Merge pull request #6 from eclipserporg/feature/restrict_to_local

Restrict access to localhost
eclipserporg · Oct 25, 2023 · c629475 · c629475
2 parents deedef7 + beaa9a6
commit c629475
Show file tree

Hide file tree

Showing 3 changed files with 40 additions and 31 deletions.
diff --git a/Controllers/DiscordController.cs b/Controllers/DiscordController.cs
@@ -1,4 +1,3 @@
-using app.Apis;
 using app.Models;
 using app.Services;
 using Microsoft.AspNetCore.Authorization;

diff --git a/Program.cs b/Program.cs
@@ -1,12 +1,7 @@
 using app.Services;
 using app.Settings;
 using app;
-using Microsoft.AspNetCore.Authentication.JwtBearer;
-using Microsoft.IdentityModel.Tokens;
-using System.Text;
-using Microsoft.OpenApi.Models;
 using app.Models;
-using Microsoft.Extensions.Configuration;
 using app.Middlewares;
 using Microsoft.AspNetCore.Authentication;
 
@@ -22,7 +17,6 @@
 builder.Services.AddRefitServices(serverApiSettings);
 builder.Services.AddControllers();
 builder.Services.AddEndpointsApiExplorer();
-builder.Services.AddSwaggerGen();
 builder.Services.AddSingleton<DiscordService>();
 builder.Services.AddSingleton<LoginService>();
 builder.Services.AddSingleton<RunnerService>();
@@ -31,29 +25,7 @@
 builder.Services.AddAuthentication("BasicAuthentication")
         .AddScheme<AuthenticationSchemeOptions, BasicAuthenticationHandler>("BasicAuthentication", null);
 
-builder.Services.AddSwaggerGen(c =>
-{
-    c.SwaggerDoc("v1", new OpenApiInfo { Title = "Your API", Version = "v1" });
-    c.AddSecurityDefinition("Basic", new OpenApiSecurityScheme
-    {
-        Name = "Authorization",
-        Type = SecuritySchemeType.Http,
-        Scheme = "basic",
-        In = ParameterLocation.Header,
-        Description = "Basic Authorization header."
-    });
-    c.AddSecurityRequirement(new OpenApiSecurityRequirement
-    {
-        {
-            new OpenApiSecurityScheme
-            {
-                Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Basic" }
-            },
-            new string[] { }
-        }
-    });
-});
-
+builder.Services.AddSwaggerServices();
 
 var app = builder.Build();
 
@@ -70,5 +42,15 @@
 app.UseAuthentication();
 app.UseAuthorization();
 
+app.Use(async (context, next) =>
+{
+    if (!context.Connection.RemoteIpAddress.Equals(context.Connection.LocalIpAddress))
+    {
+        context.Response.StatusCode = 403;
+        return;
+    }
+    await next.Invoke();
+});
+
 app.MapControllers();
 app.Run();
diff --git a/ServiceExtensions.cs b/ServiceExtensions.cs
@@ -1,5 +1,6 @@
 using app.Apis;
 using app.Settings;
+using Microsoft.OpenApi.Models;
 using Refit;
 using System.Net.Http.Headers;
 using System.Text;
@@ -10,13 +11,40 @@ public static class ServiceExtensions
     {
         public static IServiceCollection AddRefitServices(this IServiceCollection collection, ServerApiSettings serverApiSettings)
         {
-            collection.AddRefitClient<IServerDiscordApi>().ConfigureHttpClient( c =>
+            collection.AddRefitClient<IServerDiscordApi>().ConfigureHttpClient(c =>
             {
                 c.BaseAddress = new Uri(serverApiSettings.Url);
                 c.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("basic", Convert.ToBase64String(Encoding.ASCII.GetBytes($"{serverApiSettings.Username}:{serverApiSettings.Password}")));
             });
 
             return collection;
         }
+
+        public static IServiceCollection AddSwaggerServices(this IServiceCollection collection)
+        {
+            collection.AddSwaggerGen(c =>
+            {
+                c.SwaggerDoc("v1", new OpenApiInfo { Title = "Your API", Version = "v1" });
+                c.AddSecurityDefinition("Basic", new OpenApiSecurityScheme
+                {
+                    Name = "Authorization",
+                    Type = SecuritySchemeType.Http,
+                    Scheme = "basic",
+                    In = ParameterLocation.Header,
+                    Description = "Basic Authorization header."
+                });
+                c.AddSecurityRequirement(new OpenApiSecurityRequirement
+                {
+                    {
+                        new OpenApiSecurityScheme
+                        {
+                            Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Basic" }
+                        },
+                        Array.Empty<string>()
+                    }
+                });
+            });
+            return collection;
+        }
     }
 }