mirror of
https://github.com/steveiliop56/tinyauth.git
synced 2026-07-14 05:51:18 +00:00
feat(config): allow global bypass by ip
This commit is contained in:
@@ -224,15 +224,18 @@ func (rule *IPAllowedRule) Evaluate(ctx *ACLContext) Effect {
|
||||
}
|
||||
|
||||
type IPBypassedRule struct {
|
||||
Log *logger.Logger
|
||||
Log *logger.Logger
|
||||
Config model.Config
|
||||
}
|
||||
|
||||
func (rule *IPBypassedRule) Evaluate(ctx *ACLContext) Effect {
|
||||
if ctx.ACLs == nil {
|
||||
return EffectDeny
|
||||
// merge global and per-app bypass lists
|
||||
bypassList := append([]string{}, rule.Config.Auth.IP.Bypass...)
|
||||
if ctx.ACLs != nil {
|
||||
bypassList = append(bypassList, ctx.ACLs.IP.Bypass...)
|
||||
}
|
||||
|
||||
for _, bypassed := range ctx.ACLs.IP.Bypass {
|
||||
for _, bypassed := range bypassList {
|
||||
match, err := utils.CheckIPFilter(bypassed, ctx.IP.String())
|
||||
if err != nil {
|
||||
rule.Log.App.Warn().Err(err).Str("item", bypassed).Msg("Invalid IP/CIDR in bypass list")
|
||||
|
||||
Reference in New Issue
Block a user