diff options
| author | Ognjen Cirkovic <ciraboxkg@gmail.com> | 2022-04-18 14:56:42 +0200 |
|---|---|---|
| committer | Danijel Anđelković <adanijel99@gmail.com> | 2022-04-23 00:53:52 +0200 |
| commit | cbd44c7964b74e0292a96737cc47aae7cfa0c77d (patch) | |
| tree | 3615c897a6b2c9eb3303e76a4e055aa36f9d9046 | |
| parent | f897b364af1c814ef2ffed2da989c4e35947a4cb (diff) | |
Napravljen Filter za ml api ip adresu. Tako da samo ml moze da poziva odredjene api pozive na back-u.
| -rw-r--r-- | backend/api/api/Program.cs | 9 | ||||
| -rw-r--r-- | backend/api/api/Services/MlApiCheckActionFilter.cs | 50 | ||||
| -rw-r--r-- | backend/api/api/appsettings.json | 3 |
3 files changed, 60 insertions, 2 deletions
diff --git a/backend/api/api/Program.cs b/backend/api/api/Program.cs index 71509b38..56abc016 100644 --- a/backend/api/api/Program.cs +++ b/backend/api/api/Program.cs @@ -39,7 +39,14 @@ builder.Services.AddScoped<IExperimentService, ExperimentService>(); builder.Services.AddHostedService<TempFileService>(); builder.Services.AddHostedService<FillAnEmptyDb>(); - +//Ml Api Ip Filter +builder.Services.AddScoped<MlApiCheckActionFilter>(container => +{ + var loggerFactory = container.GetRequiredService<ILoggerFactory>(); + var logger=loggerFactory.CreateLogger<MlApiCheckActionFilter>(); + var MlIp = builder.Configuration.GetValue<string>("AppSettings:MlIp"); + return new MlApiCheckActionFilter(MlIp, logger); +}); diff --git a/backend/api/api/Services/MlApiCheckActionFilter.cs b/backend/api/api/Services/MlApiCheckActionFilter.cs new file mode 100644 index 00000000..d1c020b0 --- /dev/null +++ b/backend/api/api/Services/MlApiCheckActionFilter.cs @@ -0,0 +1,50 @@ +using System.Net; +using Microsoft.AspNetCore.Mvc; +using Microsoft.AspNetCore.Mvc.Filters; + +namespace api.Services +{ + public class MlApiCheckActionFilter:ActionFilterAttribute + { + private readonly ILogger _logger; + private readonly string _safelist; + + public MlApiCheckActionFilter(string safelist,ILogger logger) + { + _logger = logger; + _safelist = safelist; + } + public override void OnActionExecuting(ActionExecutingContext context) + { + var remoteIp = context.HttpContext.Connection.RemoteIpAddress; + _logger.LogDebug("Remote IpAddress: {RemoteIp}", remoteIp); + var ip = _safelist.Split(';'); + var badIp = true; + + if (remoteIp.IsIPv4MappedToIPv6) + { + remoteIp = remoteIp.MapToIPv4(); + } + + foreach (var address in ip) + { + var testIp = IPAddress.Parse(address); + + if (testIp.Equals(remoteIp)) + { + badIp = false; + break; + } + } + + if (badIp) + { + _logger.LogWarning("Forbidden Request from IP: {RemoteIp}", remoteIp); + context.Result = new StatusCodeResult(StatusCodes.Status403Forbidden); + return; + } + + base.OnActionExecuting(context); + } + } +} diff --git a/backend/api/api/appsettings.json b/backend/api/api/appsettings.json index e96549a8..c2310978 100644 --- a/backend/api/api/appsettings.json +++ b/backend/api/api/appsettings.json @@ -2,7 +2,8 @@ "AppSettings": { "JwtToken": "2mnttqPtRb4GIWHFtagm", "MlApi": "http://127.0.0.1:5543", - "FrontApi": "http://localhost:4200" + "FrontApi": "http://localhost:4200", + "MlIp":"127.0.0.1;::1" }, "Logging": { "LogLevel": { |