wn/authservice
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

consider x-forwarded-for

Browse Source
This commit is contained in:
Wolfgang Hottgenroth
2021-09-12 14:17:43 +02:00
parent 0d698568d4
commit d521e146cf
1 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
auth.py
View File

@ -196,7 +196,10 @@ def generateToken(func, **args):
else: else:
raise KeyError("Neither application, login and password nor encAleTuple given") raise KeyError("Neither application, login and password nor encAleTuple given")
httpClientIp = request.remote_addr if request.headers.getlist("X-Forwarded-For"):
httpClientIp = request.headers.getlist("X-Forwarded-For")[0]
else:
httpClientIp = request.remote_addr
logger.debug(f"Tuple: {application} {login} {password} {httpClientIp}") logger.debug(f"Tuple: {application} {login} {password} {httpClientIp}")
@ -340,7 +343,10 @@ def refreshTokens(**args):
refreshTokenObj = jwt.decode(refreshToken, JWT_PUB_KEY) refreshTokenObj = jwt.decode(refreshToken, JWT_PUB_KEY)
logger.info(str(refreshTokenObj)) logger.info(str(refreshTokenObj))
httpClientIp = request.remote_addr if request.headers.getlist("X-Forwarded-For"):
httpClientIp = request.headers.getlist("X-Forwarded-For")[0]
else:
httpClientIp = request.remote_addr
if refreshTokenObj["exp"] < int(time.time()): if refreshTokenObj["exp"] < int(time.time()):
raise RefreshTokenExpiredException() raise RefreshTokenExpiredException()