This PR adds support for the "remote" configuration parameter to all the providers except the basic one (static). If set, it will restrict access to a given route for source IPs or networks. This is what it looks like with the file provider:
By default, the remote address from the request is used, however in some cases (proxy in front, docker with bridge network, etc) user may want to use X-Real-IP and X-Forwarded-For headers. This options is off by default, and to turn it on --remote-lookup-headers param or REMOTE_LOOKUP_HEADERS=1 env can be set. It should be used only in trusted environments where bad actors can't set/change those headers.
Implements #119
This PR adds support for the "remote" configuration parameter to all the providers except the basic one (static). If set, it will restrict access to a given route for source IPs or networks. This is what it looks like with the file provider:
By default, the remote address from the request is used, however in some cases (proxy in front, docker with bridge network, etc) user may want to use
X-Real-IP
andX-Forwarded-For
headers. This options is off by default, and to turn it on--remote-lookup-headers
param orREMOTE_LOOKUP_HEADERS=1
env can be set. It should be used only in trusted environments where bad actors can't set/change those headers.