banquise/pelican-panel-banquise
13
0
Fork 0
forked from banquise/pelican-panel-mirror
Code Issues 1 Pull Requests Actions Activity
pelican-panel-banquise/app/Http/Middleware/Api/AuthenticateIPAccess.php
Matt Malec df64026449
Update AuthenticateIPAccess.php 
Fix a 500 error when processing a request with an IP filter
2020-11-08 21:57:22 -05:00

41 lines
1.1 KiB
PHP
Raw Blame History

<?php
namespace Pterodactyl\Http\Middleware\Api;
use Closure;
use IPTools\IP;
use IPTools\Range;
use Illuminate\Http\Request;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
class AuthenticateIPAccess
{
/**
* Determine if a request IP has permission to access the API.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*
* @throws \Exception
* @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
*/
public function handle(Request $request, Closure $next)
{
$model = $request->attributes->get('api_key');
if (is_null($model->allowed_ips) || empty($model->allowed_ips)) {
return $next($request);
}
$find = new IP($request->ip());
foreach ($model->allowed_ips as $ip) {
if (Range::parse($ip)->contains($find)) {
return $next($request);
}
}
throw new AccessDeniedHttpException('This IP address (' . $request->ip() . ') does not have permission to access the API using these credentials.');
}
}
Reference in New Issue View Git Blame Copy Permalink