secure-express-setup/lib/ipFilter.js

Military-grade one-command security setup for Express.js applications

function setupIpFilter(whitelist, blacklist) {
  return (req, res, next) => {
    const clientIp = req.ip || req.connection.remoteAddress;

    // Check blacklist first
    if (blacklist.includes(clientIp)) {
      console.warn(`🚫 Blocked IP attempt: ${clientIp}`);
      return res.status(403).json({ error: 'Access denied' });
    }

    // If whitelist exists and IP not in it, deny
    if (whitelist.length > 0 && !whitelist.includes(clientIp)) {
      console.warn(`🚫 Non-whitelisted IP attempt: ${clientIp}`);
      return res.status(403).json({ error: 'Access denied' });
    }

    next();
  };
}

module.exports = setupIpFilter;