Table of Contents
Heimdall checks the client's IP to know whether the request has originated from inside the IIT Kharagpur network. This helps to ascertain if the client is a current member of the institute and should have access to certain information.
- Shells
bash
zsh
- OS(s)
- any
*nix
[GNU+Linux
andUnix
]
- any
To set up a local instance of the application, follow the steps below.
The following dependencies are required to be installed for the project to function properly:
Now that the environment has been set up and configured to properly compile and run the project, the next step is to install and configure the project locally on your system.
- Clone the repository
git clone https://github.com/metakgp/heimdall.git
- Install dependencies
cd ./heimdall go mod download
- Execute the script
go run main.go
IIT Kharagpur has its internal campus network which is the primary source of Internet for its students, staff and faculty.
For connection to the outside network (normal internet services), it uses a NAT Gateway which handles all requests going outside. While doing so, the client IP address in those requests is changed from the internal IP to any one of the pool of public IP addresses assigned to IIT Kharagpur.
So, to check whether a request has originated from inside the IIT Kharagpur network, we just check whether the client's IP address belongs to one of those public IPs.
While just doing this would have sufficed, we do not know whether these Public IPs are permanent or are subject to change over time. We therefore do a Whois lookup of the IP address and check its response to decide whether this IP address belongs to IIT Kharagpur. A screenshot of such a Whois lookup is shown below.
For complete Whois information check here.
All this time you might be wondering why you need a different server to just check this. Can't we do this in any project where such a feature is required?
Well yes. Provided it has a backend server. This cannot be done in the front-end because the Web Browser does not provide the IP information to the Javascript engine. So for projects that do not need a backend, like Chillzone or ERP Auto Login, this simple API call can do the required work.