UNPKG

whitelistip

Version:

Whitelist middleware for express routing function. When present it allows request comming from the whitelisted IPs only. A 403 Forbidden error is sent to all other IP addresses.

bitbucket.org/josephmallah/whitelistip

85 lines (80 loc) 3.41 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
var chai = require("chai"); var expect = chai.expect; var WhitelistIP = require("../../whitelistIP"); var requestMock = require("./mock/requestMock"); var responseMock = require("./mock/responseMock"); describe("WhitelistIP", function(){ describe("Constructor", function() { it("should accept null argument", function() { var whitelistIP = WhitelistIP(); expect(whitelistIP).to.have.ownProperty("allowedIPs"); expect(whitelistIP.allowedIPs).to.be.empty; }); it("should accept one valid IP v4 as string", function() { var whitelistIP = WhitelistIP("127.0.0.1"); expect(whitelistIP).to.have.ownProperty("allowedIPs"); expect(whitelistIP.allowedIPs).to.be.eql([ '127.0.0.1']); }); it("should accept one valid IP v6 as string", function() { var whitelistIP = WhitelistIP("::ffff:127.0.0.1"); expect(whitelistIP).to.have.ownProperty("allowedIPs"); expect(whitelistIP.allowedIPs).to.be.eql([ '::ffff:127.0.0.1']); }); it("should accept multiple valid IP v4 and v6", function() { var data = ["127.0.0.1", "::ffff:127.0.0.1", "192.168.0.1"]; var whitelistIP = WhitelistIP(data); expect(whitelistIP).to.have.ownProperty("allowedIPs"); expect(whitelistIP.allowedIPs).to.be.eql(data); }); it("should reject invalid IP v4", function() { var data = "127.0.0.300"; expect(function(){ WhitelistIP(data) }).to.throw(data + " is not a valid IP address!"); }); it("should reject invalid IP v6", function() { var data = "127.0.0.300"; expect(function(){ WhitelistIP(data) }).to.throw(data + " is not a valid IP address!"); }); it("should reject anything other than string or array passed as parameters", function() { var data = 23.3; expect(function(){ WhitelistIP(data) }).to.throw("Supplied IPs are in an unsupported format. Provide a single IP as a string or an array of IPs as strings"); }); it("should reject array containing other than strings passed as parameters", function() { var data = [23.3, "string"]; expect(function(){ WhitelistIP(data) }).to.throw("Supplied IPs are in an unsupported format. Provide a single IP as a string or an array of IPs as strings"); }); }); describe("Restrict", function(){ it("should deny all access if no IP is passed", function() { var whitelistIP = WhitelistIP(); var req = requestMock.create(); req.connection.remoteAddress = "192.168.1.2"; var res = responseMock.create(); whitelistIP.restrict()(req, res); expect(res.statusCode).to.be.eql(403); }); it("should allow access for whitelisted IPs", function() { var whitelistIP = WhitelistIP("192.168.1.2"); var req = requestMock.create(); req.connection.remoteAddress = "192.168.1.2"; var res = responseMock.create(); whitelistIP.restrict()(req, res, function(){res.statusCode = 200;}); expect(res.statusCode).to.be.eql(200); }); it("should deny access for not whitelisted IPs", function() { var whitelistIP = WhitelistIP(["192.168.1.2", "192.168.1.1"]); var req = requestMock.create(); req.connection.remoteAddress = "192.168.1.3"; var res = responseMock.create(); whitelistIP.restrict()(req, res, function(){res.statusCode = 200;}); expect(res.statusCode).to.be.eql(403); }); }); });