mirror of
https://github.com/phishingclub/phishingclub.git
synced 2026-06-02 04:41:39 +02:00
Ronni Skansing
32 lines
702 B
Go
32 lines
702 B
Go
package middleware
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/phishingclub/phishingclub/config"
|
|
"github.com/phishingclub/phishingclub/utils"
|
|
"go.uber.org/zap"
|
|
)
|
|
|
|
func NewAllowIPMiddleware(conf *config.Config, logger *zap.SugaredLogger) gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
// If no IP restrictions are configured, allow all
|
|
if len(conf.IPSecurity.AdminAllowed) == 0 {
|
|
c.Next()
|
|
return
|
|
}
|
|
clientIP := c.ClientIP()
|
|
allowed := utils.IPMatchesList(clientIP, conf.IPSecurity.AdminAllowed)
|
|
|
|
if !allowed {
|
|
logger.Infow("blocked unauthorized IP access attempt",
|
|
"ip", clientIP)
|
|
c.AbortWithStatus(http.StatusForbidden)
|
|
return
|
|
}
|
|
|
|
c.Next()
|
|
}
|
|
}
|