Mercurial > prosody-modules
diff mod_http_health/mod_http_health.lua @ 5689:09233b625cb9
mod_http_health: Copypaste IP access control code
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 05 Nov 2023 19:22:46 +0100 |
| parents | 9bcd257dea4e |
| children |
line wrap: on
line diff
--- a/mod_http_health/mod_http_health.lua Fri Nov 03 23:26:57 2023 +0100 +++ b/mod_http_health/mod_http_health.lua Sun Nov 05 19:22:46 2023 +0100 @@ -1,11 +1,29 @@ module:set_global(); +local ip = require "util.ip"; local modulemanager = require "core.modulemanager"; +local permitted_ips = module:get_option_set("http_health_allow_ips", { "::1", "127.0.0.1" }); +local permitted_cidr = module:get_option_string("http_health_allow_cidr"); + +local function is_permitted(request) + local ip_raw = request.ip; + if permitted_ips:contains(ip_raw) or + (permitted_cidr and ip.match(ip.new_ip(ip_raw), ip.parse_cidr(permitted_cidr))) then + return true; + end + return false; +end + module:provides("http", { route = { - GET = function() + GET = function(event) + local request = event.request; + if not is_permitted(request) then + return 403; -- Forbidden + end + for host in pairs(prosody.hosts) do local mods = modulemanager.get_modules(host); for _, mod in pairs(mods) do