From a60a4d3706b748116724cfc365ca925e4ecffd74 Mon Sep 17 00:00:00 2001 From: Ben Sima Date: Mon, 30 Mar 2020 18:10:31 -0700 Subject: Only allow my IP to POST on /_ routes --- Run/Que.hs | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'Run/Que.hs') diff --git a/Run/Que.hs b/Run/Que.hs index aee021d..9893af2 100644 --- a/Run/Que.hs +++ b/Run/Que.hs @@ -1,6 +1,7 @@ {-# LANGUAGE NoImplicitPrelude #-} {-# LANGUAGE GeneralizedNewtypeDeriving #-} {-# LANGUAGE OverloadedStrings #-} +{-# LANGUAGE LambdaCase #-} {- | Interprocess communication -} @@ -19,6 +20,7 @@ import qualified Com.Simatime.Go as Go import qualified Control.Concurrent.STM as STM import qualified Control.Exception as Exception import Control.Monad.Reader ( MonadTrans ) +import qualified Data.ByteString as BS import qualified Data.ByteString.Builder.Extra as Builder import qualified Data.ByteString.Lazy as BSL import Data.HashMap.Lazy ( HashMap ) @@ -29,6 +31,7 @@ import Data.Text.Lazy ( Text ) import qualified Data.Text.Lazy as Text import qualified Network.HTTP.Types.Status as Http +import qualified Network.Socket as Socket import qualified Network.Wai as Wai import qualified Network.Wai.Handler.Warp as Warp import Network.Wai.Middleware.RequestLogger @@ -66,6 +69,14 @@ data Error = ErrorParsingOptions instance Exception.Exception Error +-- | Only allow my IP or local to access some route. +guardIP :: Wai.Request -> Scotty.ActionT Text App () +guardIP r = case Wai.remoteHost r of + Socket.SockAddrInet _ ip | ip `elem` allowed -> Scotty.status Http.ok200 + _ -> Scotty.status Http.methodNotAllowed405 + where + allowed = Socket.tupleToHostAddress