IP whitelisting

2 files changed, 10 insertions, 5 deletions

diff --git a/controllers/galleryController.js b/controllers/galleryController.js
index f2e914c..c7ea726 100644
--- a/controllers/galleryController.js
+++ b/controllers/galleryController.js
@@ -4,8 +4,9 @@ const db = require('knex')(config.database)
 let galleryController = {}
 
 galleryController.list = function(req, res, next){
-	//if(!config.privacy.public)
-		//if(!config.privacy.IPs.includes(req.ip)) return res.status(401).send('Not Authorized!')
+	
+	if(!config.privacy.public)
+		if(!config.privacy.IPs.includes(req.ip)) return res.status(401).send('Not Authorized!')
 
 	db.table('gallery').select('id', 'name').then((data) => {
 		res.json({ data })
@@ -13,8 +14,9 @@ galleryController.list = function(req, res, next){
 }
 
 galleryController.test = function(req, res, next){
-	//if(!config.privacy.public)
-		//if(!config.privacy.IPs.includes(req.ip)) return res.status(401).send('Not Authorized!')
+	
+	if(!config.privacy.public)
+		if(!config.privacy.IPs.includes(req.ip)) return res.status(401).send('Not Authorized!')
 
 	let testdata = [
 		{name: 'Test 1'},
diff --git a/routes/routes.js b/routes/routes.js
index 2b59790..2e8005c 100644
--- a/routes/routes.js
+++ b/routes/routes.js
@@ -4,7 +4,10 @@ const uploadController = require('../controllers/uploadController')
 const galleryController = require('../controllers/galleryController')
 
 routes.get  ('/info', (req, res, next) => {
-	res.json({
+	if(!config.privacy.public)
+		if(!config.privacy.IPs.includes(req.ip)) return res.status(401).send('Not Authorized!')
+
+	return res.json({
 		maxFileSize: config.uploads.maxsize.slice(0, -2),
 		urlPrefix: config.uploads.prefix
 	})