When configured, require requests to come from Cloudflare (#5666)

This is the code part of #3027, following [this article](https://www.viget.com/articles/heroku-cloudflare-the-right-way/) and using [this middleware](https://github.com/clive-io/cloudflare-middleware). I pulled in the `addHandlerAtIndex()` function @chris48s wrote for #5574. The middleware isn't perfect for scoutcamp, since it relies on `req.ip` which is something set by Express. However, the other solutions I found were either explicitly deprecated ([cloudflare-ip](https://www.npmjs.com/package/cloudflare-ip)) or relied on dynamically fetching the list of Cloudflare hosts ([cloudflare-ips](https://www.npmjs.com/package/cloudflare-ips)), which seems unnecessary as this list has not changed in several years. I've left this off to start, so we can test it in production using an env var before we make it the production default.
2020-10-12 12:36:42 -04:00
parent 4da15aafc1
commit 1fab1a7140
7 changed files with 85 additions and 0 deletions
--- a/config/custom-environment-variables.yml
+++ b/config/custom-environment-variables.yml
@@ -61,6 +61,8 @@ public:

  fetchLimit: 'FETCH_LIMIT'

+  requireCloudflare: 'REQUIRE_CLOUDFLARE'
+
 private:
  azure_devops_token: 'AZURE_DEVOPS_TOKEN'
  bintray_user: 'BINTRAY_USER'
--- a/config/default.yml
+++ b/config/default.yml
@@ -33,4 +33,6 @@ public:

  fetchLimit: '10MB'

+  requireCloudflare: false
+
 private: {}