updates based on review comments

orangemiddleware/ipfilter.go → middleware/ipfilter.go

@@ -1,4 +1,4 @@
-package orangemiddleware
+package middleware
 
 import (
 	"net"
@@ -11,18 +11,18 @@ func IpFilter(handler http.Handler) http.Handler {
 		// go-chi's middleware/realip.go already parses for RealIp and xForwardedFor, further sets RemoteAddr to xForwardedFor ip if available.
 		ipAddress, _, splitHostPortError := net.SplitHostPort(r.RemoteAddr)
 		if splitHostPortError != nil {
-			w.WriteHeader(http.StatusUnauthorized)
+			http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
 			return
 		}
 
 		parsedIp := net.ParseIP(ipAddress)
 		if parsedIp == nil {
-			w.WriteHeader(http.StatusUnauthorized)
+			http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
 			return
 		}
 
 		if checkIfIpIsBlocked(parsedIp.String()) {
-			w.WriteHeader(http.StatusUnauthorized)
+			http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden)
 			return
 		}
 		handler.ServeHTTP(w, r)

views/views.go

@@ -14,8 +14,8 @@ import (
 	"github.com/go-chi/chi/middleware"
 	"github.com/go-chi/jwtauth"
 	"github.com/gorilla/csrf"
+	orangemiddleware "github.com/s-gv/orangeforum/middleware"
 	"github.com/s-gv/orangeforum/models"
-	"github.com/s-gv/orangeforum/orangemiddleware"
 )
 
 var tokenAuth *jwtauth.JWTAuth
@@ -29,10 +29,10 @@ func GetRouter() *chi.Mux {
 	// A good base middleware stack
 	r.Use(middleware.RequestID)
 	r.Use(middleware.RealIP)
-	r.Use(orangemiddleware.IpFilter)
 	r.Use(middleware.Logger)
 	r.Use(middleware.Recoverer)
 	r.Use(middleware.Timeout(30 * time.Second))
+	r.Use(orangemiddleware.IpFilter)
 
 	csrfMiddleware := csrf.Protect([]byte(SecretKey), csrf.Secure(false))
 	r.Use(csrfMiddleware)