Whitelist to check listen mode via console

server.js

@@ -123,7 +123,7 @@ app.use(CORS);
 
 if (listen && getConfigValue('basicAuthMode', false)) app.use(basicAuthMiddleware);
 
-app.use(whitelistMiddleware);
+app.use(whitelistMiddleware(listen));
 
 // CSRF Protection //
 if (!cliArguments.disableCsrf) {

src/middleware/whitelist.js

@@ -8,7 +8,6 @@ const { color, getConfigValue } = require('../util');
 const whitelistPath = path.join(process.cwd(), './whitelist.txt');
 let whitelist = getConfigValue('whitelist', []);
 let knownIPs = new Set();
-const listen = getConfigValue('listen', false);
 const whitelistMode = getConfigValue('whitelistMode', true);
 
 if (fs.existsSync(whitelistPath)) {
@@ -34,30 +33,37 @@ function getIpFromRequest(req) {
     return clientIp;
 }
 
-const whitelistMiddleware = function (req, res, next) {
+/**
-    const clientIp = getIpFromRequest(req);
+ * Returns a middleware function that checks if the client IP is in the whitelist.
+ * @param {boolean} listen If listen mode is enabled via config or command line
+ * @returns {import('express').RequestHandler} The middleware function
+ */
+function whitelistMiddleware(listen) {
+    return function (req, res, next) {
+        const clientIp = getIpFromRequest(req);
 
-    if (listen && !knownIPs.has(clientIp)) {
+        if (listen && !knownIPs.has(clientIp)) {
-        const userAgent = req.headers['user-agent'];
+            const userAgent = req.headers['user-agent'];
-        console.log(color.yellow(`New connection from ${clientIp}; User Agent: ${userAgent}\n`));
+            console.log(color.yellow(`New connection from ${clientIp}; User Agent: ${userAgent}\n`));
-        knownIPs.add(clientIp);
+            knownIPs.add(clientIp);
 
-        // Write access log
+            // Write access log
-        const timestamp = new Date().toISOString();
+            const timestamp = new Date().toISOString();
-        const log = `${timestamp} ${clientIp} ${userAgent}\n`;
+            const log = `${timestamp} ${clientIp} ${userAgent}\n`;
-        fs.appendFile('access.log', log, (err) => {
+            fs.appendFile('access.log', log, (err) => {
-            if (err) {
+                if (err) {
-                console.error('Failed to write access log:', err);
+                    console.error('Failed to write access log:', err);
-            }
+                }
-        });
+            });
-    }
+        }
 
-    //clientIp = req.connection.remoteAddress.split(':').pop();
+        //clientIp = req.connection.remoteAddress.split(':').pop();
-    if (whitelistMode === true && !whitelist.some(x => ipMatching.matches(clientIp, ipMatching.getMatch(x)))) {
+        if (whitelistMode === true && !whitelist.some(x => ipMatching.matches(clientIp, ipMatching.getMatch(x)))) {
-        console.log(color.red('Forbidden: Connection attempt from ' + clientIp + '. If you are attempting to connect, please add your IP address in whitelist or disable whitelist mode in config.yaml in root of SillyTavern folder.\n'));
+            console.log(color.red('Forbidden: Connection attempt from ' + clientIp + '. If you are attempting to connect, please add your IP address in whitelist or disable whitelist mode in config.yaml in root of SillyTavern folder.\n'));
-        return res.status(403).send('<b>Forbidden</b>: Connection attempt from <b>' + clientIp + '</b>. If you are attempting to connect, please add your IP address in whitelist or disable whitelist mode in config.yaml in root of SillyTavern folder.');
+            return res.status(403).send('<b>Forbidden</b>: Connection attempt from <b>' + clientIp + '</b>. If you are attempting to connect, please add your IP address in whitelist or disable whitelist mode in config.yaml in root of SillyTavern folder.');
-    }
+        }
-    next();
+        next();
-};
+    };
+}
 
 module.exports = whitelistMiddleware;