How to add allow list of IPs in nextJS13?
Unanswered
Doberman Pinscher posted this in #help-forum
Doberman PinscherOP
How can I add IPs in nextJS 13 to allow them sending requests to my nextJS 13 app? Reference: https://developer.paddle.com/webhooks/overview#allow-paddle-ips
5 Replies
Just add ip's like normal
And to check them, use X-Forwarded-For header which returns the ip
@Doberman Pinscher
Doberman PinscherOP
Do you mean check IPs with .includes() function?
// pages/api/webhooks/[...event].js
export default function handler(req, res) {
const { method, headers, query } = req;
// Check if the request method is POST
if (method === 'POST') {
// Get the IP address of the incoming request
const ipAddress = req.socket.remoteAddress;
// Define the list of allowed IP addresses for webhook events
const allowedIPs = ['PADDLE_IP_1', 'PADDLE_IP_2']; // Replace with actual Paddle IPs
// Check if the request is coming from an allowed IP address
if (allowedIPs.includes(ipAddress)) {
// Proceed with handling the webhook event
// Implement your webhook event handling logic here
console.log('Received webhook event:', req.body);
res.status(200).json({ message: 'Webhook event received' });
} else {
// Reject the request if it's not coming from an allowed IP
console.error('Unauthorized webhook event from IP:', ipAddress);
res.status(403).json({ error: 'Unauthorized' });
}
} else {
// Handle other HTTP methods (GET, PUT, etc.) if needed
res.setHeader('Allow', ['POST']);
res.status(405).json({ error: `Method ${method} Not Allowed` });
}
}Yes.