ci-bonfire /
Sprint
| @@ 297-311 (lines=15) @@ | ||
| 294 | * in the api config file. If any are found, the client is refused |
|
| 295 | * access immediately. |
|
| 296 | */ |
|
| 297 | public function checkIPBlacklist() |
|
| 298 | { |
|
| 299 | $blacklist = explode(',', config_item('api.ip_blacklist')); |
|
| 300 | ||
| 301 | array_walk($blacklist, function (&$item, $key) { |
|
| 302 | $item = trim($item); |
|
| 303 | }); |
|
| 304 | ||
| 305 | if (in_array($this->ci->input->ip_address(), $blacklist)) |
|
| 306 | { |
|
| 307 | throw new \Exception( lang('api.ip_denied'), 401); |
|
| 308 | } |
|
| 309 | ||
| 310 | return true; |
|
| 311 | } |
|
| 312 | ||
| 313 | //-------------------------------------------------------------------- |
|
| 314 | ||
| @@ 320-336 (lines=17) @@ | ||
| 317 | * in the api config file. If the client is not accessing the site |
|
| 318 | * from one of those addresses then their access is denied. |
|
| 319 | */ |
|
| 320 | public function checkIPWhitelist() |
|
| 321 | { |
|
| 322 | $whitelist = explode(',', config_item('api.ip_whitelist')); |
|
| 323 | ||
| 324 | array_push($whitelist, '127.0.0.1', '0.0.0.0'); |
|
| 325 | ||
| 326 | array_walk($whitelist, function (&$item, $key) { |
|
| 327 | $item = trim($item); |
|
| 328 | }); |
|
| 329 | ||
| 330 | if (! in_array($this->ci->input->ip_address(), $whitelist)) |
|
| 331 | { |
|
| 332 | throw new \Exception( lang('api.ip_denied'), 401); |
|
| 333 | } |
|
| 334 | ||
| 335 | return true; |
|
| 336 | } |
|
| 337 | ||
| 338 | //-------------------------------------------------------------------- |
|
| 339 | ||
