darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2026-02-03 09:51:11 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add list of IP address that X-Forwarded-For return to add more visibility to the traffic

Browse Source
This commit is contained in:
venusbb
2017-07-05 14:02:20 +01:00
parent 39a8e1cfed
commit 1d8d6b1ef1
2 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/authentication/auth.py
View File

@@ -51,6 +51,8 @@ def restrict_ip_sms():
ip_list = request.headers.get("X-Forwarded-For") ip_list = request.headers.get("X-Forwarded-For")
ip = ip_list.split(',')[0].strip() ip = ip_list.split(',')[0].strip()
current_app.logger.info("Inbound sms ip list {}".format(ip_list))
if ip in current_app.config.get('ALLOW_IP_INBOUND_SMS'): if ip in current_app.config.get('ALLOW_IP_INBOUND_SMS'):
current_app.logger.info("Inbound sms ip addresses {} passed ".format(ip)) current_app.logger.info("Inbound sms ip addresses {} passed ".format(ip))
return return

4
tests/app/authentication/test_authentication.py
View File

@@ -313,7 +313,7 @@ def __create_token(service_id):
def restrict_ip_sms_app(): def restrict_ip_sms_app():
app = flask.Flask(__name__) app = flask.Flask(__name__)
app.config['TESTING'] = True app.config['TESTING'] = True
app.config['ALLOW_IP_INBOUND_SMS'] = ['111.111.111.111'] app.config['ALLOW_IP_INBOUND_SMS'] = ['134.213.243.188']
blueprint = flask.Blueprint('restrict_ip_sms_app', __name__) blueprint = flask.Blueprint('restrict_ip_sms_app', __name__)
@@ -332,7 +332,7 @@ def test_allow_valid_ips(restrict_ip_sms_app):
response = restrict_ip_sms_app.get( response = restrict_ip_sms_app.get(
path='/', path='/',
headers=[ headers=[
('X-Forwarded-For', '111.111.111.111, 222.222.222.222, 127.0.0.1'), ('X-Forwarded-For', '134.213.243.188, 222.222.222.222, 127.0.0.1'),
] ]
) )