Add functions to check ip and domain have access

snapp-incubator · Sep 5, 2023 · 9356051 · 9356051
1 parent 937f807
commit 9356051
Showing 1 changed file with 31 additions and 0 deletions.
diff --git a/pkg/auth/authenticator.go b/pkg/auth/authenticator.go
@@ -2,7 +2,9 @@ package auth
 
 import (
 	"context"
+	"net"
 	"net/http"
+	"regexp"
 	"sync"
 
 	"github.com/go-logr/logr"
@@ -230,3 +232,32 @@ func NewAuthenticator(logger logr.Logger) (*Authenticator, error) {
 	}
 	return &a, nil
 }
+
+func CheckIP(ip string, ipAllowList []string) (bool, error) {
+	clientIP := net.ParseIP(ip)
+
+	for _, AllowedRangeIP := range ipAllowList {
+		_, subnet, err := net.ParseCIDR(AllowedRangeIP)
+		if err != nil {
+			return false, err
+		}
+
+		if subnet.Contains(clientIP) {
+			return true, nil
+		}
+	}
+	return false, nil
+}
+
+func CheckDomain(domain string, domainAllowedList []string) (bool, error) {
+	for _, pattern := range domainAllowedList {
+		matched, err := regexp.MatchString(pattern, domain)
+		if err != nil {
+			return false, err
+		}
+		if matched {
+			return true, nil
+		}
+	}
+	return false, nil
+}