2fas-server/internal/common/http/security.go

25 lines
630 B
Go
Raw Normal View History

2022-12-31 10:22:38 +01:00
package http
import (
"errors"
"github.com/gin-gonic/gin"
2023-01-30 19:59:42 +01:00
"github.com/twofas/2fas-server/config"
"github.com/twofas/2fas-server/internal/common/api"
"github.com/twofas/2fas-server/internal/common/logging"
2022-12-31 10:22:38 +01:00
"net/http"
)
func IPWhitelistMiddleware(config config.SecurityConfig) gin.HandlerFunc {
return func(c *gin.Context) {
requestIp := c.ClientIP()
if config.IsIpTrusted(requestIp) == false {
err := errors.New("Request from not trusted IP " + requestIp)
logging.Warning("Trying to access from untrusted IP ", requestIp)
c.AbortWithStatusJSON(http.StatusForbidden, api.AccessForbiddenError(err))
}
}
}