Use the RealIP middleware also behind a reverse proxy (#2858)

* Use the RealIP middleware only behind a reverse proxy * Fix proxy ip source in tests * Fix test for PR#2087 The PR did not update the test after changing the behavior, but the test still passed because another condition was preventing the user from being created in the test. * Use RealIP even without a trusted reverse proxy * Use own type for context key * Fix casing to follow go's conventions * Do not apply RealIP middleware twice * Fix IP source in logs The most interesting data point in the log message is the proxy's IP, but having the client IP too can help identify integration issues.
2025-04-03 20:47:35 +03:00 · 2024-04-26 02:43:58 +02:00 · 2024-04-26 02:43:58 +02:00 · 18143fa5a1
commit 18143fa5a1
parent 8f9ed1b994
5 changed files with 71 additions and 30 deletions
--- a/model/request/request.go
+++ b/model/request/request.go
@ -16,6 +16,7 @@ const (
 	Player         = contextKey("player")
 	Transcoding    = contextKey("transcoding")
 	ClientUniqueId = contextKey("clientUniqueId")
+	ReverseProxyIp = contextKey("reverseProxyIp")
 )

 func WithUser(ctx context.Context, u model.User) context.Context {
@ -46,6 +47,10 @@ func WithClientUniqueId(ctx context.Context, clientUniqueId string) context.Cont
 	return context.WithValue(ctx, ClientUniqueId, clientUniqueId)
 }

+func WithReverseProxyIp(ctx context.Context, reverseProxyIp string) context.Context {
+	return context.WithValue(ctx, ReverseProxyIp, reverseProxyIp)
+}
+
 func UserFrom(ctx context.Context) (model.User, bool) {
 	v, ok := ctx.Value(User).(model.User)
 	return v, ok
@ -80,3 +85,8 @@ func ClientUniqueIdFrom(ctx context.Context) (string, bool) {
 	v, ok := ctx.Value(ClientUniqueId).(string)
 	return v, ok
 }
+
+func ReverseProxyIpFrom(ctx context.Context) (string, bool) {
+	v, ok := ctx.Value(ReverseProxyIp).(string)
+	return v, ok
+}