Hi!
I’m trying to implement IP whitelisting to the application, only the users from the IP list should have access to the application.
I’ve tried to use the following middleware function, but the status change to 403 is ignored, status is
always 200 and everything is working regardless of the user IP.
But i get the “not allowed…” message in log though…
Any thoughts…??
Thanks…
app.use(function (req, res, next) {
app.set('allowedIPs', allowedIPs);
const ip = req.headers['x-forwarded-for'] || (req.connection || {}).remoteAddress;
console.info("IP: " + ip);
if (allowedIPs.includes(ip)) {
console.info("allowed...");
return next();
} else {
console.info("not allowed...");
return res.status(403).send({error: { status:403, message:'Access denied.'}});
}
});