whitelistip
v1.0.2
Published
Whitelist middleware for express routing function. When present it allows request comming from the whitelisted IPs only. A 403 Forbidden error is sent to all other IP addresses.
Downloads
22
Maintainers
Readme
Whitelist IP
A middleware for express routing function. When used it allows request comming from IPs present in the whitelist to pass.
Features
- Block non whitelisted IPs from accessing API endpoints
- If blocked, return a 403 Forbidden error and stop the request.
- Unified whitelist allover the app
- Can be applied on a route basis
Installation
npm install --save whitelistip
Test
npm test
Example Usage
//Required packages
var express = require('express'),
whitelistIP = require('whitelistip');
//Create an express app
var server = express();
//Allow only requests from localhost
server.whitelistIP = whitelistIP([
"127.0.0.1",
"::ffff:127.0.0.1",
"::1"
]);
//Add a public endpoint no IP restriction
server.all('/public', publicHandler);
//Add a restricted endpoint, only whitelisted IPs are allowed
server.get(
'/restricted',
server.whitelistIP.restrict(),
restrictedHandler
);
//Start the server
server.listen(3000, function (err) {
if (err) console.log(err);
});
When trying to access the /restricted
endpoint from another machine, a 403 Forbidden message will be returned.
Options
The middleware accepts two types of options:
String
a string containing a valid IP v4 or v6 addresse[String]
an array of strings containing a valid IP v4 or v6 addresses
NB: If no options are passed, all requests will be rejected