feat: allow or block an ip/range of ips using labels (#211)

* feat: allow or block an ip/range of ips using labels * refactor: redirect to root page when no username or ip is provided in the unauthorized page
2025-10-28 12:45:47 +00:00 · 2025-06-25 20:35:48 +03:00
parent 9008b67f7d
commit 84d4c84ed2
8 changed files with 128 additions and 2 deletions
--- a/internal/types/api.go
+++ b/internal/types/api.go
@@ -21,6 +21,7 @@ type UnauthorizedQuery struct {
 	Username string `url:"username"`
 	Resource string `url:"resource"`
 	GroupErr bool   `url:"groupErr"`
+	IP       string `url:"ip"`
 }

 // Proxy is the uri parameters for the proxy endpoint
--- a/internal/types/config.go
+++ b/internal/types/config.go
@@ -105,6 +105,12 @@ type BasicLabels struct {
 	Password string
 }

+// IP labels for a tinyauth protected container
+type IPLabels struct {
+	Allow []string
+	Block []string
+}
+
 // Labels is a struct that contains the labels for a tinyauth protected container
 type Labels struct {
 	Users   string
@@ -113,4 +119,5 @@ type Labels struct {
 	Domain  string
 	Basic   BasicLabels
 	OAuth   OAuthLabels
+	IP      IPLabels
 }