Whitelist IP
A middleware for express routing function. When used it allows request comming from IPs present in the whitelist to pass.
Features
- Block non whitelisted IPs from accessing API endpoints
- If blocked, return a 403 Forbidden error and stop the request.
- Unified whitelist allover the app
- Can be applied on a route basis
Installation
npm install --save whitelistipTest
npm testExample Usage
//Required packages
var express = require('express'),
whitelistIP = require('whitelistip');
//Create an express app
var server = express();
//Allow only requests from localhost
server.whitelistIP = whitelistIP([
"127.0.0.1",
"::ffff:127.0.0.1",
"::1"
]);
//Add a public endpoint no IP restriction
server.all('/public', publicHandler);
//Add a restricted endpoint, only whitelisted IPs are allowed
server.get(
'/restricted',
server.whitelistIP.restrict(),
restrictedHandler
);
//Start the server
server.listen(3000, function (err) {
if (err) console.log(err);
});When trying to access the /restricted endpoint from another machine, a 403 Forbidden message will be returned.
Options
The middleware accepts two types of options:
-
Stringa string containing a valid IP v4 or v6 addresse -
[String]an array of strings containing a valid IP v4 or v6 addresses
NB: If no options are passed, all requests will be rejected