auth-centric-firewall 0.0.7 → 0.0.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rbenv-vars.example +1 -0
- data/.rubocop.yml +6 -0
- data/CHANGELOG.md +4 -0
- data/README.md +1 -0
- data/lib/auth/centric/firewall/version.rb +1 -1
- data/lib/auth/centric/firewall.rb +10 -2
- data/sig/auth/centric/firewall.rbs +3 -0
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f997444c01f700674005254df0b27d7459b0c373658c34ff79b157769d376258
|
|
4
|
+
data.tar.gz: 8bd0e556ef46cbbc67cf36398285157df9113fd5570fea7bface6a3104aac052
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 611f72a5a803d4e0f89f6b45b641181a36ba52d46ff11e3485429e97b12510f4af729cbfac0fe60ee26ae1434e9d9412d3b3f7668d9c68e295389dd36d559ade
|
|
7
|
+
data.tar.gz: f109d3c581828a297a330d99b7ecf0451506fd3fcb871d3d0b74aa6f2b240e2cbd94498a9487f9fd91b91d20ca2d9d904a3264ecc4f89bc5e6b103628ab7c857
|
data/.rbenv-vars.example
CHANGED
data/.rubocop.yml
CHANGED
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -14,6 +14,8 @@ module Auth
|
|
|
14
14
|
class Error < StandardError; end
|
|
15
15
|
|
|
16
16
|
def log_firewall(request, forced: false)
|
|
17
|
+
return true unless enabled?
|
|
18
|
+
|
|
17
19
|
unless forced
|
|
18
20
|
return true if IGNORE_IP.include?(request.remote_ip)
|
|
19
21
|
return true if IGNORE_REQUEST.include?(request.original_fullpath)
|
|
@@ -32,9 +34,11 @@ module Auth
|
|
|
32
34
|
true
|
|
33
35
|
end
|
|
34
36
|
|
|
35
|
-
def valid_ip?(request)
|
|
37
|
+
def valid_ip?(request, forced: false)
|
|
38
|
+
return true unless enabled?
|
|
39
|
+
|
|
36
40
|
ip_address = request.env['HTTP_X_FORWARDED_FOR'] || request.remote_ip
|
|
37
|
-
return true if IGNORE_IP.include?(ip_address)
|
|
41
|
+
return true if !forced && IGNORE_IP.include?(ip_address)
|
|
38
42
|
|
|
39
43
|
http = HTTP
|
|
40
44
|
.timeout(timeout_seconds)
|
|
@@ -74,6 +78,10 @@ module Auth
|
|
|
74
78
|
def timeout_seconds
|
|
75
79
|
@timeout_seconds ||= (ENV['AUTH_CENTRIC_TIMEOUT_SECONDS'] || 3).to_i
|
|
76
80
|
end
|
|
81
|
+
|
|
82
|
+
def enabled?
|
|
83
|
+
@enabled ||= %w[true 1 yes on enabled].include?(ENV['AUTH_CENTRIC_ENABLED']&.downcase)
|
|
84
|
+
end
|
|
77
85
|
end
|
|
78
86
|
end
|
|
79
87
|
end
|
|
@@ -5,6 +5,7 @@ module Auth
|
|
|
5
5
|
|
|
6
6
|
@host: string
|
|
7
7
|
@apikey: string
|
|
8
|
+
@enabled: bool
|
|
8
9
|
@capture_path: string
|
|
9
10
|
@timeout_seconds: int
|
|
10
11
|
|
|
@@ -13,8 +14,10 @@ module Auth
|
|
|
13
14
|
|
|
14
15
|
private
|
|
15
16
|
|
|
17
|
+
|
|
16
18
|
def host: -> string
|
|
17
19
|
def apikey: -> string
|
|
20
|
+
def enabled?: -> bool
|
|
18
21
|
def capture_path: -> string
|
|
19
22
|
def ip_status_path: -> string
|
|
20
23
|
def timeout_seconds: -> int
|