Security: limit Masterkey remote access (#4017)

* update choose_password to have the confirmation

* add comment mark

* First version, no test

* throw error right away instead of just use masterKey false

* fix the logic

* move it up before the masterKey check

* adding some test

* typo

* remove the choose_password

* newline

* add cli options

* remove trailing space

* handle  in case the server is behind proxy

* add getting the first ip in the ip list of xff

* sanity check the ip in config if it is a valid ip address

* split ip extraction to another function

* trailing spaces

src/Config.js

@@ -5,6 +5,7 @@
 import AppCache from './cache';
 import SchemaCache from './Controllers/SchemaCache';
 import DatabaseController from './Controllers/DatabaseController';
+import net from 'net';
 
 function removeTrailingSlash(str) {
   if (!str) {
@@ -26,6 +27,7 @@ export class Config {
     this.applicationId = applicationId;
     this.jsonLogs = cacheInfo.jsonLogs;
     this.masterKey = cacheInfo.masterKey;
+    this.masterKeyIps = cacheInfo.masterKeyIps;
     this.clientKey = cacheInfo.clientKey;
     this.javascriptKey = cacheInfo.javascriptKey;
     this.dotNetKey = cacheInfo.dotNetKey;
@@ -86,7 +88,8 @@ export class Config {
     sessionLength,
     emailVerifyTokenValidityDuration,
     accountLockout,
-    passwordPolicy
+    passwordPolicy,
+    masterKeyIps
   }) {
     const emailAdapter = userController.adapter;
     if (verifyUserEmails) {
@@ -108,6 +111,8 @@ export class Config {
     }
 
     this.validateSessionConfiguration(sessionLength, expireInactiveSessions);
+
+    this.validateMasterKeyIps(masterKeyIps);
   }
 
   static validateAccountLockoutPolicy(accountLockout) {
@@ -184,6 +189,14 @@ export class Config {
     }
   }
 
+  static validateMasterKeyIps(masterKeyIps) {
+    for (const ip of masterKeyIps) {
+      if(!net.isIP(ip)){
+        throw `Invalid ip in masterKeyIps: ${ip}`;
+      }
+    }
+  }
+
   get mount() {
     var mount = this._mount;
     if (this.publicServerURL) {