adding env var

wormhole-foundation · Apr 3, 2024 · 9b962d8 · 9b962d8
1 parent 5bf5ff6
commit 9b962d8
Showing 1 changed file with 6 additions and 9 deletions.
diff --git a/backend/src/handlers/authorizer.ts b/backend/src/handlers/authorizer.ts
@@ -4,32 +4,29 @@ import {
 } from 'aws-lambda'
 import geoIP from 'fast-geoip'
 
+const DEFAULT_DENY_LIST = ['CU', 'IR', 'IQ', 'KP', 'RU', 'SY', 'GB', 'US', 'UA']
+
 export const authorizer = async (
   authorizerEvent: APIGatewayRequestAuthorizerEventV2
 ): Promise<
   APIGatewaySimpleAuthorizerWithContextResult<Record<string, string>>
 > => {
+  let denyList = process.env.DENY_LIST?.split(',') ?? DEFAULT_DENY_LIST
   let authorized = true
   let country
+  const ip = authorizerEvent.requestContext.http.sourceIp
 
   try {
-    const ip = authorizerEvent.requestContext.http.sourceIp
-    console.log('IP:', ip)
     const geo = await geoIP.lookup(ip)
     country = geo?.country ?? 'unknown'
-    if (
-      ['CU', 'IR', 'IQ', 'KP', 'RU', 'SY', 'GB', 'US', 'UA', 'AR'].includes(
-        country
-      )
-    ) {
+    if (denyList.includes(country)) {
       authorized = false
     }
   } catch (err) {
     console.error('Error looking up country', err)
   }
 
-  console.log('Country:', country)
-  console.log('Authorized:', authorized)
+  console.log(`IP:${ip} - Country:${country} - Authorized:${authorized}`)
 
   return {
     isAuthorized: authorized,