Quality update of strategy subpackage (#35)

* feat: slightly redesign of the strategy package * feat: slightly redesign of the strategy package * feat: slightly redesign of the strategy package * feat: slightly redesign of the strategy package
tigerwill90 · Jul 7, 2024 · 990944a · 990944a
1 parent 8fcce12
commit 990944a
Show file tree

Hide file tree

Showing 4 changed files with 359 additions and 248 deletions.
diff --git a/README.md b/README.md
@@ -502,7 +502,7 @@ f := fox.New(
     fox.DefaultOptions(),
     fox.WithClientIPStrategy(
         // We are behind one or many trusted proxies that have all private-space IP addresses.
-        strategy.NewRightmostNonPrivate(fox.HeaderXForwardedFor),
+        strategy.NewRightmostNonPrivate(strategy.XForwardedForKey),
     ),
 )
 
@@ -527,7 +527,7 @@ f = fox.New(
         // A common use for this is if a server is both directly connected to the 
         // internet and expecting a header to check.
         strategy.NewChain(
-            strategy.NewLeftmostNonPrivate(fox.HeaderXForwardedFor),
+            strategy.NewLeftmostNonPrivate(strategy.ForwardedKey),
             strategy.NewRemoteAddr(),
         ),
     ),

diff --git a/strategy/options.go b/strategy/options.go
@@ -0,0 +1,81 @@
+package strategy
+
+import "net"
+
+type config struct {
+	ipRanges []net.IPNet
+}
+
+type TrustedRangeOption interface {
+	applyRight(*config)
+}
+
+type BlacklistRangeOption interface {
+	applyLeft(*config)
+}
+
+type rightmostNonPrivateOptionFunc func(*config)
+
+func (o rightmostNonPrivateOptionFunc) applyRight(c *config) {
+	o(c)
+}
+
+type leftmostNonPrivateOptionFunc func(*config)
+
+func (o leftmostNonPrivateOptionFunc) applyLeft(c *config) {
+	o(c)
+}
+
+// TrustLoopback enables or disables the inclusion of loopback ip ranges in the trusted ip ranges.
+func TrustLoopback(enable bool) TrustedRangeOption {
+	return rightmostNonPrivateOptionFunc(func(c *config) {
+		if enable {
+			c.ipRanges = append(c.ipRanges, loopbackRanges...)
+		}
+	})
+}
+
+// TrustLinkLocal enables or disables the inclusion of link local ip ranges in the trusted ip ranges.
+func TrustLinkLocal(enable bool) TrustedRangeOption {
+	return rightmostNonPrivateOptionFunc(func(c *config) {
+		if enable {
+			c.ipRanges = append(c.ipRanges, linkLocalRanges...)
+		}
+	})
+}
+
+// TrustPrivateNet enables or disables the inclusion of private-space ip ranges in the trusted ip ranges.
+func TrustPrivateNet(enable bool) TrustedRangeOption {
+	return rightmostNonPrivateOptionFunc(func(c *config) {
+		if enable {
+			c.ipRanges = append(c.ipRanges, privateRange...)
+		}
+	})
+}
+
+// ExcludeLoopback enables or disables the inclusion of loopback ip ranges in the blacklisted ip ranges.
+func ExcludeLoopback(enable bool) BlacklistRangeOption {
+	return leftmostNonPrivateOptionFunc(func(c *config) {
+		if enable {
+			c.ipRanges = append(c.ipRanges, loopbackRanges...)
+		}
+	})
+}
+
+// ExcludeLinkLocal enables or disables the inclusion of link local ip ranges in the blacklisted ip ranges.
+func ExcludeLinkLocal(enable bool) BlacklistRangeOption {
+	return leftmostNonPrivateOptionFunc(func(c *config) {
+		if enable {
+			c.ipRanges = append(c.ipRanges, linkLocalRanges...)
+		}
+	})
+}
+
+// ExcludePrivateNet enables or disables the inclusion of private-space ip ranges in the blacklisted ip ranges.
+func ExcludePrivateNet(enable bool) BlacklistRangeOption {
+	return leftmostNonPrivateOptionFunc(func(c *config) {
+		if enable {
+			c.ipRanges = append(c.ipRanges, privateRange...)
+		}
+	})
+}