upagge/noteshare.space
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: 🐛 log correct client host behind reverse proxy

Browse Source
This commit is contained in:
Maxime Cannoodt 2022-08-09 00:09:02 +02:00
parent ee65c839f0
commit ff6b45771e
2 changed files with 16 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
server/src/app.ts
View File

@ -52,6 +52,8 @@ app.use(bodyParser.json({ limit: "400k" }));
// Get encrypted note // Get encrypted note
app.get("/api/note/:id", getLimiter, (req: Request, res: Response, next) => { app.get("/api/note/:id", getLimiter, (req: Request, res: Response, next) => {
const ip = (req.headers["x-forwarded-for"] ||
req.socket.remoteAddress) as string;
prisma.encryptedNote prisma.encryptedNote
.findUnique({ .findUnique({
where: { id: req.params.id }, where: { id: req.params.id },
@ -60,7 +62,7 @@ app.get("/api/note/:id", getLimiter, (req: Request, res: Response, next) => {
if (note != null) { if (note != null) {
await EventLogger.readEvent({ await EventLogger.readEvent({
success: true, success: true,
host: req.hostname, host: ip,
note_id: note.id, note_id: note.id,
size_bytes: note.ciphertext.length + note.hmac.length, size_bytes: note.ciphertext.length + note.hmac.length,
}); });
@ -68,7 +70,7 @@ app.get("/api/note/:id", getLimiter, (req: Request, res: Response, next) => {
} else { } else {
await EventLogger.readEvent({ await EventLogger.readEvent({
success: false, success: false,
host: req.hostname, host: ip,
note_id: req.params.id, note_id: req.params.id,
error: "Note not found", error: "Note not found",
}); });
@ -78,7 +80,7 @@ app.get("/api/note/:id", getLimiter, (req: Request, res: Response, next) => {
.catch(async (err) => { .catch(async (err) => {
await EventLogger.readEvent({ await EventLogger.readEvent({
success: false, success: false,
host: req.hostname, host: ip,
note_id: req.params.id, note_id: req.params.id,
error: err.message, error: err.message,
}); });
@ -88,6 +90,8 @@ app.get("/api/note/:id", getLimiter, (req: Request, res: Response, next) => {
// Post new encrypted note // Post new encrypted note
app.post("/api/note/", postLimiter, (req: Request, res: Response, next) => { app.post("/api/note/", postLimiter, (req: Request, res: Response, next) => {
const ip = (req.headers["x-forwarded-for"] ||
req.socket.remoteAddress) as string;
const notePostRequest = new NotePostRequest(); const notePostRequest = new NotePostRequest();
Object.assign(notePostRequest, req.body); Object.assign(notePostRequest, req.body);
validateOrReject(notePostRequest).catch((err) => { validateOrReject(notePostRequest).catch((err) => {
@ -105,7 +109,7 @@ app.post("/api/note/", postLimiter, (req: Request, res: Response, next) => {
.then(async (savedNote) => { .then(async (savedNote) => {
await EventLogger.writeEvent({ await EventLogger.writeEvent({
success: true, success: true,
host: req.hostname, host: ip,
note_id: savedNote.id, note_id: savedNote.id,
size_bytes: savedNote.ciphertext.length + savedNote.hmac.length, size_bytes: savedNote.ciphertext.length + savedNote.hmac.length,
expire_window_days: EXPIRE_WINDOW_DAYS, expire_window_days: EXPIRE_WINDOW_DAYS,
@ -118,7 +122,7 @@ app.post("/api/note/", postLimiter, (req: Request, res: Response, next) => {
.catch(async (err) => { .catch(async (err) => {
await EventLogger.writeEvent({ await EventLogger.writeEvent({
success: false, success: false,
host: req.hostname, host: ip,
error: err.message, error: err.message,
}); });
next(err); next(err);

9
webapp/src/routes/note/[id].ts
View File

@ -1,9 +1,14 @@
import type { EncryptedNote } from '$lib/model/EncryptedNote'; import type { EncryptedNote } from '$lib/model/EncryptedNote';
import type { RequestHandler } from '@sveltejs/kit'; import type { RequestHandler } from '@sveltejs/kit';
export const get: RequestHandler = async ({ params }) => { export const get: RequestHandler = async ({ request, clientAddress, params }) => {
const ip = (request.headers.get('x-forwarded-for') || clientAddress) as string;
const url = `${import.meta.env.VITE_SERVER_INTERNAL}/api/note/${params.id}`; const url = `${import.meta.env.VITE_SERVER_INTERNAL}/api/note/${params.id}`;
const response = await fetch(url); const response = await fetch(url, {
headers: {
'x-forwarded-for': ip
}
});
if (response.ok) { if (response.ok) {
try { try {