diff options
| author |  Frédéric Guillot <fred@miniflux.net> | 2018-09-09 15:15:14 -0700 |
|---|---|---|
| committer | Frédéric Guillot <fred@miniflux.net> | 2018-09-09 15:15:14 -0700 |
| commit | c9f9dd3262b9f8437981f92fac100e508e3c3bcd (patch) | |
| tree | 16a08ddab87276c6cad972311aa2cfb78843557e /middleware | |
| parent | c1e1506720e3c8b4e8782da9ff73ce1c57ce71a5 (diff) | |
Store client IP address in request context
Diffstat (limited to 'middleware')
| -rw-r--r-- | middleware/basic_auth.go | 7 | ||||
| -rw-r--r-- | middleware/client_ip.go | 21 | ||||
| -rw-r--r-- | middleware/logging.go | 2 |
3 files changed, 25 insertions, 5 deletions
diff --git a/middleware/basic_auth.go b/middleware/basic_auth.go index bd8402a..5a7204c 100644 --- a/middleware/basic_auth.go +++ b/middleware/basic_auth.go @@ -18,8 +18,7 @@ func (m *Middleware) BasicAuth(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) - remoteAddr := request.RealIP(r) - + clientIP := request.ClientIP(r) username, password, authOK := r.BasicAuth() if !authOK { logger.Debug("[Middleware:BasicAuth] No authentication headers sent") @@ -28,7 +27,7 @@ func (m *Middleware) BasicAuth(next http.Handler) http.Handler { } if err := m.store.CheckPassword(username, password); err != nil { - logger.Error("[Middleware:BasicAuth] [Remote=%v] Invalid username or password: %s", remoteAddr, username) + logger.Error("[Middleware:BasicAuth] [ClientIP=%s] Invalid username or password: %s", clientIP, username) json.Unauthorized(w) return } @@ -41,7 +40,7 @@ func (m *Middleware) BasicAuth(next http.Handler) http.Handler { } if user == nil { - logger.Error("[Middleware:BasicAuth] [Remote=%v] User not found: %s", remoteAddr, username) + logger.Error("[Middleware:BasicAuth] [ClientIP=%s] User not found: %s", clientIP, username) json.Unauthorized(w) return } diff --git a/middleware/client_ip.go b/middleware/client_ip.go new file mode 100644 index 0000000..853fcc9 --- /dev/null +++ b/middleware/client_ip.go @@ -0,0 +1,21 @@ +// Copyright 2018 Frédéric Guillot. All rights reserved. +// Use of this source code is governed by the Apache 2.0 +// license that can be found in the LICENSE file. + +package middleware // import "miniflux.app/middleware" + +import ( + "context" + "net/http" + + "miniflux.app/http/request" +) + +// ClientIP stores in the real client IP address in the context. +func (m *Middleware) ClientIP(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + ctx := r.Context() + ctx = context.WithValue(ctx, request.ClientIPContextKey, request.FindClientIP(r)) + next.ServeHTTP(w, r.WithContext(ctx)) + }) +} diff --git a/middleware/logging.go b/middleware/logging.go index 2e78ea8..fdf1ce3 100644 --- a/middleware/logging.go +++ b/middleware/logging.go @@ -14,7 +14,7 @@ import ( // Logging logs the HTTP request. func (m *Middleware) Logging(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - logger.Debug("[HTTP] %s %s %s", request.RealIP(r), r.Method, r.RequestURI) + logger.Debug("[HTTP] %s %s %s", request.ClientIP(r), r.Method, r.RequestURI) next.ServeHTTP(w, r) }) } |