whitelistip v1.0.2

Whitelist IP

A middleware for express routing function. When used it allows request comming from IPs present in the whitelist to pass.

Features

• Block non whitelisted IPs from accessing API endpoints
• If blocked, return a 403 Forbidden error and stop the request.
• Unified whitelist allover the app
• Can be applied on a route basis

Installation

npm install --save whitelistip

Test

npm test

Example Usage

//Required packages
var express = require('express'),
	whitelistIP = require('whitelistip');
    
//Create an express app
var server = express();

//Allow only requests from localhost
server.whitelistIP = whitelistIP([
	"127.0.0.1", 
    "::ffff:127.0.0.1", 
    "::1"
]);

//Add a public endpoint no IP restriction
server.all('/public', publicHandler);

//Add a restricted endpoint, only whitelisted IPs are allowed
server.get(
	'/restricted', 
	server.whitelistIP.restrict(),
    restrictedHandler
);

//Start the server
server.listen(3000, function (err) {
    if (err) console.log(err);
});

When trying to access the /restricted endpoint from another machine, a 403 Forbidden message will be returned.

Options

The middleware accepts two types of options:

1. String a string containing a valid IP v4 or v6 addresse
2. [String] an array of strings containing a valid IP v4 or v6 addresses

NB: If no options are passed, all requests will be rejected