mirror of
https://github.com/twofas/2fas-server.git
synced 2024-12-12 12:09:56 +01:00
29 lines
654 B
Go
29 lines
654 B
Go
|
package security
|
||
|
|
|
||
|
|
import (
|
||
|
|
"github.com/2fas/api/config"
|
||
|
|
http2 "github.com/2fas/api/internal/common/http"
|
||
|
|
"github.com/gin-gonic/gin"
|
||
|
|
"github.com/stretchr/testify/assert"
|
||
|
|
"net/http"
|
||
|
|
"net/http/httptest"
|
||
|
|
"testing"
|
||
|
|
)
|
||
|
|
|
||
|
|
func Test_DoNotAllowUntrustedIp(t *testing.T) {
|
||
|
|
c := config.SecurityConfig{TrustedIP: []string{
|
||
|
|
"192.168.0.1/32",
|
||
|
|
}}
|
||
|
|
|
||
|
|
whitelistMiddleware := http2.IPWhitelistMiddleware(c)
|
||
|
|
|
||
|
|
recorder := httptest.NewRecorder()
|
||
|
|
ctx, _ := gin.CreateTestContext(recorder)
|
||
|
|
|
||
|
|
ctx.Request, _ = http.NewRequest("POST", "/", nil)
|
||
|
|
ctx.Request.Header.Set("X-Forwarded-For", "192.168.0.2")
|
||
|
|
|
||
|
|
whitelistMiddleware(ctx)
|
||
|
|
assert.Equal(t, recorder.Code, 401)
|
||
|
|
}
|