From 0af998d06c602cc60ae1b1c38d5f8f662c7e08e9 Mon Sep 17 00:00:00 2001 From: Yann Stepienik Date: Wed, 30 Aug 2023 14:30:28 +0100 Subject: [PATCH] [release] v0.10.0-unstable12 --- package.json | 2 +- src/utils/middleware.go | 23 +++++++++++++++++++++++ src/utils/types.go | 1 + 3 files changed, 25 insertions(+), 1 deletion(-) diff --git a/package.json b/package.json index 1068b0e..ca4cc36 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "cosmos-server", - "version": "0.10.0-unstable11", + "version": "0.10.0-unstable12", "description": "", "main": "test-server.js", "bugs": { diff --git a/src/utils/middleware.go b/src/utils/middleware.go index 406174c..e06bf40 100644 --- a/src/utils/middleware.go +++ b/src/utils/middleware.go @@ -260,4 +260,27 @@ func IsValidHostname(hostname string) bool { } return false +} + +func Restrictions(RestrictToConstellation bool) func(next http.Handler) http.Handler { + return func(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + + // check if the request is coming from the constellation IP range 192.168.201.0/24 + if RestrictToConstellation { + ip, _, err := net.SplitHostPort(r.RemoteAddr) + if err != nil { + http.Error(w, "Invalid request", http.StatusBadRequest) + return + } + + if !strings.HasPrefix(ip, "192.168.201.") && !strings.HasPrefix(ip, "192.168.202.") { + http.Error(w, "Access denied", http.StatusForbidden) + return + } + } + + next.ServeHTTP(w, r) + }) + } } \ No newline at end of file diff --git a/src/utils/types.go b/src/utils/types.go index ea8646c..8310cba 100644 --- a/src/utils/types.go +++ b/src/utils/types.go @@ -181,6 +181,7 @@ type ProxyRouteConfig struct { DisableHeaderHardening bool VerboseForwardHeader bool AddionalFilters []AddionalFiltersConfig + RestrictToConstellation bool } type EmailConfig struct {