initial logging for route protection

This commit is contained in:
venusbb
2017-11-03 14:43:56 +00:00
parent ab583c0bc6
commit f4d005c7fb
5 changed files with 91 additions and 3 deletions

View File

@@ -47,8 +47,27 @@ def requires_no_auth():
def restrict_ip_sms():
# Check route of inbound sms (Experimental)
# Temporary custom header for route security
if request.headers.get("X-Custom-forwarder"):
current_app.logger.info("X-Custom-forwarder received")
# if request.headers.get("X-Custom-forwarder"):
# current_app.logger.info("X-Custom-forwarder received")
if request.headers.get("X-Custom-Forwarder"):
route_secret_key = request.headers.get("X-Custom-Forwarder")
key_1 = current_app.config.get('ROUTE_SECRET_KEY_1')
key_2 = current_app.config.get('ROUTE_SECRET_KEY_2')
key_used = 0
route_allowed = False
if route_secret_key == key_1:
key_used = 1
route_allowed = True
elif route_secret_key == key_2:
key_used = 2
route_allowed = True
current_app.logger.info({
'message': 'X-Custom-forwarder key {} is used'.format(key_used),
'log_contents': {
'passed': route_allowed,
}
})
# Check IP of SMS providers
if request.headers.get("X-Forwarded-For"):

View File

@@ -45,6 +45,8 @@ def extract_notify_config(notify_config):
os.environ['SECRET_KEY'] = notify_config['credentials']['secret_key']
os.environ['DANGEROUS_SALT'] = notify_config['credentials']['dangerous_salt']
os.environ['SMS_INBOUND_WHITELIST'] = json.dumps(notify_config['credentials']['allow_ip_inbound_sms'])
os.environ['ROUTE_SECRET_KEY_1'] = notify_config['credentials']['route_secret_key_1']
os.environ['ROUTE_SECRET_KEY_2'] = notify_config['credentials']['route_secret_key_2']
def extract_performance_platform_config(performance_platform_config):

View File

@@ -287,6 +287,8 @@ class Config(object):
FREE_SMS_TIER_FRAGMENT_COUNT = 250000
SMS_INBOUND_WHITELIST = json.loads(os.environ.get('SMS_INBOUND_WHITELIST', '[]'))
ROUTE_SECRET_KEY_1 = os.environ['ROUTE_SECRET_KEY_1']
ROUTE_SECRET_KEY_2 = os.environ['ROUTE_SECRET_KEY_2']
# Format is as follows:
# {"dataset_1": "token_1", ...}