NancyFx localhost only request modules

Reading time ~1 minute

Today I was playing around with some code, and I was thinking that it would be really nice to hide some admin modules from public access without creating user access security.

So since I was using NancyFx, I decided to create a bit of code to achieve this, and here it is.

        public static void EnsureLocalOnly(this NancyModule module)
        {
#if (!DEBUG)
            module.Before.AddItemToEndOfPipeline(c => !c.Request.IsLocal() ? new Response {StatusCode = HttpStatusCode.NotFound} : null);
#endif
        }

The wrapping if statement is simply to only perform this check on release builds of the code (Production builds), leaving me to experiment as much as I please on my development box. This is completely optional, and you are of course welcome to change/modify it as much as you would like to.

Here is an example of how to use the code.

public class AdminModule : NancyModule
{
    public AdminModule() : base("/admin")
    {
        this.EnsureLocalOnly();

        Get["/"] = _ => "Only localhost can see this";

        Post["/{name}"] = _ => $"Welcome to localhost, {_.name}"; 
    }
}

Another way the code could be used would be.

public class SimpleModule : NancyModule
{
    public SimpleModule()
    {
        Get["/"] = _ => "Public can see this";

        Get["/local"] = _ => {
            this.EnsureLocalOnly();
            return "Only localhost can see this";
        };
    }
}

Enjoy!

KidSpeak in Lund

Kidspeak is coming to Lund, Sweden Continue reading

Another site for my content

Published on March 22, 2017