GithubHelp home page GithubHelp logo

at2teixeira / express-ip-access-control Goto Github PK

View Code? Open in Web Editor NEW

This project forked from kennytanghk/express-ip-access-control

1.0 0.0 0.0 21 KB

An express middleware for access control base on IP addresses.

Home Page: https://www.npmjs.com/package/express-ip-access-control

License: MIT License

JavaScript 100.00%

express-ip-access-control's Introduction

Express IP Access Control

An express middleware for access control base on IP addresses.

Installation

npm i express-ip-access-control

Features

  • Control who can access resources base on IP addresses.
  • Support Express 4.
  • Support IPv4, IPv6, CIDR format & IPv4 mapped IPv6 addresses (using ipaddr.js).
  • Deny mode (Blacklist) & Allow mode (Whitelist).
  • Choose from connection address or real address. You may find it useful if you are behind proxy and needed to reject direct access.
  • Custom action on denied. (Redirect or show error message)
  • Custom log function.

Usage

You may want to know somethings about Express and Express's middleware first.

var AccessControl = require('express-ip-access-control');

// Create middleware.
var middleware = AccessControl(options);

// Or directly load it into the app.
var express = require('express');
var app = express();
app.use(AccessControl(options));

Options

var options = {
	mode: 'deny',
	denys: [],
	allows: [],
	forceConnectionAddress: false,
	log: function(clientIp, access) {
		console.log(clientIp + (access ? ' accessed.' : ' denied.'));
	},

	statusCode: 401,
	redirectTo: '',
	message: 'Unauthorized'
};

mode (default: 'deny')

'deny' mode (Blacklist)

Allow by default, only deny IPs in the blacklist (denys) and not excluded by the whitelist (allows).

'allow' mode (Whilelist)

Deny by default, only allow IPs in the whitelist (allows) and not excluded by the blacklist (denys).

denys (default: [])

The blacklist. Works differently in different mode. Support IPv4, IPv6, CIDR format or mixed. IPv4 mapped IPv6 addresses will be converted into IPv4.

allows (default: [])

The whitelist. Works differently in different mode. Support IPv4, IPv6, CIDR format or mixed. IPv4 mapped IPv6 addresses will be converted into IPv4.

forceConnectionAddress (default: false)

If set to true, the connection address (req.connection.remoteAddress) will be used even express.set('trust proxy', []) set the req.ip. So that you can reject direct access if you are behind proxy and needed to do so.

log (default: Simple log function)

Pass a log function or false to disable log. The function should have signature like this Function(String clientIp, Boolean access).

statusCode (default: 401)

The HTTP status code sent when denied. Set to 301 or 302 means redirect to redirectTo. Will be parseInt(statusCode, 10) to ensure it is a integer.

redirectTo (default: '')

The URL to redirect when denied and statusCode is set to redirect. It will be passed into res.redirect(statusCode, redirectTo) directly, without any validation or manipulation.

message (default: 'Unauthorized')

The message sent when denied and statusCode is not set to redirect. It will be passed into res.send(message) directly, without any validation or manipulation.

Functions

ipMatch()

AccessControl.ipMatch(clientIp, list);

Return true if clientIp is in the list, false if not. The function will return false if the clientIp is not valid or the list is empty.

  • (String) clientIp is the IP address (IPv4 / IPv6) to check. IPv4 mapped IPv6 addresses will be converted into IPv4.
  • (Array of String) list is the list / range of IP address. Support IPv4, IPv6, CIDR format or mixed. IPv4 mapped IPv6 addresses will be converted into IPv4.

Repository

You may find the source code on GitHub. Please feel free to report bugs and contribute your changes.

License

MIT

express-ip-access-control's People

Contributors

at2teixeira avatar jhollowe avatar kennytanghk avatar

Stargazers

 avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.