From f9db64cedebcc292cbaf7d074b066cc6f8f19ea0 Mon Sep 17 00:00:00 2001
From: IT Fixcomart <it@fixcomart.co.id>
Date: Thu, 3 Nov 2022 10:27:42 +0700
Subject: Add whitelist IP to access Rest API

---
 indoteknik_api/controllers/controller.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'indoteknik_api/controllers/controller.py')

diff --git a/indoteknik_api/controllers/controller.py b/indoteknik_api/controllers/controller.py
index 4653bd1e..00f4b21a 100644
--- a/indoteknik_api/controllers/controller.py
+++ b/indoteknik_api/controllers/controller.py
@@ -10,14 +10,18 @@ from pytz import timezone
 
 class Controller(http.Controller):
     def authenticate(self):
+        wsgienv = request.httprequest.environ
         try:
-            wsgienv = request.httprequest.environ
             db = wsgienv['HTTP_DB']
             username = wsgienv['HTTP_USERNAME']
             password = wsgienv['HTTP_PASSWORD']
             request.session.authenticate(db, username, password)
             return True
         except:
+            remote_address = wsgienv['REMOTE_ADDR']
+            allowed_ip_address = ['127.0.0.1', '34.101.189.218', '34.101.55.147']
+            if remote_address in allowed_ip_address:
+                return True
             return False
 
     def validate_request(self, rules: dict, kw: dict):
-- 
cgit v1.2.3