Package source implements a custom predicate to match routes based on the source IP of a request.
It is similar in function and usage to the header predicate but has explicit support for IP adresses and netmasks to conveniently create routes based on a whole network of adresses, like a company network or something similar.
It is important to note, that this predicate should not be used as the only gatekeeper for secure endpoints. Always use proper authorization and authentication for access control!
To enable usage of this predicate behind loadbalancers or proxies, the X-Forwared-For header is used to determine the source of a request if it is available. If the X-Forwarded-For header is not present or does not contain a valid source address, the source IP of the incoming request is used for matching.
The source predicate supports one or more IP addresses with or without a netmask.
There are two flavors of this predicate Source() and SourceFromLast(). The difference is that Source() finds the remote host as first entry from the X-Forwarded-For header and SourceFromLast() as last entry.
// only match requests from 220.127.116.11 example1: Source("18.104.22.168") -> "http://example.org"; // only match requests from 22.214.171.124 - 126.96.36.199 example2: Source("188.8.131.52/24") -> "http://example.org"; // only match requests from 184.108.40.206 and the 220.127.116.11/24 network example3: Source("18.104.22.168", "22.214.171.124/24") -> "http://example.org"; // same as example3, only match requests from 126.96.36.199 and the 188.8.131.52/24 network example4: SourceFromLast("184.108.40.206", "220.127.116.11/24") -> "http://example.org";
const ( Name = "Source" NameLast = "SourceFromLast" )