Setup IP registration block, I have made it work myself but would be good for it to be publically available

[brt5586]

So I am hosting my own version of PassordPusher for our business, I just want to thank you @pglombardo for actively maintaining this, making it open source and an excellent app as it is today.

One requirement I found we really needed is that I'm currently using Microsoft storage provider to link it to our private storage account which works amazingly :) however since the 'File' section is stuck behind the registration/login (which is a good idea by the way) I didn't want anyone just making an account and registering so they can upload / spam file uploads to our storage account.

I am in no way means a coder, just an IT Infrastructure Engineer so do know my way around a little bit. Therefore I've edited the application_controller.rb to add in these extra lines:

  def allowed_ip?
    allowed_ips = ENV['ALLOWED_IPS']&.split(',') || []
    allowed_ips.include?(request.remote_ip)
  end

protected

  def check_ip
    allowed_ips = ENV['ALLOWED_IPS']&.split(',')&.map(&:strip) || []
    Rails.logger.info "Remote IP: #{request.remote_ip}, Allowed IPs: #{allowed_ips}"
    unless allowed_ips.include?(request.remote_ip)
      flash[:alert] = "You are not authorized to perform this action from your current location."
      redirect_to root_path and return
    end
  end

Then In registration_controller.rb I added this right to the top:

class Users::RegistrationsController < Devise::RegistrationsController
  layout 'application', only: %i[edit update token]
  layout 'login', except: %i[edit update token]

  before_action :check_ip, only: [:new, :create] **<--- only this line I added**```
  
  
  Then added this line into the file _header.html.erb:
  
  ```<div class="container">
  <header class="d-flex flex-wrap justify-content-center py-3 mb-4 border-bottom">
    <%= link_to root_path(locale: locale.to_s), class: 'd-flex align-items-center mb-3 mb-md-0 me-md-auto text-dark text-decoration-none', hreflang: locale.to_s do %>
      <div class='me-2'>
      <picture>
        <% if Settings.brand.nil? || Settings.brand.light_logo.nil? %>
          <source srcset="<%= asset_path('logo-transparent-sm-bare.png') %>" media="(prefers-color-scheme: light) or (prefers-color-scheme: no-preference)">
          <source srcset="<%= asset_path('logo-transparent-sm-dark-bare.png') %>" media="(prefers-color-scheme: dark)">
          <img src="<%= asset_path('logo-transparent-sm-bare.png') %>" alt="<%= _('Password Pusher Logo') %>" style='height: 50px;' />
        <% else %>
          <source srcset="<%= Settings.brand.light_logo %>" media="(prefers-color-scheme: light) or (prefers-color-scheme: no-preference)">
          <source srcset="<%= Settings.brand.dark_logo %>" media="(prefers-color-scheme: dark)">
          <img src="<%= Settings.brand.light_logo %>" alt="<%= _('Password Pusher Logo') %>" style='height: 50px;' />
        <% end %>
      </picture>
      </div>
      <div>
        <span class="fs-4 display-1"><%= Settings.brand.title %></span>
        <br/>
        <span class="fs-6 text-muted"><%= Settings.brand.tagline %></span>
      </div>
    <% end %>

      <ul class="nav nav-pills align-items-center">
        <% if Settings.enable_logins %>
          <% if current_user %>
            <li class="nav-item lead">
              <%= link_to active_passwords_path, class: "btn btn-primary" do %>
                <em class='bi bi-clipboard-data'></em>
                <%= _('Dashboard') %>
              <% end %>

            </li>
            <li class="nav-item dropdown">
              <a class="nav-link dropdown-toggle" href="#" id="accountDropdownMenuLink" role="button" data-bs-toggle="dropdown" aria-expanded="false">
                <em class='bi-file-person'></em>
                <%= _('Account') %>
              </a>
              <ul class="dropdown-menu" aria-labelledby="accountDropdownMenuLink">
                <li>
                  <%= link_to _('Edit Login Details'), edit_user_registration_path, class: "dropdown-item" %>
                </li>
                <li>
                  <%= link_to _('API Token'), token_user_registration_path, class: "dropdown-item" %>
                </li>
                <li>
                  <%= link_to _('Log Out'), destroy_user_session_path, data: { turbo_method: :delete }, class: "dropdown-item" %>
                </li>
              </ul>
            </li>
          <% else %>
            <li class="nav-item">
              <%= link_to _('Log In'), new_user_session_path, class: "nav-link lead" %>
            </li>
            <% if allowed_ip? %> **<---- This line added** 
              <li class="nav-item">
                <%= link_to _('Sign Up'), new_user_registration_path, class: "nav-link lead" %>
              </li>
            <% end %>
          <% end %>
        <% end %>
        <li class="nav-item">
          <button type="button" class="btn btn-secondary" data-bs-toggle="modal" data-bs-target="#languageModal">
            <em class='bi-translate'></em>
            <%= _('Language') %>
          </button>
        </li>
      </ul>


    <%= render partial: 'shared/lang_selector_modal' %>
  </header>
</div>

Wondering if you can make this an available feature next without me editing it on each update you do? Or make it a little bit better than my implementation here? Thank you :)

[pglombardo]

Hi @brt5586 - apologies for my late reply. I was on vacation for a month and am still catching up.

This is a great proposal and definitely a needed feature.

I hope to add this ability soon. Either I'll use your implementation or I've also been considering Rack::Access from rack_contrib.

Once I do either, I'll update the discussion here.

[pglombardo]

Hey @brt5586 - A bit of a late update but I recently added a new public gateway Docker container. It's meant to be hosted publicly to just deliver pushes to end users. There are no logins, push forms, admin panels or anything else.

I think this might be a perfect fit for you. See the linked docs and let me know.