: true,
statusCode: 404
}));
}
// Custom Middleware // Custom Middleware
app.use(logging); app.use(logging);
app.use(basicAuth); app.use(basicAuth);