mirror of https://github.com/Lissy93/dashy.git
Add Proxy IP check for header security
This commit is contained in:
parent
756d640d06
commit
821ed3433b
|
@ -2,8 +2,12 @@ module.exports = (config, req) => {
|
||||||
try {
|
try {
|
||||||
if ( config.appConfig.auth.enableHeaderAuth ) {
|
if ( config.appConfig.auth.enableHeaderAuth ) {
|
||||||
const userHeader = config.appConfig.auth.headerAuth.userHeader;
|
const userHeader = config.appConfig.auth.headerAuth.userHeader;
|
||||||
return { "success": true, "user": req.headers[userHeader.toLowerCase()] };
|
const proxyWhitelist = config.appConfig.auth.headerAuth.proxyWhitelist;
|
||||||
|
if ( proxyWhitelist.includes(req.socket.remoteAddress) ) {
|
||||||
|
return { "success": true, "user": req.headers[userHeader.toLowerCase()] };
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
return {};
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
console.warn("Error get-user: ", e);
|
console.warn("Error get-user: ", e);
|
||||||
return { 'success': false };
|
return { 'success': false };
|
||||||
|
|
Loading…
Reference in New Issue