-
Notifications
You must be signed in to change notification settings - Fork 21
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix GraphQL remote ip context using x-forwarded-for header if possible
- Loading branch information
1 parent
6aa3746
commit 790de1c
Showing
6 changed files
with
184 additions
and
46 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
defmodule ArchethicWeb.Plugs.RemoteIP do | ||
@moduledoc """ | ||
Get actual behind the reverse proxy IP address | ||
""" | ||
|
||
@behaviour Plug | ||
|
||
def init(opts), do: opts | ||
|
||
def call(conn, _) do | ||
conn | ||
|> Plug.Conn.get_req_header("x-forwarded-for") | ||
|> List.first() | ||
|> parse_ip(conn) | ||
end | ||
|
||
defp parse_ip(nil, conn), do: conn | ||
|
||
defp parse_ip(ip_list, conn) do | ||
ip_str = | ||
String.split(ip_list, ",") | ||
|> List.first() | ||
|> String.trim() | ||
|> String.to_charlist() | ||
|
||
case :inet.parse_address(ip_str) do | ||
{:ok, ip} -> Map.put(conn, :remote_ip, ip) | ||
_ -> conn | ||
end | ||
end | ||
end |
Submodule miniupnp
updated
4 files
+3 −1 | miniupnpd/Changelog.txt | |
+1 −1 | miniupnpd/VERSION | |
+4 −4 | miniupnpd/upnppermissions.h | |
+1 −1 | miniupnpd/upnpsoap.c |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
defmodule ArchethicWeb.Plugs.RemoteIPTest do | ||
use ArchethicWeb.ConnCase, async: true | ||
|
||
describe "Plug should get first x-forwarded remote ip " do | ||
test "should modify remote ip if x-forwarded header exists", %{conn: conn} do | ||
assert conn.remote_ip == {127, 0, 0, 1} | ||
|
||
conn = | ||
conn | ||
|> put_req_header("x-forwarded-for", "122.15.183.19,93.5.9.0") | ||
|
||
conn = ArchethicWeb.Plugs.RemoteIP.call(conn, []) | ||
|
||
assert conn.remote_ip == {122, 15, 183, 19} | ||
end | ||
|
||
test "should not modifiy remote ip if x-forwarded header is empty", %{conn: conn} do | ||
assert conn.remote_ip == {127, 0, 0, 1} | ||
|
||
conn = ArchethicWeb.Plugs.RemoteIP.call(conn, []) | ||
|
||
assert conn.remote_ip == {127, 0, 0, 1} | ||
end | ||
end | ||
end |