A sample application.js file that uses the IP Filter from my previous Gist

rhmap-service-ip-filter-application.js

'use strict'

const express = require('express')
const cors = require('cors')

const app = express()

// Enable CORS for all requests
app.use(cors())

// Add RHMAP sys middlewares - used to verify application status
app.use('/sys', mbaasExpress.sys(securableEndpoints));

// Add RHMAP mbaas middlewares - these are protected by keys/sessions
app.use('/mbaas', mbaasExpress.mbaas);

// Remove this unless you really need it - causes a perf hit otherwise!
// You should probably namespace it anyways, like under '/assets' or similar
app.use(express.static(__dirname + '/public'));

// All routes after this are only accessible by the IP defined in "lib/ip-filter"
// If an unrecognised IP is detected then a 403 response is returned immediately
app.use(require('./lib/ip-filter'))

// Note: important that this is added just before your own Routes
app.use(mbaasExpress.fhmiddleware());

// Only verified IP addresses can reach me!
app.use('/hello', require('./lib/hello.js')());