-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathserver.js
102 lines (99 loc) · 2.8 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
const Hapi = require('hapi')
const ipLib = require('ip')
const plugin = require('./lib')
const moduleName = require('./package').name
const server = new Hapi.Server({
host: process.env.HOST || 'localhost',
address: process.env.IP || '0.0.0.0',
port: process.env.PORT || 3000,
routes: {
cors: true
},
debug: {
log: ['error'],
request: ['error']
}
})
// register plugin
server.register([
// Uncomment to get correct IP of client when running behind a proxy, therealyou is entirely optional
/*
{
plugin: require('therealyou')
},
*/
{
plugin
}
])
.then(() => {
// specify auth strategies
server.auth.strategy('local_network', 'ip-whitelist', ['192.168.0.0/23']) // Use CIDR
server.auth.strategy('localhost', 'ip-whitelist', ['127.0.0.1'])
server.auth.strategy('ip_outside_our_control', 'ip-whitelist', ['8.8.8.8']) // only allow IP that will never visit
})
.then(() => {
const routes = [
{
method: 'GET',
path: '/',
handler(request, h) {
const {host, port} = request.server.info
const localip = ipLib.address()
const localhostUrl = `${host}:${port}/localhost`
const localNetWorkUrl = `${localip}:${port}/local`
const unauthUrl = `${host}:${port}/unauth`
return `
<ul>
<li>Visit <a href="//${localhostUrl}">${localhostUrl}</a> to test successfully authenticated requests.</li>
<li>Visit <a href="//${localNetWorkUrl}">${localNetWorkUrl}</a> to test CIDR requests, it should work from other computers in your network too.</li>
<li>Visit <a href="//${unauthUrl}">${unauthUrl}</a> to test a rejection because of an unauthorized requests.</li>
</ul>
`
},
options: {
auth: false
}
},
{
method: 'GET',
path: '/local',
handler(request, h) {
return `Authorized request from ${request.auth.credentials}`
},
options: {
auth: 'local_network'
}
},
{
method: 'GET',
path: '/localhost',
handler(request, h) {
return `Authorized request from ${request.auth.credentials}`
},
options: {
auth: 'localhost'
}
},
{
method: 'GET',
path: '/unauth',
handler(request, h) {
return 'This should not happen, should get 401 unauthorized!'
},
options: {
auth: 'ip_outside_our_control'
}
}
]
// register routes after auth strategies are registered
server.route(routes)
})
.then(async () => {
// Start the server
await server.start()
console.log(`Example server for ${moduleName} running at: ${server.info.uri}`)
})
.catch(err => {
console.error(err)
})