Add Proxy IP check for header security

2023-11-24 00:11:04 -06:00 · 2023-11-24 00:11:04 -06:00 · 821ed3433b
parent 756d640d06
commit 821ed3433b
1 changed files with 5 additions and 1 deletions
--- a/services/get-user.js
+++ b/services/get-user.js
@ -2,8 +2,12 @@ module.exports = (config, req) => {
  try {
    if ( config.appConfig.auth.enableHeaderAuth ) {
      const userHeader = config.appConfig.auth.headerAuth.userHeader;
-      return { "success": true, "user": req.headers[userHeader.toLowerCase()] };
+      const proxyWhitelist = config.appConfig.auth.headerAuth.proxyWhitelist;
+      if ( proxyWhitelist.includes(req.socket.remoteAddress) ) {
+        return { "success": true, "user": req.headers[userHeader.toLowerCase()] };
+      }
    }
+    return {};
  } catch (e) {
    console.warn("Error get-user: ", e);
    return { 'success': false };