Add whitelist IP to access Rest API

author: IT Fixcomart <it@fixcomart.co.id> 2022-11-03 10:27:42 +0700
committer: IT Fixcomart <it@fixcomart.co.id> 2022-11-03 10:27:42 +0700
commit: f9db64cedebcc292cbaf7d074b066cc6f8f19ea0 (patch)
tree: fcf0941cdb0dde080753ba62b635db2e7eca0e9a /indoteknik_api/controllers
parent: f1f514d8c2d2ef9e3203b4387794274e137de86b (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/indoteknik_api/controllers/controller.py b/indoteknik_api/controllers/controller.py
index 4653bd1e..00f4b21a 100644
--- a/indoteknik_api/controllers/controller.py
+++ b/indoteknik_api/controllers/controller.py
@@ -10,14 +10,18 @@ from pytz import timezone
 
 class Controller(http.Controller):
     def authenticate(self):
+        wsgienv = request.httprequest.environ
         try:
-            wsgienv = request.httprequest.environ
             db = wsgienv['HTTP_DB']
             username = wsgienv['HTTP_USERNAME']
             password = wsgienv['HTTP_PASSWORD']
             request.session.authenticate(db, username, password)
             return True
         except:
+            remote_address = wsgienv['REMOTE_ADDR']
+            allowed_ip_address = ['127.0.0.1', '34.101.189.218', '34.101.55.147']
+            if remote_address in allowed_ip_address:
+                return True
             return False
 
     def validate_request(self, rules: dict, kw: dict):
author	IT Fixcomart <it@fixcomart.co.id>	2022-11-03 10:27:42 +0700
committer	IT Fixcomart <it@fixcomart.co.id>	2022-11-03 10:27:42 +0700
commit	f9db64cedebcc292cbaf7d074b066cc6f8f19ea0 (patch)
tree	fcf0941cdb0dde080753ba62b635db2e7eca0e9a /indoteknik_api/controllers
parent	f1f514d8c2d2ef9e3203b4387794274e137de86b (diff)