* Checks if a client IP matches any entry in the whitelist * @param {string} clientIp - The IP address to check * @param {string[]} whitelist - Array of IP addresses or CIDR ranges * @returns {boolean} True if IP is allowed
(clientIp, whitelist)
| 8 | * @returns {boolean} True if IP is allowed |
| 9 | */ |
| 10 | function isAllowed (clientIp, whitelist) { |
| 11 | try { |
| 12 | const addr = ipaddr.process(clientIp); |
| 13 | |
| 14 | return whitelist.some((entry) => { |
| 15 | try { |
| 16 | // CIDR notation |
| 17 | if (entry.includes("/")) { |
| 18 | const [rangeAddr, prefixLen] = ipaddr.parseCIDR(entry); |
| 19 | return addr.match(rangeAddr, prefixLen); |
| 20 | } |
| 21 | |
| 22 | // Single IP address - let ipaddr.process normalize both |
| 23 | const allowedAddr = ipaddr.process(entry); |
| 24 | return addr.toString() === allowedAddr.toString(); |
| 25 | } catch { |
| 26 | Log.warn(`Invalid whitelist entry: ${entry}`); |
| 27 | return false; |
| 28 | } |
| 29 | }); |
| 30 | } catch { |
| 31 | Log.warn(`Failed to parse client IP: ${clientIp}`); |
| 32 | return false; |
| 33 | } |
| 34 | } |
| 35 | |
| 36 | /** |
| 37 | * Resolves a client IP for both Express and Socket.IO requests. |
no outgoing calls
no test coverage detected