express-ip-access-control

An express.js middleware for access control.

Express IP Access Control

An express middleware for access control base on IP addresses.

Installation

npm i express-ip-access-control

Features

  • Control who can access resources base on IP addresses.
  • Support Express 4.
  • Support IPv4, IPv6, CIDR format& IPv4 mapped IPv6 addresses(thanks to ipaddr.js).
  • Deny mode (Blacklist) & Allow mode (Whitelist), similar to Apache Access Control.
  • Choose from connection address or real address. You may find it useful if you are behind proxy and needed to reject direct access.
  • Custom action on denied. (Redirector show error message)
  • Custom log function.

Usage

You may want to know somethings about Expressand Express's middlewarefirst.

var AccessControl = require('express-ip-access-control');

// Create middleware.
var middleware = AccessControl(options);

// Or directly load it into the app.
var express = require('express');
var app = express();
app.use(AccessControl(options));

Options

var options = {
    mode: 'deny',
    denys: [],
    allows: [],
    forceConnectionAddress: false,
    log: function(clientIp, access) {
        console.log(clientIp + (access ? ' accessed.' : ' denied.'));
    },

    statusCode: 401,
    redirectTo: '',
    message: 'Unauthorized'
};

mode (default: 'deny')

'deny'mode (Blacklist)

Allow by default, only deny IPs in the blacklist (denys) and not excluded by the whitelist (allows).

'allow'mode (Whilelist)

Deny by default, only allow IPs in the whitelist (allows) and not excluded by the blacklist (denys).

denys (default: [])

The blacklist. Works differently in different mode. Support IPv4, IPv6, CIDR format or mixed. IPv4 mapped IPv6 addresses will be converted into IPv4.

allows (default: [])

The whitelist. Works differently in different mode. Support IPv4, IPv6, CIDR format or mixed. IPv4 mapped IPv6 addresses will be converted into IPv4.

forceConnectionAddress (default: false)

If set to true, the connection address (req.connection.remoteAddress) will be used even express.set('trust proxy', [])set the req.ip. So that you can reject direct access if you are behind proxy and needed to do so.

log (default: Simple log function)

Pass a log function or falseto disable log. The function should have signature like this Function(String clientIp, Boolean access).

statusCode (default: 401)

The HTTP status code sent when denied. Set to 301or 302means redirect to redirectTo. Will be parseInt(statusCode, 10)to ensure it is a integer.

redirectTo (default: '')

The URL to redirect when denied and statusCodeis set to redirect. It will be passed into res.redirect(statusCode, redirectTo)directly, without any validation or manipulation.

message (default: 'Unauthorized')

The message sent when denied and statusCodeis not set to redirect. It will be passed into res.send(message)directly, without any validation or manipulation.

Functions

ipMatch()

AccessControl.ipMatch(clientIp, list);

Return trueif clientIpis in the list, falseif not. The function will return falseif the clientIpis not valid or the listis empty.

  • (String) clientIpis the IP address (IPv4 / IPv6) to check. IPv4 mapped IPv6 addresses will be converted into IPv4.
  • (Array of String) listis the list / range of IP address. Support IPv4, IPv6, CIDR format or mixed. IPv4 mapped IPv6 addresses will be converted into IPv4.

Repository

You may find the source code on GitHub. Please feel free to report bugs and contribute your changes.

License

MIT

HomePage

https://github.com/KennyTangHK/express-ip-access-control

Repository

https://github.com/KennyTangHK/express-ip-access-control.git


上一篇:squeezer-cli-11
下一篇:tslint-react-native

相关推荐

官方社区

扫码加入 JavaScript 社区