MCPcopy Index your code
hub / github.com/MagicMirrorOrg/MagicMirror / socketIpAccessControl

Function socketIpAccessControl

js/ip_access_control.js:90–107  ·  view source on GitHub ↗

* Creates a Socket.IO `allowRequest` handler that enforces the same IP whitelist as the HTTP middleware. * This closes the gap where Socket.IO handshakes bypassed the Express-only `ipAccessControl` middleware. * @param {string[]} whitelist - Array of allowed IP addresses or CIDR ranges * @returns

(whitelist)

Source from the content-addressed store, hash-verified

88 * @returns {(req: object, callback: (err: string | null, success: boolean) => void) => void} Socket.IO allowRequest handler
89 */
90function socketIpAccessControl (whitelist) {
91 // Empty whitelist means allow all
92 if (!Array.isArray(whitelist) || whitelist.length === 0) {
93 return function (req, callback) {
94 callback(null, true); // allow the connection
95 };
96 }
97
98 return function (req, callback) {
99 const clientIp = resolveClientIp(req);
100 if (isAllowed(clientIp, whitelist)) {
101 callback(null, true); // allow the connection
102 } else {
103 Log.warn(`IP ${clientIp} is not allowed to connect to the mirror socket`);
104 callback("This device is not allowed to access your mirror.", false);
105 }
106 };
107}
108
109module.exports = { ipAccessControl, socketIpAccessControl };

Callers 2

ServerFunction · 0.85

Calls 2

resolveClientIpFunction · 0.85
isAllowedFunction · 0.85

Tested by

no test coverage detected