diff --git a/phpunit.xml.dist b/phpunit.xml.dist index 22fe879..764a2f2 100755 --- a/phpunit.xml.dist +++ b/phpunit.xml.dist @@ -22,7 +22,7 @@ - + diff --git a/src/IpMiddleware.php b/src/IpMiddleware.php index eb88917..2d0da44 100644 --- a/src/IpMiddleware.php +++ b/src/IpMiddleware.php @@ -22,6 +22,7 @@ class IpMiddleware /** * IpMiddleware constructor. + * * @param Application $application * @param Repository $config */ @@ -37,12 +38,15 @@ public function __construct(Application $application, Repository $config) * @param Request $request * @param Closure $next * @param array $allowedIp + * * @return mixed */ public function handle($request, Closure $next, ...$allowedIp) { + $clientIp = $request->server('HTTP_CF_CONNECTING_IP') ?? $request->ip(); + if (! $this->application->environment($this->config->get('ip-middleware.ignore_environments')) && - !in_array($request->ip(), Arr::flatten($allowedIp)) + ! in_array($clientIp, Arr::flatten($allowedIp)) ) { abort(Response::HTTP_FORBIDDEN); } diff --git a/tests/IpMiddlewareTest.php b/tests/IpMiddlewareTest.php index 85d50ea..3b30cab 100644 --- a/tests/IpMiddlewareTest.php +++ b/tests/IpMiddlewareTest.php @@ -8,24 +8,58 @@ class IpMiddlewareTest extends TestCase { - public function testFails() + /** + * @var IpMiddleware + */ + private $middleware; + + protected function setUp(): void + { + parent::setUp(); + + $this->middleware = $this->app->make(IpMiddleware::class); + } + + public function testBlocksIfIpIsNotWhitelisted() { - $this->withoutExceptionHandling(); $this->expectException(HttpException::class); - $middleware = $this->app->make(IpMiddleware::class); $request = Request::create('/', 'GET', [], [], [], ['REMOTE_ADDR' => '1.1.1.0']); - $middleware->handle($request, function () { - }, '1.1.1.1'); + $this->middleware->handle($request, function () { + }, '1.1.1.1,2.2.2.2'); } - public function testPasses() + public function testAllowsWithCloudflareIpAddress() + { + $request = Request::create('/', 'GET', [], [], [], ['HTTP_CF_CONNECTING_IP' => '2.1.1.1']); + + $result = $this->middleware->handle($request, function () { + return true; + }, '2.1.1.1'); + + $this->assertTrue($result); + } + + public function testAllowsIfIpIsWhitelisted() { - $this->withoutExceptionHandling(); - $middleware = new IpMiddleware(); $request = Request::create('/', 'GET', [], [], [], ['REMOTE_ADDR' => '1.1.1.1']); - $middleware->handle($request, function () { + $result = $this->middleware->handle($request, function () { + return true; }, '1.1.1.1'); + + $this->assertTrue($result); + } + + public function testAllowsIfEnvironmentIsIgnored() + { + app()['config']->set('ip-middleware.ignore_environments', ['testing']); + $request = Request::create('/', 'GET', [], [], [], ['REMOTE_ADDR' => '1.1.1.0']); + + $result = $this->middleware->handle($request, function () { + return true; + }, '1.1.1.1'); + + $this->assertTrue($result); } } diff --git a/tests/TestCase.php b/tests/TestCase.php index 4902ef6..e2e0afe 100644 --- a/tests/TestCase.php +++ b/tests/TestCase.php @@ -19,14 +19,4 @@ protected function getPackageProviders($app) LaravelIpMiddlewareServiceProvider::class, ]; } - - /** - * Set up the environment. - * - * @param Application $app - */ - protected function getEnvironmentSetUp($app) - { - $app['config']->set('database.default', 'testing'); - } }