package middleware

import (
	"app/commons/core"
	"github.com/gin-gonic/gin"
	"net/http"
)

// IPWhitelist 创建一个 IP 白名单中间件

func IPWhitelist(allowedIPs []string) gin.HandlerFunc {
	return func(c *gin.Context) {
		clientIP := c.ClientIP()
		remoteIp := c.RemoteIP()
		core.JobLog.Infof("IPWhitelist:%s remoteIp:%s", clientIP, remoteIp)
		allowed := false
		for _, ip := range allowedIPs {
			if ip == clientIP || ip == remoteIp {
				allowed = true
				break
			}
		}
		if !allowed {
			c.AbortWithStatusJSON(http.StatusForbidden, gin.H{
				"error": "Access denied",
			})
			return
		}

		c.Next()
	}
}