Express-ip-filter NPM

express-ip-filter

Middleware for express that filters IPs against glob patterns, RegExp, string or array of globs. Support custom 403 Forbidden message, blacklists, whitelists and custom ID.

Install

npm i express-ip-filter --save

Features

custom message when 403 Forbidden response, through opts.forbidden
custom identifier different than default this.ip, through opts.id
- you may want to add opts.strict: false if it's not IP
filter IP using glob patterns, regexp, string, array or function
blacklist with negative glob patterns, whitelist with positive
would restrict all to 403 Forbidden that not match to filter

Notice: In the next middleware you will have this.filter method which is ip-filter and this.identifier - the IP/ID that passed the given filter

Usage

For more use-cases see the tests

const expressIpFilter = require('express-ip-filter')

expressIpFilter

Filtering incoming request with glob patterns array, regexp, string or matcher function

Params

options {Object}
- id {Function}: custom identifier, defaults to this.ip
- strict {Boolean}: to throw when not valid IPv4/IPv6? default true
- filter {Array|String|RegExp|Function}: black/white list filter
- forbidden {String|Function}: custom message when 403 Forbidden response
returns {Function}

Example

'use strict'

var express = require('express')
var ipFilter = require('express-ip-filter')
var helloWorld = require('express-hello-world')

var app = express()

app
.use(ipFilter({
  forbidden: '403: Get out of here!',
  filter: ['127.??.6*.12', '!1.2.*.4']
}))
.use(helloWorld())

app.listen(1234)
console.log('express server start listening on http://localhost:1234')

// if your IP is `127.43.65.12` you will see `Hello World`
// otherwise you will see `403: Get out of here!`

One more example

If you want to allow all IPs, but want to restrict only some range

'use strict'

var express = require('express')
var ipFilter = require('express-ip-filter')
var helloWorld = require('express-hello-world')

var app = express()

app
.use(ipFilter({
  forbidden: '403: Get out of here!',
  filter: ['*', '!213.15.*']
}))
.use(helloWorld())

app.listen(1234)
console.log('express server start listening on http://localhost:1234')

// only user with IP starting with `213.15.*` 
// will see the message `403: Get out of here!`

ip-filter: Validates valid IPs (IPv4 and IPv6) using micromatch - glob patterns, RegExp… more | homepage
is-match-ip: Matching IPs using micromatch and ip-filter - glob patterns, RegExp, string or… more | homepage
is-match: Create a matching function from a glob pattern, regex, string, array, object… more | homepage
koa-better-body: Full-featured koa body parser! Support parsing text, buffer, json, json patch, json… more | homepage
koa-ip-filter: Middleware for koa that filters IPs against glob patterns, RegExp, string or… more | homepage

Contributing

Pull requests and stars are always welcome. For bugs and feature requests, please create an issue.
But before doing anything, please read the CONTRIBUTING.md guidelines.