Mercurial > prosody-modules
comparison mod_http_health/mod_http_health.lua @ 5689:09233b625cb9
mod_http_health: Copypaste IP access control code
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 05 Nov 2023 19:22:46 +0100 |
| parents | 9bcd257dea4e |
| children |
comparison
equal
deleted
inserted
replaced
| 5688:429be658c0bb | 5689:09233b625cb9 |
|---|---|
| 1 module:set_global(); | 1 module:set_global(); |
| 2 | 2 |
| 3 local ip = require "util.ip"; | |
| 3 | 4 |
| 4 local modulemanager = require "core.modulemanager"; | 5 local modulemanager = require "core.modulemanager"; |
| 5 | 6 |
| 7 local permitted_ips = module:get_option_set("http_health_allow_ips", { "::1", "127.0.0.1" }); | |
| 8 local permitted_cidr = module:get_option_string("http_health_allow_cidr"); | |
| 9 | |
| 10 local function is_permitted(request) | |
| 11 local ip_raw = request.ip; | |
| 12 if permitted_ips:contains(ip_raw) or | |
| 13 (permitted_cidr and ip.match(ip.new_ip(ip_raw), ip.parse_cidr(permitted_cidr))) then | |
| 14 return true; | |
| 15 end | |
| 16 return false; | |
| 17 end | |
| 18 | |
| 6 module:provides("http", { | 19 module:provides("http", { |
| 7 route = { | 20 route = { |
| 8 GET = function() | 21 GET = function(event) |
| 22 local request = event.request; | |
| 23 if not is_permitted(request) then | |
| 24 return 403; -- Forbidden | |
| 25 end | |
| 26 | |
| 9 for host in pairs(prosody.hosts) do | 27 for host in pairs(prosody.hosts) do |
| 10 local mods = modulemanager.get_modules(host); | 28 local mods = modulemanager.get_modules(host); |
| 11 for _, mod in pairs(mods) do | 29 for _, mod in pairs(mods) do |
| 12 if mod.module.status_type == "error" then | 30 if mod.module.status_type == "error" then |
| 13 return { status_code = 500; headers = { content_type = "text/plain" }; body = "HAS ERRORS\n" }; | 31 return { status_code = 500; headers = { content_type = "text/plain" }; body = "HAS ERRORS\n" }; |