IP restriction for inbound sms test 2

2025-12-20 15:31:15 -05:00 · 2017-06-29 10:47:27 +01:00
parent 73e0432a69
commit 16571c5b3c
4 changed files with 16 additions and 9 deletions
--- a/app/init.py
+++ b/app/init.py
@@ -98,7 +98,7 @@ def register_blueprint(application):
    from app.notifications.notifications_ses_callback import ses_callback_blueprint
    from app.notifications.notifications_sms_callback import sms_callback_blueprint
    from app.notifications.notifications_letter_callback import letter_callback_blueprint
-    from app.authentication.auth import requires_admin_auth, requires_auth, requires_no_auth
+    from app.authentication.auth import requires_admin_auth, requires_auth, requires_no_auth, restrict_ip_sms
    from app.letters.send_letter_jobs import letter_job

    service_blueprint.before_request(requires_admin_auth)
@@ -119,7 +119,7 @@ def register_blueprint(application):
    sms_callback_blueprint.before_request(requires_no_auth)
    application.register_blueprint(sms_callback_blueprint)

-    receive_notifications_blueprint.before_request(requires_no_auth)
+    receive_notifications_blueprint.before_request(restrict_ip_sms)
    application.register_blueprint(receive_notifications_blueprint)

    notifications_blueprint.before_request(requires_auth)
--- a/app/authentication/auth.py
+++ b/app/authentication/auth.py
@@ -1,4 +1,5 @@
 from flask import request, _request_ctx_stack, current_app, g
+from flask import jsonify
 from sqlalchemy.exc import DataError
 from sqlalchemy.orm.exc import NoResultFound

@@ -43,6 +44,16 @@ def requires_no_auth():
    pass


+def restrict_ip_sms():
+    ip_addr = jsonify({'remote_addr': request.remote_addr,
+                       'X-Forwarded_FOR': request.headers.getlist('X-Forwarded-For'),
+                       'X_Real-Ip': request.headers.getlist('X-Real-Ip')})
+
+    current_app.logger.info("Inbound sms ip addresses = {}".format(ip_addr))
+
+    return
+
+
 def requires_admin_auth():
    auth_token = get_auth_token(request)
    client = __get_token_issuer(auth_token)
--- a/app/notifications/receive_notifications.py
+++ b/app/notifications/receive_notifications.py
@@ -28,7 +28,10 @@ def receive_mmg_sms():
        'DateRecieved': '2017-05-21+11%3A56%3A11'
    }
    """
+    # This will inject the sender IP route to log
+    '''
    current_app.logger.info("Inbound sms sender IP information {}".format(request.headers.getlist("X-Forwarded-For")))
+    '''
    post_data = request.get_json()

    inbound_number = strip_leading_forty_four(post_data['Number'])
@@ -51,8 +54,6 @@ def receive_mmg_sms():
                                        provider_name="mmg")

    tasks.send_inbound_sms_to_service.apply_async([str(inbound.id), str(service.id)], queue=QueueNames.NOTIFY)
-    current_app.logger.info(
-        '{} received inbound SMS with reference {} from MMG'.format(service.id, inbound.provider_reference))

    return 'RECEIVED', 200

--- a/app/status/healthcheck.py
+++ b/app/status/healthcheck.py
@@ -57,11 +57,6 @@ def show_delivery_status():
            db_version=get_db_version()), 200


-@status.route('/_check_IP_source')
-def show_check_IP_source():
-    return jsonify({'ip': request.headers.getlist("X-Forwarded-For")}), 200
-
-
 def get_db_version():
    try:
        query = 'SELECT version_num FROM alembic_version'