1
0
mirror of https://github.com/pocketbase/pocketbase.git synced 2025-03-19 22:19:23 +02:00

[#282] fixed "real" user ip extraction

This commit is contained in:
Gani Georgiev 2022-08-20 07:57:17 +03:00
parent beb8e7924d
commit 07cd758112
3 changed files with 21 additions and 19 deletions

View File

@ -66,7 +66,7 @@ func (api *adminApi) refresh(c echo.Context) error {
func (api *adminApi) emailAuth(c echo.Context) error { func (api *adminApi) emailAuth(c echo.Context) error {
form := forms.NewAdminLogin(api.app) form := forms.NewAdminLogin(api.app)
if readErr := c.Bind(form); readErr != nil { if readErr := c.Bind(form); readErr != nil {
return rest.NewBadRequestError("An error occurred while reading the submitted data.", readErr) return rest.NewBadRequestError("An error occurred while loading the submitted data.", readErr)
} }
admin, submitErr := form.Submit() admin, submitErr := form.Submit()
@ -80,7 +80,7 @@ func (api *adminApi) emailAuth(c echo.Context) error {
func (api *adminApi) requestPasswordReset(c echo.Context) error { func (api *adminApi) requestPasswordReset(c echo.Context) error {
form := forms.NewAdminPasswordResetRequest(api.app) form := forms.NewAdminPasswordResetRequest(api.app)
if err := c.Bind(form); err != nil { if err := c.Bind(form); err != nil {
return rest.NewBadRequestError("An error occurred while reading the submitted data.", err) return rest.NewBadRequestError("An error occurred while loading the submitted data.", err)
} }
if err := form.Validate(); err != nil { if err := form.Validate(); err != nil {
@ -101,7 +101,7 @@ func (api *adminApi) requestPasswordReset(c echo.Context) error {
func (api *adminApi) confirmPasswordReset(c echo.Context) error { func (api *adminApi) confirmPasswordReset(c echo.Context) error {
form := forms.NewAdminPasswordResetConfirm(api.app) form := forms.NewAdminPasswordResetConfirm(api.app)
if readErr := c.Bind(form); readErr != nil { if readErr := c.Bind(form); readErr != nil {
return rest.NewBadRequestError("An error occurred while reading the submitted data.", readErr) return rest.NewBadRequestError("An error occurred while loading the submitted data.", readErr)
} }
admin, submitErr := form.Submit() admin, submitErr := form.Submit()

View File

@ -304,22 +304,24 @@ func ActivityLogger(app core.App) echo.MiddlewareFunc {
// Returns the "real" user IP from common proxy headers (or fallbackIp if none is found). // Returns the "real" user IP from common proxy headers (or fallbackIp if none is found).
// //
// The returned IP shouldn't be trusted if not behind a trusted reverse proxy! // The returned IP value shouldn't be trusted if not behind a trusted reverse proxy!
func realUserIp(r *http.Request, fallbackIp string) string { func realUserIp(r *http.Request, fallbackIp string) string {
if ip := r.Header.Get("CF-Connecting-IP"); ip != "" { if ip := r.Header.Get("CF-Connecting-IP"); ip != "" {
return ip return ip
} }
if ip := r.Header.Get("X-Forwarded-For"); ip != "" { if ip := r.Header.Get("X-Real-IP"); ip != "" {
// extract only the last IP
if i := strings.IndexAny(ip, ","); i > 0 {
return strings.TrimSpace(ip[:i])
}
return ip return ip
} }
if ip := r.Header.Get("X-Forwarded-For"); ip != "" { if ipsList := r.Header.Get("X-Forwarded-For"); ipsList != "" {
return ip ips := strings.Split(ipsList, ",")
// extract the rightmost ip
for _, ip := range ips {
if trimmedIp := strings.TrimSpace(ip); trimmedIp != "" {
return trimmedIp
}
}
} }
return fallbackIp return fallbackIp

View File

@ -152,7 +152,7 @@ func (api *userApi) authMethods(c echo.Context) error {
func (api *userApi) oauth2Auth(c echo.Context) error { func (api *userApi) oauth2Auth(c echo.Context) error {
form := forms.NewUserOauth2Login(api.app) form := forms.NewUserOauth2Login(api.app)
if readErr := c.Bind(form); readErr != nil { if readErr := c.Bind(form); readErr != nil {
return rest.NewBadRequestError("An error occurred while reading the submitted data.", readErr) return rest.NewBadRequestError("An error occurred while loading the submitted data.", readErr)
} }
user, authData, submitErr := form.Submit() user, authData, submitErr := form.Submit()
@ -170,7 +170,7 @@ func (api *userApi) emailAuth(c echo.Context) error {
form := forms.NewUserEmailLogin(api.app) form := forms.NewUserEmailLogin(api.app)
if readErr := c.Bind(form); readErr != nil { if readErr := c.Bind(form); readErr != nil {
return rest.NewBadRequestError("An error occurred while reading the submitted data.", readErr) return rest.NewBadRequestError("An error occurred while loading the submitted data.", readErr)
} }
user, submitErr := form.Submit() user, submitErr := form.Submit()
@ -184,7 +184,7 @@ func (api *userApi) emailAuth(c echo.Context) error {
func (api *userApi) requestPasswordReset(c echo.Context) error { func (api *userApi) requestPasswordReset(c echo.Context) error {
form := forms.NewUserPasswordResetRequest(api.app) form := forms.NewUserPasswordResetRequest(api.app)
if err := c.Bind(form); err != nil { if err := c.Bind(form); err != nil {
return rest.NewBadRequestError("An error occurred while reading the submitted data.", err) return rest.NewBadRequestError("An error occurred while loading the submitted data.", err)
} }
if err := form.Validate(); err != nil { if err := form.Validate(); err != nil {
@ -205,7 +205,7 @@ func (api *userApi) requestPasswordReset(c echo.Context) error {
func (api *userApi) confirmPasswordReset(c echo.Context) error { func (api *userApi) confirmPasswordReset(c echo.Context) error {
form := forms.NewUserPasswordResetConfirm(api.app) form := forms.NewUserPasswordResetConfirm(api.app)
if readErr := c.Bind(form); readErr != nil { if readErr := c.Bind(form); readErr != nil {
return rest.NewBadRequestError("An error occurred while reading the submitted data.", readErr) return rest.NewBadRequestError("An error occurred while loading the submitted data.", readErr)
} }
user, submitErr := form.Submit() user, submitErr := form.Submit()
@ -224,7 +224,7 @@ func (api *userApi) requestEmailChange(c echo.Context) error {
form := forms.NewUserEmailChangeRequest(api.app, loggedUser) form := forms.NewUserEmailChangeRequest(api.app, loggedUser)
if err := c.Bind(form); err != nil { if err := c.Bind(form); err != nil {
return rest.NewBadRequestError("An error occurred while reading the submitted data.", err) return rest.NewBadRequestError("An error occurred while loading the submitted data.", err)
} }
if err := form.Submit(); err != nil { if err := form.Submit(); err != nil {
@ -237,7 +237,7 @@ func (api *userApi) requestEmailChange(c echo.Context) error {
func (api *userApi) confirmEmailChange(c echo.Context) error { func (api *userApi) confirmEmailChange(c echo.Context) error {
form := forms.NewUserEmailChangeConfirm(api.app) form := forms.NewUserEmailChangeConfirm(api.app)
if readErr := c.Bind(form); readErr != nil { if readErr := c.Bind(form); readErr != nil {
return rest.NewBadRequestError("An error occurred while reading the submitted data.", readErr) return rest.NewBadRequestError("An error occurred while loading the submitted data.", readErr)
} }
user, submitErr := form.Submit() user, submitErr := form.Submit()
@ -251,7 +251,7 @@ func (api *userApi) confirmEmailChange(c echo.Context) error {
func (api *userApi) requestVerification(c echo.Context) error { func (api *userApi) requestVerification(c echo.Context) error {
form := forms.NewUserVerificationRequest(api.app) form := forms.NewUserVerificationRequest(api.app)
if err := c.Bind(form); err != nil { if err := c.Bind(form); err != nil {
return rest.NewBadRequestError("An error occurred while reading the submitted data.", err) return rest.NewBadRequestError("An error occurred while loading the submitted data.", err)
} }
if err := form.Validate(); err != nil { if err := form.Validate(); err != nil {
@ -272,7 +272,7 @@ func (api *userApi) requestVerification(c echo.Context) error {
func (api *userApi) confirmVerification(c echo.Context) error { func (api *userApi) confirmVerification(c echo.Context) error {
form := forms.NewUserVerificationConfirm(api.app) form := forms.NewUserVerificationConfirm(api.app)
if readErr := c.Bind(form); readErr != nil { if readErr := c.Bind(form); readErr != nil {
return rest.NewBadRequestError("An error occurred while reading the submitted data.", readErr) return rest.NewBadRequestError("An error occurred while loading the submitted data.", readErr)
} }
user, submitErr := form.Submit() user, submitErr := form.Submit()