barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2025-10-29 05:05:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: add support for bypassing authentication for specific IPs

Browse Source
This commit is contained in:
Stavros
2025-07-10 00:53:22 +03:00
parent 476ed6964d
commit 0ace88a877
3 changed files with 44 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
internal/auth/auth.go
View File

@@ -452,10 +452,7 @@ func (auth *Auth) GetBasicAuth(c *gin.Context) *types.User {
}
}
func (auth *Auth) CheckIP(c *gin.Context, labels types.Labels) bool {
// Get the IP address from the request
ip := c.ClientIP()
func (auth *Auth) CheckIP(labels types.Labels, ip string) bool {
// Check if the IP is in block list
for _, blocked := range labels.IP.Block {
res, err := utils.FilterIP(blocked, ip)
@@ -492,3 +489,22 @@ func (auth *Auth) CheckIP(c *gin.Context, labels types.Labels) bool {
return true
}
func (auth *Auth) BypassedIP(labels types.Labels, ip string) bool {
// For every IP in the bypass list, check if the IP matches
for _, bypassed := range labels.IP.Bypass {
res, err := utils.FilterIP(bypassed, ip)
if err != nil {
log.Warn().Err(err).Str("item", bypassed).Msg("Invalid IP/CIDR in bypass list")
continue
}
if res {
log.Debug().Str("ip", ip).Str("item", bypassed).Msg("IP is in bypass list, allowing access")
return true
}
}
log.Debug().Str("ip", ip).Msg("IP not in bypass list, continuing with authentication")
return false
}