From db93455b07c03fad48bd6f46b46c869a4a73ebaf Mon Sep 17 00:00:00 2001 From: Thomas Citharel Date: Thu, 27 Aug 2020 15:42:09 +0200 Subject: [PATCH] Fix getting remote IP behind reverse proxy Signed-off-by: Thomas Citharel --- config/config.exs | 3 ++- lib/web/auth/context.ex | 10 ++++++++-- lib/web/endpoint.ex | 6 ++++++ mix.exs | 1 + mix.lock | 1 + 5 files changed, 18 insertions(+), 3 deletions(-) diff --git a/config/config.exs b/config/config.exs index 07e8a5871..9f75a3205 100644 --- a/config/config.exs +++ b/config/config.exs @@ -48,7 +48,8 @@ config :mobilizon, Mobilizon.Web.Endpoint, secret_key_base: "1yOazsoE0Wqu4kXk3uC5gu3jDbShOimTCzyFL3OjCdBmOXMyHX87Qmf3+Tu9s0iM", render_errors: [view: Mobilizon.Web.ErrorView, accepts: ~w(html json)], pubsub_server: Mobilizon.PubSub, - cache_static_manifest: "priv/static/manifest.json" + cache_static_manifest: "priv/static/manifest.json", + has_reverse_proxy: true # Upload configuration config :mobilizon, Mobilizon.Web.Upload, diff --git a/lib/web/auth/context.ex b/lib/web/auth/context.ex index 18f054075..209afd8fa 100644 --- a/lib/web/auth/context.ex +++ b/lib/web/auth/context.ex @@ -12,8 +12,14 @@ defmodule Mobilizon.Web.Auth.Context do opts end - def call(conn, _) do - context = %{ip: to_string(:inet_parse.ntoa(conn.remote_ip))} + def call(%{assigns: %{ip: _}} = conn, _opts), do: conn + + def call(conn, _opts) do + set_user_and_ip_in_context(conn) + end + + def set_user_and_ip_in_context(conn) do + context = %{ip: conn.remote_ip |> :inet.ntoa() |> to_string()} context = case Guardian.Plug.current_resource(conn) do diff --git a/lib/web/endpoint.ex b/lib/web/endpoint.ex index 932f9b999..7d4ebd421 100644 --- a/lib/web/endpoint.ex +++ b/lib/web/endpoint.ex @@ -19,6 +19,12 @@ defmodule Mobilizon.Web.Endpoint do longpoll: false ) + endpoint_config = Application.get_env(:mobilizon, Mobilizon.Web.Endpoint) + + if Keyword.get(endpoint_config, :has_reverse_proxy, false) == true do + plug(RemoteIp) + end + plug(Mobilizon.Web.Plugs.UploadedMedia) # Serve at "/" the static files from "priv/static" directory. diff --git a/mix.exs b/mix.exs index 41cc45b1d..7ba01e834 100644 --- a/mix.exs +++ b/mix.exs @@ -134,6 +134,7 @@ defmodule Mobilizon.Mixfile do {:tesla, "~> 1.3.0"}, {:sitemapper, "~> 0.4.0"}, {:xml_builder, "~> 2.1.1", override: true}, + {:remote_ip, "~> 0.2.0"}, # Dev and test dependencies {:phoenix_live_reload, "~> 1.2", only: [:dev, :e2e]}, {:ex_machina, "~> 2.3", only: [:dev, :test]}, diff --git a/mix.lock b/mix.lock index 9b547867b..c79deffdb 100644 --- a/mix.lock +++ b/mix.lock @@ -117,6 +117,7 @@ "postgrex": {:hex, :postgrex, "0.15.5", "aec40306a622d459b01bff890fa42f1430dac61593b122754144ad9033a2152f", [:mix], [{:connection, "~> 1.0", [hex: :connection, repo: "hexpm", optional: false]}, {:db_connection, "~> 2.1", [hex: :db_connection, repo: "hexpm", optional: false]}, {:decimal, "~> 1.5", [hex: :decimal, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}], "hexpm", "ed90c81e1525f65a2ba2279dbcebf030d6d13328daa2f8088b9661eb9143af7f"}, "progress_bar": {:hex, :progress_bar, "2.0.0", "447285f533b4b8717881fdb7160c7360c2f2ab57276f8904ce6d40482857e573", [:mix], [{:decimal, "~> 1.0", [hex: :decimal, repo: "hexpm", optional: false]}], "hexpm", "9d8b879f322fd5563e8e7ec39f1d02a9da3ffc36019f05287788744e88260fde"}, "ranch": {:hex, :ranch, "1.7.1", "6b1fab51b49196860b733a49c07604465a47bdb78aa10c1c16a3d199f7f8c881", [:rebar3], [], "hexpm", "451d8527787df716d99dc36162fca05934915db0b6141bbdac2ea8d3c7afc7d7"}, + "remote_ip": {:hex, :remote_ip, "0.2.1", "cd27cd8ea54ecaaf3532776ff4c5e353b3804e710302e88c01eadeaaf42e7e24", [:mix], [{:combine, "~> 0.10", [hex: :combine, repo: "hexpm", optional: false]}, {:inet_cidr, "~> 1.0", [hex: :inet_cidr, repo: "hexpm", optional: false]}, {:plug, "~> 1.5", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm", "2e7ab1a461cc3cd5719f37e116a08f45c8b8493923063631b164315d6b7ee8e0"}, "rsa_ex": {:hex, :rsa_ex, "0.4.0", "e28dd7dc5236e156df434af0e4aa822384c8866c928e17b785d4edb7c253b558", [:mix], [], "hexpm", "40e1f08e8401da4be59a6dd0f4da30c42d5bb01703161f0208d839d97db27f4e"}, "shortuuid": {:hex, :shortuuid, "2.1.2", "14dbafdb2f6c7213fdfcc05c7572384b5051a7b1621170018ad4c05504bd96c1", [:mix], [], "hexpm", "d9b0c4f37500ea5199b6275ece872e213e9f45a015caf4aa777cec84f63ad353"}, "sitemapper": {:hex, :sitemapper, "0.4.0", "50061503ddc306aabcb984b377415961ff49696d70cd95081b20fa2a86f18ac4", [:mix], [{:ex_aws_s3, "~> 2.0", [hex: :ex_aws_s3, repo: "hexpm", optional: true]}, {:xml_builder, "~> 2.1.1", [hex: :xml_builder, repo: "hexpm", optional: false]}], "hexpm", "9bfe778635a6801e7762b185564df6a174d6016b15cbeaf50746e94ee55138c3"},