diff --git a/CHANGELOG.md b/CHANGELOG.md index 326bfc49de..74cb3f7e61 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,7 @@ This project adheres to [Semantic Versioning](http://semver.org/). ### Added - Method to overwrite the module's header. [See documentation.](https://github.com/MichMich/MagicMirror/tree/develop/modules#getheader) +- Option to limit access to certain IP addresses based on the value of `ipWhitelist` in the `config.js`, default is access from localhost only (Issue [#456](https://github.com/MichMich/MagicMirror/issues/456)) ### Updated - Modified translations for Frysk. diff --git a/README.md b/README.md index 8e44f42b70..856ab6e041 100644 --- a/README.md +++ b/README.md @@ -77,6 +77,8 @@ The following properties can be configured: | **Option** | **Description** | | --- | --- | | `port` | The port on which the MagicMirror² server will run on. The default value is `8080`. | +| `ipWhitelist` | The list of IPs from which you are allowed to access the MagicMirror². The default value is `["127.0.0.1", "::ffff:127.0.0.1"]`.It is possible to specify IPs with subnet masks (`["127.0.0.1", "127.0.0.1/24"]`) or define ip ranges (`["127.0.0.1", ["192.168.0.1", "192.168.0.100"]]`). + | | `kioskmode` | This allows MagicMirror² to run in Kiosk Mode. It protects from other programs popping on top of your screen. The default value is `false`| | `language` | The language of the interface. (Note: Not all elements will be localized.) Possible values are `en`, `nl`, `ru`, `fr`, etc., but the default value is `en`. | | `timeFormat` | The form of time notation that will be used. Possible values are `12` or `24`. The default is `24`. | diff --git a/config/config.js.sample b/config/config.js.sample index 04c7fba99a..269492baa4 100644 --- a/config/config.js.sample +++ b/config/config.js.sample @@ -6,6 +6,7 @@ var config = { port: 8080, + ipWhitelist: ["127.0.0.1", "::ffff:127.0.0.1"], language: 'en', timeFormat: 24, diff --git a/js/defaults.js b/js/defaults.js index 0688595c8f..e2ee615131 100644 --- a/js/defaults.js +++ b/js/defaults.js @@ -10,6 +10,7 @@ var defaults = { port: 8080, kioskmode: false, + ipWhitelist: ["127.0.0.1", "::ffff:127.0.0.1"], language: "en", timeFormat: 24, diff --git a/js/server.js b/js/server.js index 2ab0b1b9de..e1a909469b 100644 --- a/js/server.js +++ b/js/server.js @@ -10,11 +10,23 @@ var app = require("express")(); var server = require("http").Server(app); var io = require("socket.io")(server); var path = require("path"); +var ipfilter = require("express-ipfilter").IpFilter; var Server = function(config, callback) { console.log("Starting server op port " + config.port + " ... "); server.listen(config.port); + + app.use(function(req, res, next) { + var result = ipfilter(config.ipWhitelist, {mode: "allow", log: false})(req, res, function(err) { + if (err === undefined) { + return next(); + } + console.log(err.message); + res.status(403).send("This device is not allowed to access your mirror.
Please check your config.js or config.js.sample to change this."); + }); + }); + app.use("/js", express.static(__dirname)); app.use("/config", express.static(path.resolve(__dirname + "/../config"))); app.use("/css", express.static(path.resolve(__dirname + "/../css"))); diff --git a/package.json b/package.json index afdad5f610..cfef5f85fd 100644 --- a/package.json +++ b/package.json @@ -39,6 +39,7 @@ "dependencies": { "electron-prebuilt": "^0.37.2", "express": "^4.14.0", + "express-ipfilter": "latest", "feedme": "latest", "iconv-lite": "latest", "moment": "latest",