ci-bonfire /
Sprint
| @@ 280-294 (lines=15) @@ | ||
| 277 | * in the api config file. If any are found, the client is refused |
|
| 278 | * access immediately. |
|
| 279 | */ |
|
| 280 | public function checkIPBlacklist() |
|
| 281 | { |
|
| 282 | $blacklist = explode(',', config_item('api.ip_blacklist')); |
|
| 283 | ||
| 284 | array_walk($blacklist, function (&$item, $key) { |
|
| 285 | $item = trim($item); |
|
| 286 | }); |
|
| 287 | ||
| 288 | if (in_array($this->ci->input->ip_address(), $blacklist)) |
|
| 289 | { |
|
| 290 | throw new \Exception( lang('api.ip_denied'), 401); |
|
| 291 | } |
|
| 292 | ||
| 293 | return true; |
|
| 294 | } |
|
| 295 | ||
| 296 | //-------------------------------------------------------------------- |
|
| 297 | ||
| @@ 303-319 (lines=17) @@ | ||
| 300 | * in the api config file. If the client is not accessing the site |
|
| 301 | * from one of those addresses then their access is denied. |
|
| 302 | */ |
|
| 303 | public function checkIPWhitelist() |
|
| 304 | { |
|
| 305 | $whitelist = explode(',', config_item('api.ip_whitelist')); |
|
| 306 | ||
| 307 | array_push($whitelist, '127.0.0.1', '0.0.0.0'); |
|
| 308 | ||
| 309 | array_walk($whitelist, function (&$item, $key) { |
|
| 310 | $item = trim($item); |
|
| 311 | }); |
|
| 312 | ||
| 313 | if (! in_array($this->ci->input->ip_address(), $whitelist)) |
|
| 314 | { |
|
| 315 | throw new \Exception( lang('api.ip_denied'), 401); |
|
| 316 | } |
|
| 317 | ||
| 318 | return true; |
|
| 319 | } |
|
| 320 | ||
| 321 | //-------------------------------------------------------------------- |
|
| 322 | ||
