@akemona-org/strapi-admin 3.14.2 → 3.15.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -20,6 +20,11 @@ module.exports = {
|
|
|
20
20
|
return ctx.badImplementation();
|
|
21
21
|
}
|
|
22
22
|
|
|
23
|
+
const accessAllowed = strapi.admin.services.auth.checkNetworkAccess(ctx.request.ip);
|
|
24
|
+
if (!accessAllowed) {
|
|
25
|
+
return ctx.badRequest('Access is not allowed from this network.');
|
|
26
|
+
}
|
|
27
|
+
|
|
23
28
|
if (!user) {
|
|
24
29
|
strapi.eventHub.emit('admin.auth.error', {
|
|
25
30
|
error: new Error(info.message),
|
|
@@ -23,6 +23,11 @@ module.exports = (strapi) => ({
|
|
|
23
23
|
return ctx.forbidden('Invalid credentials');
|
|
24
24
|
}
|
|
25
25
|
|
|
26
|
+
const accessAllowed = strapi.admin.services.auth.checkNetworkAccess(ctx.request.ip);
|
|
27
|
+
if (!accessAllowed) {
|
|
28
|
+
return ctx.forbidden('Invalid network');
|
|
29
|
+
}
|
|
30
|
+
|
|
26
31
|
ctx.state.admin = admin;
|
|
27
32
|
ctx.state.user = admin;
|
|
28
33
|
ctx.state.userAbility =
|
package/package.json
CHANGED
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
"publishConfig": {
|
|
4
4
|
"access": "public"
|
|
5
5
|
},
|
|
6
|
-
"version": "3.
|
|
6
|
+
"version": "3.15.1",
|
|
7
7
|
"description": "Strapi Admin",
|
|
8
8
|
"repository": {
|
|
9
9
|
"type": "git",
|
|
@@ -17,8 +17,8 @@
|
|
|
17
17
|
},
|
|
18
18
|
"main": "index.js",
|
|
19
19
|
"dependencies": {
|
|
20
|
-
"@akemona-org/strapi-helper-plugin": "3.
|
|
21
|
-
"@akemona-org/strapi-utils": "3.
|
|
20
|
+
"@akemona-org/strapi-helper-plugin": "3.15.1",
|
|
21
|
+
"@akemona-org/strapi-utils": "3.15.1",
|
|
22
22
|
"@babel/core": "^7.14.0",
|
|
23
23
|
"@babel/plugin-proposal-async-generator-functions": "^7.13.15",
|
|
24
24
|
"@babel/plugin-proposal-class-properties": "^7.12.1",
|
|
@@ -125,5 +125,5 @@
|
|
|
125
125
|
"devDependencies": {
|
|
126
126
|
"webpack-bundle-analyzer": "4.4.0"
|
|
127
127
|
},
|
|
128
|
-
"gitHead": "
|
|
128
|
+
"gitHead": "f4c98c57d5309f2d463e432a98274bc631ff3193"
|
|
129
129
|
}
|
package/services/auth.js
CHANGED
|
@@ -19,6 +19,22 @@ const hashPassword = (password) => bcrypt.hash(password, 10);
|
|
|
19
19
|
*/
|
|
20
20
|
const validatePassword = (password, hash) => bcrypt.compare(password, hash);
|
|
21
21
|
|
|
22
|
+
/**
|
|
23
|
+
*
|
|
24
|
+
* @param {string} ip
|
|
25
|
+
* @returns {boolean} is allowed
|
|
26
|
+
*/
|
|
27
|
+
const checkNetworkAccess = (ip) => {
|
|
28
|
+
if (process.env.STRAPI_ADMIN_ENABLE_NETWORK_CHECK === 'true') {
|
|
29
|
+
const ipListStr = process.env.STRAPI_ADMIN_ALLOWED_IP_LIST ?? '';
|
|
30
|
+
const allowedList = ipListStr.split(',').map((item) => item.trim());
|
|
31
|
+
if (!allowedList.includes(ip)) {
|
|
32
|
+
return false;
|
|
33
|
+
}
|
|
34
|
+
}
|
|
35
|
+
return true;
|
|
36
|
+
};
|
|
37
|
+
|
|
22
38
|
/**
|
|
23
39
|
* Check login credentials
|
|
24
40
|
* @param {Object} options
|
|
@@ -105,6 +121,7 @@ const resetPassword = async ({ resetPasswordToken, password } = {}) => {
|
|
|
105
121
|
};
|
|
106
122
|
|
|
107
123
|
module.exports = {
|
|
124
|
+
checkNetworkAccess,
|
|
108
125
|
checkCredentials,
|
|
109
126
|
validatePassword,
|
|
110
127
|
hashPassword,
|