MCPcopy Index your code
hub / github.com/tinyauthapp/tinyauth / CheckIP

Method CheckIP

internal/service/auth_service.go:560–596  ·  view source on GitHub ↗
(acls config.AppIP, ip string)

Source from the content-addressed store, hash-verified

558}
559
560func (auth *AuthService) CheckIP(acls config.AppIP, ip string) bool {
561 // Merge the global and app IP filter
562 blockedIps := append(auth.config.IP.Block, acls.Block...)
563 allowedIPs := append(auth.config.IP.Allow, acls.Allow...)
564
565 for _, blocked := range blockedIps {
566 res, err := utils.FilterIP(blocked, ip)
567 if err != nil {
568 tlog.App.Warn().Err(err).Str("item", blocked).Msg("Invalid IP/CIDR in block list")
569 continue
570 }
571 if res {
572 tlog.App.Debug().Str("ip", ip).Str("item", blocked).Msg("IP is in blocked list, denying access")
573 return false
574 }
575 }
576
577 for _, allowed := range allowedIPs {
578 res, err := utils.FilterIP(allowed, ip)
579 if err != nil {
580 tlog.App.Warn().Err(err).Str("item", allowed).Msg("Invalid IP/CIDR in allow list")
581 continue
582 }
583 if res {
584 tlog.App.Debug().Str("ip", ip).Str("item", allowed).Msg("IP is in allowed list, allowing access")
585 return true
586 }
587 }
588
589 if len(allowedIPs) > 0 {
590 tlog.App.Debug().Str("ip", ip).Msg("IP not in allow list, denying access")
591 return false
592 }
593
594 tlog.App.Debug().Str("ip", ip).Msg("IP not in allow or block list, allowing by default")
595 return true
596}
597
598func (auth *AuthService) IsBypassedIP(acls config.AppIP, ip string) bool {
599 for _, bypassed := range acls.Bypass {

Callers 1

proxyHandlerMethod · 0.80

Calls 1

FilterIPFunction · 0.92

Tested by

no test coverage detected