From 869acdcb189d1b802f2fc17e8b53f205d6e18d24 Mon Sep 17 00:00:00 2001
From: elpatron <m.busche@gmail.com>
Date: Tue, 18 Mar 2025 11:28:27 +0100
Subject: [PATCH] =?UTF-8?q?IP-=C3=9Cberpr=C3=BCfung=20f=C3=BCr=20Telefonnu?=
 =?UTF-8?q?mmern-Links=20implementiert?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app.py               | 3 ++-
 templates/index.html | 8 +++++++-
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/app.py b/app.py
index 8dbfebb..141156b 100644
--- a/app.py
+++ b/app.py
@@ -88,7 +88,8 @@ def login():
 def index():
     if not session.get('logged_in'):
         return redirect(url_for('login'))
-    return render_template('index.html')
+    allowed_ip_ranges = os.getenv('ALLOWED_IP_RANGES', '')
+    return render_template('index.html', allowed_ip_ranges=allowed_ip_ranges)
 
 @app.route('/search')
 def search():
diff --git a/templates/index.html b/templates/index.html
index b6f32c6..76ccc20 100644
--- a/templates/index.html
+++ b/templates/index.html
@@ -264,7 +264,13 @@
         function createPhoneLink(phone) {
             if (!phone) return 'N/A';
             const cleaned = phone.replace(/[^\d+\s]/g, '');
-            const telLink = cleaned.startsWith('+') ? cleaned : '0' + cleaned.replace(/\s/g, '');
+            const clientIP = '{{ request.remote_addr }}'; // Client-IP aus dem Server
+            const allowedIPRanges = '{{ allowed_ip_ranges }}'.split(',');
+
+            // Überprüfen, ob die Client-IP in einem der erlaubten Bereiche liegt
+            const isAllowed = allowedIPRanges.some(range => clientIP.startsWith(range.trim()));
+
+            const telLink = cleaned.startsWith('+') ? cleaned : (isAllowed ? '0' + cleaned.replace(/\s/g, '') : cleaned.replace(/\s/g, ''));
             return `<a href="tel:${telLink}" class="phone-link">${phone}</a>`;
         }