Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/chamini2/hapi-auth-ip-whitelist

Hapi.js plugin for authentication scheme of accepting connections only from certain IPs
https://github.com/chamini2/hapi-auth-ip-whitelist

hapi-plugin hapijs node

Last synced: about 4 hours ago
JSON representation

Hapi.js plugin for authentication scheme of accepting connections only from certain IPs

Host: GitHub
URL: https://github.com/chamini2/hapi-auth-ip-whitelist
Owner: chamini2
License: mit
Created: 2017-06-21T19:50:53.000Z (over 7 years ago)
Default Branch: master
Last Pushed: 2022-12-06T00:41:25.000Z (almost 2 years ago)
Last Synced: 2023-12-26T21:11:41.812Z (11 months ago)
Topics: hapi-plugin, hapijs, node
Language: JavaScript
Size: 21.5 KB
Stars: 11
Watchers: 2
Forks: 6
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # hapi-auth-ip-whitelist

[![npm](https://img.shields.io/npm/v/hapi-auth-ip-whitelist.svg)](https://www.npmjs.com/package/hapi-auth-ip-whitelist)

## Usage

### Localhost

Only accept calls from localhost:

```js

server.auth.strategy('localhost', 'ip-whitelist', ['127.0.0.1']);

```

*NOTE: Third parameter of server.auth.strategy is options which must be an object.* 

To be used like

```js

server.route({ 

  method: 'GET', 

  path: '/',

  handler(request, h) { return "That was from localhost!" }, 

  options: { auth: 'localhost' }

});

```

In the route receives a request from a different IP, it will respond a `401 unauthorized` error with the message `192.168.0.102 is not a valid IP`, where `192.168.0.102` is the IP of the request.

### Address ranges

You can also specify several IPs by passing a list instead. [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation is supported. 

For example, consider the IPs to expect requests from, as specified by [MercadoPago](https://www.mercadopago.com.co/developers/en/api-docs/basics/design-considerations).

```js

server.auth.strategy(

  'mercado-pago-webhook',

  'ip-whitelist',

  ['209.225.49.0/24', '216.33.197.0/24', '216.33.196.0/24', '63.128.82.0/24', '63.128.83.0/24', '63.128.94.0/24']  

);

```

### Behind proxy

In case you are behind a proxy, use Hapi plugin `therealyou`.

It will find the "real" IP in X-Forward headers and modify the request.info.remoteAddress.

```js

server.register([

  {

    plugin: require('therealyou')

  },

  {

    plugin: require('hapi-auth-ip-whitelist')

  }

])

```

## Example server

Start local example server with

```bash

npm start

```

then visit [http://localhost:3000](http://localhost:3000).

Successfully authenticated request [http://localhost:3000/authenticated](http://localhost:3000/authenticated).

Unauthenticated request [http://localhost:3000/unauthenticated](http://localhost:3000/unauthenticated).