chore: Update Usage of IpAddress Value Object

2025-10-27 12:31:57 +01:00
parent 9a8dd07c62
commit 093d3df92d
1 changed files with 14 additions and 10 deletions
--- a/src/Framework/Http/Middlewares/ProductionSecurityMiddleware.php
+++ b/src/Framework/Http/Middlewares/ProductionSecurityMiddleware.php
@@ -7,12 +7,14 @@ namespace App\Framework\Http\Middlewares;
 use App\Framework\Config\Environment;
 use App\Framework\Config\EnvKey;
 use App\Framework\Http\HttpMiddleware;
-use App\Framework\Http\JsonErrorResponse;
+use App\Framework\Http\IpAddress;
 use App\Framework\Http\MiddlewareContext;
 use App\Framework\Http\MiddlewarePriority;
 use App\Framework\Http\MiddlewarePriorityAttribute;
 use App\Framework\Http\Next;
 use App\Framework\Http\RequestStateManager;
+use App\Framework\Http\Responses\JsonResponse;
+use App\Framework\Http\Status;

 /**
 * Middleware to block sensitive routes in production environment
@@ -70,9 +72,9 @@ final readonly class ProductionSecurityMiddleware implements HttpMiddleware
        // Block sensitive debug routes completely in production
        if ($this->isBlockedRoute($path)) {
            return $context->withResponse(
-                new JsonErrorResponse(
-                    message: 'Not Found',
-                    statusCode: 404
+                new JsonResponse(
+                    body: ['error' => 'Not Found'],
+                    status: Status::NOT_FOUND
                )
            );
        }
@@ -80,9 +82,9 @@ final readonly class ProductionSecurityMiddleware implements HttpMiddleware
        // Check IP whitelist for admin routes
        if ($this->isIpRestrictedRoute($path) && ! $this->isAllowedIp($clientIp)) {
            return $context->withResponse(
-                new JsonErrorResponse(
-                    message: 'Access Denied',
-                    statusCode: 403
+                new JsonResponse(
+                    body: ['error' => 'Access Denied'],
+                    status: Status::FORBIDDEN
                )
            );
        }
@@ -112,14 +114,16 @@ final readonly class ProductionSecurityMiddleware implements HttpMiddleware
        return false;
    }

-    private function isAllowedIp(?string $clientIp): bool
+    private function isAllowedIp(?IpAddress $clientIp): bool
    {
        if ($clientIp === null) {
            return false;
        }

+        $ipString = (string) $clientIp;
+
        // Check if IP is in whitelist
-        if (in_array($clientIp, self::ALLOWED_IPS, true)) {
+        if (in_array($ipString, self::ALLOWED_IPS, true)) {
            return true;
        }

@@ -128,7 +132,7 @@ final readonly class ProductionSecurityMiddleware implements HttpMiddleware
        if (! empty($allowedIpsEnv)) {
            $allowedIps = array_map('trim', explode(',', $allowedIpsEnv));

-            return in_array($clientIp, $allowedIps, true);
+            return in_array($ipString, $allowedIps, true);
        }

        return false;