jonathan/hostr
jonathan/hostr
1
0
Fork 0
Code Issues Pull requests 4 Projects Releases Packages 1 Wiki Activity Actions

Use the right header for remote IPs

Browse source
This commit is contained in:
Jonathan Cremin 2016-08-07 20:41:21 +01:00
parent 2c577cb7ae
commit ffa01ba586
5 changed files with 5 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

2
api/lib/auth.js
View file

@ -8,7 +8,7 @@ const badLoginMsg = '{"error": {"message": "Incorrect login details.", "code": 6
export default function* (next) {
let user = false;
const remoteIp = this.req.headers['x-real-ip'] || this.req.connection.remoteAddress;
const remoteIp = this.req.headers['x-forwarded-for'] || this.req.connection.remoteAddress;
const login = yield models.login.create({
ip: remoteIp,
successful: false,

2
api/routes/pro.js
View file

@ -14,7 +14,7 @@ const fromname = process.env.EMAIL_NAME;
export function* create() {
const stripeToken = this.request.body.stripeToken;
const ip = this.request.headers['x-real-ip'] || this.req.connection.remoteAddress;
const ip = this.request.headers['x-forwarded-for'] || this.req.connection.remoteAddress;
const createCustomer = {
card: stripeToken.id,

2
lib/uploader.js
View file

@ -24,7 +24,7 @@ export default class Uploader {
this.context = context;
this.expectedSize = context.request.headers['content-length'];
this.tempGuid = context.request.headers['hostr-guid'];
this.remoteIp = context.request.headers['x-real-ip'] || context.req.connection.remoteAddress;
this.remoteIp = context.request.headers['x-forwarded-for'] || context.req.connection.remoteAddress;
this.md5sum = crypto.createHash('md5');
this.lastPercent = 0;

2
web/lib/auth.js
View file

@ -14,7 +14,7 @@ const from = process.env.EMAIL_FROM;
const fromname = process.env.EMAIL_NAME;
export function* authenticate(email, password) {
const remoteIp = this.headers['x-real-ip'] || this.ip;
const remoteIp = this.headers['x-forwarded-for'] || this.ip;
if (!password || password.length < 6) {
debug('No password, or password too short');

2
web/routes/user.js
View file

@ -52,7 +52,7 @@ export function* signup() {
csrf: this.csrf });
return;
}
const ip = this.headers['x-real-ip'] || this.ip;
const ip = this.headers['x-forwarded-for'] || this.ip;
const email = this.request.body.email;
const password = this.request.body.password;
try {