Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
# closedpizza-authorization.rb - mruby handler to check if all clients
# have accounts on, checked via ip address and result kept with lrucache
# there is also a redis class in h2o mruby but it probably isn't worth using
# to change returned status code/response for unauthorized users, see end of call method
# paths:
# /:
# mruby.handler-file: /path/to/closedpizza-authorization.rb
# lrucache class
require "/usr/share/h2o/mruby/lru_cache.rb"
class ClosedPizzaAuthorization
def initialize()
# make a new lrucache with size 64 to use through this class
@cache =
# handler before every request
def call(env)
# get value from cache with key of the ip address
# if the cache doesn't exist, do everything in this block
unless allowed = @cache.get(env["REMOTE_ADDR"])
# ip existence api thing
# this will check to see if the ip belongs to any user on
req = http_request("{env["REMOTE_ADDR"]}")
# execute request and get status code
status = req.join[0]
# if status is 202 then the ip is ok, otherwise it isn't
# value of 1 if ok, value of 2 if not good
allowed = status == 202 ? 1 : 2
# put allowed, an int of one byte, into cache
@cache.set(env["REMOTE_ADDR"], allowed)
# ip address is allowed
if allowed == 1
# go to next handler (status 399) and return
return [399, {}, []]
# ip address isn't allowed, return status 444, empty response
# TODO: change this to 403? or somehow add ip address to fail2ban jail?
[444, {}, []]
# return new instance
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.