|
|
@@ -36,6 +36,7 @@ import (
|
|
|
"imuslab.com/arozos/mod/auth/accesscontrol/whitelist"
|
|
|
"imuslab.com/arozos/mod/auth/authlogger"
|
|
|
db "imuslab.com/arozos/mod/database"
|
|
|
+ "imuslab.com/arozos/mod/network"
|
|
|
)
|
|
|
|
|
|
type AuthAgent struct {
|
|
|
@@ -234,14 +235,25 @@ func (a *AuthAgent) ValidateUsernameAndPasswordWithReason(username string, passw
|
|
|
|
|
|
//Validate the user request for login
|
|
|
func (a *AuthAgent) ValidateLoginRequest(w http.ResponseWriter, r *http.Request) (bool, error) {
|
|
|
+ //Get the ip address of the request
|
|
|
+ clientIP, err := network.GetIpFromRequest(r)
|
|
|
+ if err != nil {
|
|
|
+ return false, nil
|
|
|
+ }
|
|
|
+
|
|
|
+ return a.ValidateLoginIpAccess(clientIP)
|
|
|
+}
|
|
|
+
|
|
|
+func (a *AuthAgent) ValidateLoginIpAccess(ipv4 string) (bool, error) {
|
|
|
+ ipv4 = strings.ReplaceAll(ipv4, " ", "")
|
|
|
//Check if the account is whitelisted
|
|
|
- if a.WhitelistManager.Enabled && !a.WhitelistManager.CheckIsWhitelistedByRequest(r) {
|
|
|
+ if a.WhitelistManager.Enabled && !a.WhitelistManager.IsWhitelisted(ipv4) {
|
|
|
//Whitelist enabled but this IP is not whitelisted
|
|
|
return false, errors.New("Your IP is not whitelisted on this host")
|
|
|
}
|
|
|
|
|
|
//Check if the account is banned
|
|
|
- if a.BlacklistManager.Enabled && a.BlacklistManager.CheckIsBannedByRequest(r) {
|
|
|
+ if a.BlacklistManager.Enabled && a.BlacklistManager.IsBanned(ipv4) {
|
|
|
//This user is banned
|
|
|
return false, errors.New("Your IP is banned by this host")
|
|
|
}
|
tobychui