From 1cf9d719f0b8e27dc964ab61f277d322d1685a83 Mon Sep 17 00:00:00 2001 From: William Casarin Date: Thu, 3 Nov 2022 11:01:38 -0700 Subject: [PATCH] feat: look for proxied ip headers This enables support for using the proxied IP from cloudflare. The damus relay is behind cloudflare, so to get accurate remote ip logging we need to look at the headers instead of the socket address. Signed-off-by: William Casarin --- src/server.rs | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/src/server.rs b/src/server.rs index 5bddf66..7200f90 100644 --- a/src/server.rs +++ b/src/server.rs @@ -13,6 +13,7 @@ use crate::nip05; use crate::subscription::Subscription; use futures::SinkExt; use futures::StreamExt; +use http::header::HeaderMap; use hyper::header::ACCEPT; use hyper::service::{make_service_fn, service_fn}; use hyper::upgrade::Upgraded; @@ -85,7 +86,8 @@ async fn handle_web_request( ) .await; // spawn server with info... but include IP here. - let remote_ip = remote_addr.ip().to_string(); + let remote_ip = + get_remote_ip_string(&remote_addr, request.headers()); tokio::spawn(nostr_server( pool, remote_ip, settings, ws_stream, broadcast, event_tx, shutdown, @@ -151,6 +153,23 @@ async fn handle_web_request( } } +fn get_remote_ip_string(remote_addr: &SocketAddr, headers: &HeaderMap) -> String { + if let Some(ip) = get_cloudflare_remote_ip(headers) { + return ip; + } + + return remote_addr.ip().to_string(); +} + +fn get_cloudflare_remote_ip(headers: &HeaderMap) -> Option { + if let Some(val) = headers.get("CF-Connecting-IP") { + if let Ok(s) = val.to_str() { + return Some(s.to_string()); + } + } + return None; +} + // return on a control-c or internally requested shutdown signal async fn ctrl_c_or_signal(mut shutdown_signal: Receiver<()>) { let mut term_signal = tokio::signal::unix::signal(tokio::signal::unix::SignalKind::terminate())