I am working on a rest api.
That api is used by my website and the website is used by various users. I want to restrict the api access only to my website ( no other website should be able to access that rest api ) so for that I want to whitelist my domain name on the basis of the ip of the domain name
My goal is to find the ip of domain name requesting my ip not the ip of the users accessing my domain.
How can I achieve it in nodejs?
See Getting HTTP headers with node.js
You should be able to use the referer data in the header to check where the request is coming from.
From your API's viewpoint the IP of the request won't really be different from a server vs. a client. Although, other than some HTTP header variables.
You could simply check all the IPs of incoming requests for your "secured" endpoint and check it against a whitelist of all your server IPs.
Personally, I'd probably use ssl between servers.
