Can set a list of allowed IP

This commit is contained in:
2024-04-23 19:29:11 +02:00
parent 9d738285ab
commit 9365e9afdf
3 changed files with 38 additions and 3 deletions
README.md
virtweb_backend/src

@ -103,10 +103,15 @@ pub struct AppConfig {
#[arg(short = 'H', long, env)]
pub hypervisor_uri: Option<String>,
/// Trusted network. If set, a client from a different will not be able to perform request other
/// than those with GET verb (aside for login)
/// Trusted network. If set, a client (user) from a different network will not be able to perform
/// request other than those with GET verb (aside for login)
#[arg(short = 'T', long, env)]
pub trusted_network: Vec<String>,
/// Comma-separated list of allowed networks. If set, a client (user or API token) from a
/// different network will not be able to access VirtWeb
#[arg(short = 'A', long, env)]
pub allowed_networks: Vec<String>,
}
lazy_static::lazy_static! {
@ -190,6 +195,25 @@ impl AppConfig {
false
}
/// Check if an IP belongs to an allowed network or not
pub fn is_allowed_ip(&self, ip: IpAddr) -> bool {
if self.allowed_networks.is_empty() {
return true;
}
for i in &self.allowed_networks {
for sub_i in i.split(',') {
let net =
ipnetwork::IpNetwork::from_str(sub_i).expect("Allowed network is invalid!");
if net.contains(ip) {
return true;
}
}
}
false
}
/// Get OpenID providers configuration
pub fn openid_provider(&self) -> Option<OIDCProvider<'_>> {
if self.disable_oidc {