22 lines
753 B
TypeScript
22 lines
753 B
TypeScript
import { CanActivate, ExecutionContext, ForbiddenException, Injectable } from '@nestjs/common';
|
|
import { Request } from 'express';
|
|
import { Observable } from 'rxjs';
|
|
|
|
@Injectable()
|
|
export class LocalhostGuard implements CanActivate {
|
|
canActivate(context: ExecutionContext): boolean | Promise<boolean> | Observable<boolean> {
|
|
const request = context.switchToHttp().getRequest<Request>();
|
|
const ip = request.ip;
|
|
|
|
// Liste der erlaubten IPs
|
|
const allowedIPs = ['127.0.0.1', '::1', 'localhost', '::ffff:127.0.0.1'];
|
|
|
|
if (!allowedIPs.includes(ip)) {
|
|
console.warn(`Versuchter Zugriff von unerlaubter IP: ${ip}`);
|
|
throw new ForbiddenException('Dieser Endpunkt kann nur lokal aufgerufen werden');
|
|
}
|
|
|
|
return true;
|
|
}
|
|
}
|