mirror of
https://github.com/steveiliop56/tinyauth.git
synced 2026-07-15 22:41:14 +00:00
refactor: rework the way trusted proxies ip work (#1007)
This commit is contained in:
@@ -215,6 +215,10 @@ type IPAllowedRule struct {
|
||||
}
|
||||
|
||||
func (rule *IPAllowedRule) Evaluate(ctx *ACLContext) Effect {
|
||||
if !ctx.TrustedProxiesConfigured {
|
||||
return EffectAllow // We can't block the proxy
|
||||
}
|
||||
|
||||
// merge global and per-app block/allow lists
|
||||
blockedIps := append([]string{}, rule.Config.Auth.IP.Block...)
|
||||
allowedIPs := append([]string{}, rule.Config.Auth.IP.Allow...)
|
||||
@@ -263,6 +267,10 @@ type IPBypassedRule struct {
|
||||
}
|
||||
|
||||
func (rule *IPBypassedRule) Evaluate(ctx *ACLContext) Effect {
|
||||
if !ctx.TrustedProxiesConfigured {
|
||||
return EffectDeny
|
||||
}
|
||||
|
||||
// merge global and per-app bypass lists
|
||||
bypassList := append([]string{}, rule.Config.Auth.IP.Bypass...)
|
||||
if ctx.ACLs != nil {
|
||||
|
||||
Reference in New Issue
Block a user