IP-Überprüfung für Telefonnummern-Links implementiert

app.py

@@ -88,7 +88,8 @@ def login():
 def index():
     if not session.get('logged_in'):
         return redirect(url_for('login'))
-    return render_template('index.html')
+    allowed_ip_ranges = os.getenv('ALLOWED_IP_RANGES', '')
+    return render_template('index.html', allowed_ip_ranges=allowed_ip_ranges)
 
 @app.route('/search')
 def search():

templates/index.html

@@ -264,7 +264,13 @@
         function createPhoneLink(phone) {
             if (!phone) return 'N/A';
             const cleaned = phone.replace(/[^\d+\s]/g, '');
-            const telLink = cleaned.startsWith('+') ? cleaned : '0' + cleaned.replace(/\s/g, '');
+            const clientIP = '{{ request.remote_addr }}'; // Client-IP aus dem Server
+            const allowedIPRanges = '{{ allowed_ip_ranges }}'.split(',');
+
+            // Überprüfen, ob die Client-IP in einem der erlaubten Bereiche liegt
+            const isAllowed = allowedIPRanges.some(range => clientIP.startsWith(range.trim()));
+
+            const telLink = cleaned.startsWith('+') ? cleaned : (isAllowed ? '0' + cleaned.replace(/\s/g, '') : cleaned.replace(/\s/g, ''));
             return `<a href="tel:${telLink}" class="phone-link">${phone}</a>`;
         }