From c9280d286577254aa88279919c7e6a63b5c1ccdb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=82=A0=E9=9D=99=E8=90=9D=E8=8E=89?= Date: Thu, 11 Jan 2024 01:26:51 +0800 Subject: [PATCH] feat: add new options --- README.md | 3 +++ .../ip-filter-options.interfaces.ts | 5 +++++ lib/ip-filter.guard.ts | 8 ++++++-- lib/ip-filter.service.ts | 19 +++++++++++++++---- package.json | 2 +- 5 files changed, 30 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 2695b26..c944fc8 100644 --- a/README.md +++ b/README.md @@ -29,6 +29,7 @@ First register the filter in `app.module.ts`, The sample code shows the IP addre ```typescript IpFilterModule.register({ + isGlobal: true, mode: 'deny', trustProxy: true, ip: { @@ -53,6 +54,7 @@ getHello(): string { | Name | Type | Default | Description | |------------|---------------------|-----------|----------------------------------------------------------------------| +| isGlobal | boolean | false | enabling this option will filter all routes | | mode | string | deny | deny or allow | | trustProxy | boolean or string[] | false | trust proxy headers | | ip.list | string[] | undefined | list of IPs | @@ -63,6 +65,7 @@ getHello(): string { ```txt { + isGlobal: true, mode: 'deny', trustProxy: true, ip: { diff --git a/lib/interfaces/ip-filter-options.interfaces.ts b/lib/interfaces/ip-filter-options.interfaces.ts index e2bc05a..e68a073 100644 --- a/lib/interfaces/ip-filter-options.interfaces.ts +++ b/lib/interfaces/ip-filter-options.interfaces.ts @@ -15,6 +15,11 @@ export type IpFilterModuleOptions = { * If-select array, only the incoming proxy server is trusted, otherwise it is rejected. */ trustProxy?: boolean | string[]; + /** + * Enabling this option will filter all routes\ + * Default: false + */ + isGlobal?: boolean; }; export type IpOptions = { diff --git a/lib/ip-filter.guard.ts b/lib/ip-filter.guard.ts index 3c185af..0cde80c 100644 --- a/lib/ip-filter.guard.ts +++ b/lib/ip-filter.guard.ts @@ -25,16 +25,20 @@ export class IpFilterGuard implements CanActivate { canActivate( context: ExecutionContext, ): Promise | Observable | boolean { - const request = context.switchToHttp().getRequest(); - const clientIp: string = getIp(request, this.ipFilterService.options); // get guard const guard = this.reflector.get('ipFilter', context.getHandler()); + // if not global and guard is not defined, then skip ip filter + if (!this.ipFilterService.isGlobal && guard === undefined) { + return true; + } // if set guard to false, then skip ip filter if (guard === false) { return true; } + const request = context.switchToHttp().getRequest(); + const clientIp: string = getIp(request, this.ipFilterService.options); const blockList = new BlockList(); if (this.ipFilterService.ipList) { diff --git a/lib/ip-filter.service.ts b/lib/ip-filter.service.ts index d6bcea7..1b6b133 100644 --- a/lib/ip-filter.service.ts +++ b/lib/ip-filter.service.ts @@ -8,17 +8,28 @@ import { MODULE_OPTIONS_TOKEN } from './ip-filter.module-definition'; export class IpFilterService { mode: IpFilterMode; trustProxy: boolean | string[]; + isGlobal: boolean; private _ip: IpOptions; constructor( @Inject(MODULE_OPTIONS_TOKEN) - readonly options: IpFilterModuleOptions, + private readonly _options: IpFilterModuleOptions, ) { - this.mode = options.mode ?? 'deny'; - this.trustProxy = options.trustProxy ?? false; + this.mode = _options.mode ?? 'deny'; + this.trustProxy = _options.trustProxy ?? false; + this.isGlobal = _options.isGlobal ?? false; - this._ip = options.ip; + this._ip = _options.ip; + } + + get options(): IpFilterModuleOptions { + return { + mode: this.mode, + trustProxy: this.trustProxy, + isGlobal: this.isGlobal, + ip: this._ip, + }; } get ipList(): string[] { diff --git a/package.json b/package.json index 4e39813..0ad1784 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@timi137/nestjs-ipfilter", - "version": "0.1.3", + "version": "0.1.4", "description": "IP filter module for Nest framework (node.js) 🌎", "author": "悠静 ", "license": "MIT",