Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

express-ipfilter

Package Overview
Dependencies
Maintainers
1
Versions
37
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

express-ipfilter

A light-weight IP address based filtering system

  • 1.3.2
  • latest
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
26K
increased by7.4%
Maintainers
1
Weekly downloads
 
Created
Source

express-ipfilter: A light-weight IP address based filtering system

This package provides easy IP based access control. This can be achieved either by denying certain IPs and allowing all others, or allowing certain IPs and denying all others.

Installation

Recommended installation is with npm. To add express-ipfilter to your project, do:

npm install express-ipfilter

Usage with Express

Denying certain IP addresses, while allowing all other IPs:

// Init dependencies
const express = require('express')
const ipfilter = require('express-ipfilter').IpFilter

// Deny the following IPs
const ips = ['127.0.0.1']

// Create the server
app.use(ipfilter(ips))
app.listen(3000)

Allowing certain IP addresses, while denying all other IPs:

// Init dependencies
// Init dependencies
const express = require('express')
const ipfilter = require('express-ipfilter').IpFilter

// Allow the following IPs
const ips = ['127.0.0.1']

// Create the server
app.use(ipfilter(ips, { mode: 'allow' }))

module.exports = app

Using CIDR subnet masks for ranges:

const ips = ['127.0.0.1/24']

// Create the server
app.use(ipfilter(ips, { mode: 'allow' }))

module.exports = app

Using IP ranges:

const ips = [['127.0.0.1', '127.0.0.10']]

// Create the server
app.use(ipfilter(ips, { mode: 'allow' }))

module.exports = app

Using a function to get Ips:

const ips = function() {
  return ['127.0.0.1']
}

// Create the server
app.use(ipfilter(ips, { mode: 'allow' }))

module.exports = app

Using wildcard ip ranges and nginx forwarding:

  let allowlist_ips = ['10.1.*.*', '123.??.34.8*'] // matches '10.1.76.32' and '123.77.34.89'

  let clientIp = function(req, res) {
    return req.headers['x-forwarded-for'] ? (req.headers['x-forwarded-for']).split(',')[0] : ""
  }
  
  app.use(
    ipFilter({
      detectIp: clientIp,
      forbidden: 'You are not authorized to access this page.',
      filter: allowlist_ips,
    })
  )

Error Handling

When an IP is denied, an IpDeniedError will be thrown by the middleware. If you do not handle the error, it will cause your app to crash due to an unhandled exception. Here is an example of how to handle the error, which can also be found in the example app:

if (app.get('env') === 'development') {
  app.use((err, req, res, _next) => {
    console.log('Error handler', err)
    if (err instanceof IpDeniedError) {
      res.status(401)
    } else {
      res.status(err.status || 500)
    }

    res.render('error', {
      message: 'You shall not pass',
      error: err
    })
  })
}

You will need to require the IpDeniedError type in order to handle it.

Options

PropertyDescriptionTypeDefault
modewhether to deny or allow to the IPs providedstringdeny
logconsole log actionsbooleantrue
logLevellevel of logging (all,deny,allow)stringall
excludingroutes that should be excluded from ip filteringarray[]
detectIpdefine a custom function that takes an Express request object and returns an IP address to test againstfunctionbuilt-in detection
trustProxyThis setting is implemented using the proxy-addr package. Check the documentation for the trust parameter.boolean, array, string, number, functionfalse

A note on detectIp

If you need to parse an IP address in a way that is not supported by default, you can write your own parser and pass that to ipfilter.

const customDetection = req => {
  var ipAddress

  ipAddress = req.connection.remoteAddress.replace(/\//g, '.')

  return ipAddress
}

ipfilter(ips, { detectIp: customDetection })

Contributing

See the CONTRIBUTING.MD document for more information on contributing.

Running Tests

Run tests by using npm test

Changelog

Moved to GitHub Releases

Credits

BaM Interactive - code.bamideas.com

Keywords

FAQs

Package last updated on 20 Feb 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc