mirror of
https://gitlab.com/comunic/comunicapiv3
synced 2024-11-24 06:19:21 +00:00
Use actix-remote-ip to identify remote IP address
This commit is contained in:
parent
087e1b2070
commit
0a9bd1f289
12
Cargo.lock
generated
12
Cargo.lock
generated
@ -154,6 +154,17 @@ dependencies = [
|
|||||||
"syn 2.0.41",
|
"syn 2.0.41",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "actix-remote-ip"
|
||||||
|
version = "0.1.0"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "7629b357d4705cf3f1e31f989f48ecd56027112f7d52dcf06dd96ee197065f8e"
|
||||||
|
dependencies = [
|
||||||
|
"actix-web",
|
||||||
|
"futures-util",
|
||||||
|
"log",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "actix-router"
|
name = "actix-router"
|
||||||
version = "0.5.1"
|
version = "0.5.1"
|
||||||
@ -900,6 +911,7 @@ dependencies = [
|
|||||||
"actix-files",
|
"actix-files",
|
||||||
"actix-http",
|
"actix-http",
|
||||||
"actix-multipart",
|
"actix-multipart",
|
||||||
|
"actix-remote-ip",
|
||||||
"actix-web",
|
"actix-web",
|
||||||
"actix-web-actors",
|
"actix-web-actors",
|
||||||
"async-recursion",
|
"async-recursion",
|
||||||
|
@ -14,6 +14,7 @@ actix-web = "4.4.0"
|
|||||||
actix-files = "0.6.2"
|
actix-files = "0.6.2"
|
||||||
actix-multipart = "0.6.1"
|
actix-multipart = "0.6.1"
|
||||||
actix-web-actors = "4.2.0"
|
actix-web-actors = "4.2.0"
|
||||||
|
actix-remote-ip = "0.1.0"
|
||||||
actix-http = "3.3.1"
|
actix-http = "3.3.1"
|
||||||
serde = { version = "1.0.163", features = ["derive"] }
|
serde = { version = "1.0.163", features = ["derive"] }
|
||||||
serde_json = "1.0.108"
|
serde_json = "1.0.108"
|
||||||
|
@ -1,4 +1,5 @@
|
|||||||
use actix_http::header::{HeaderName, HeaderValue};
|
use actix_http::header::{HeaderName, HeaderValue};
|
||||||
|
use actix_remote_ip::RemoteIP;
|
||||||
use std::collections::HashMap;
|
use std::collections::HashMap;
|
||||||
use std::str::FromStr;
|
use std::str::FromStr;
|
||||||
|
|
||||||
@ -15,7 +16,6 @@ use crate::data::error::{Res, ResultBoxError};
|
|||||||
use crate::data::user_token::UserAccessToken;
|
use crate::data::user_token::UserAccessToken;
|
||||||
use crate::helpers::{account_helper, admin_access_token_helper, api_helper};
|
use crate::helpers::{account_helper, admin_access_token_helper, api_helper};
|
||||||
use crate::routes::RequestResult;
|
use crate::routes::RequestResult;
|
||||||
use crate::utils::network_utils::match_ip;
|
|
||||||
|
|
||||||
/// Http request handler
|
/// Http request handler
|
||||||
///
|
///
|
||||||
@ -29,11 +29,16 @@ pub struct HttpRequestHandler {
|
|||||||
client: Option<APIClient>,
|
client: Option<APIClient>,
|
||||||
curr_user_token: Option<UserAccessToken>,
|
curr_user_token: Option<UserAccessToken>,
|
||||||
curr_admin_token: Option<AdminAccessToken>,
|
curr_admin_token: Option<AdminAccessToken>,
|
||||||
|
remote_ip: RemoteIP,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl HttpRequestHandler {
|
impl HttpRequestHandler {
|
||||||
/// Construct a new request handler
|
/// Construct a new request handler
|
||||||
pub fn new(req: HttpRequest, body: HashMap<String, RequestValue>) -> HttpRequestHandler {
|
pub fn new(
|
||||||
|
req: HttpRequest,
|
||||||
|
body: HashMap<String, RequestValue>,
|
||||||
|
remote_ip: RemoteIP,
|
||||||
|
) -> HttpRequestHandler {
|
||||||
HttpRequestHandler {
|
HttpRequestHandler {
|
||||||
request: req,
|
request: req,
|
||||||
body,
|
body,
|
||||||
@ -42,6 +47,7 @@ impl HttpRequestHandler {
|
|||||||
client: None,
|
client: None,
|
||||||
curr_user_token: None,
|
curr_user_token: None,
|
||||||
curr_admin_token: None,
|
curr_admin_token: None,
|
||||||
|
remote_ip,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -184,28 +190,7 @@ impl BaseRequestHandler for HttpRequestHandler {
|
|||||||
|
|
||||||
/// Get the remote IP address
|
/// Get the remote IP address
|
||||||
fn remote_ip(&self) -> String {
|
fn remote_ip(&self) -> String {
|
||||||
let mut ip = self.request.peer_addr().unwrap().ip().to_string();
|
self.remote_ip.0.to_string()
|
||||||
|
|
||||||
// We check if the request comes from a trusted reverse proxy
|
|
||||||
if let Some(proxy) = conf().proxy.as_ref() {
|
|
||||||
if match_ip(proxy, &ip) {
|
|
||||||
if let Some(header) = self.request.headers().get("X-Forwarded-For") {
|
|
||||||
let header: Vec<String> = header
|
|
||||||
.to_str()
|
|
||||||
.unwrap()
|
|
||||||
.to_string()
|
|
||||||
.split(",")
|
|
||||||
.map(|f| f.to_string())
|
|
||||||
.collect();
|
|
||||||
|
|
||||||
if header.len() > 0 {
|
|
||||||
ip = header[0].to_string();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
ip
|
|
||||||
}
|
}
|
||||||
|
|
||||||
fn user_access_token(&self) -> Option<&UserAccessToken> {
|
fn user_access_token(&self) -> Option<&UserAccessToken> {
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
use actix_remote_ip::{RemoteIP, RemoteIPConfig};
|
||||||
use std::collections::HashMap;
|
use std::collections::HashMap;
|
||||||
use std::pin::Pin;
|
use std::pin::Pin;
|
||||||
|
|
||||||
@ -252,7 +253,7 @@ async fn process_simple_route(route: &Route, req: &mut HttpRequestHandler) -> Re
|
|||||||
}
|
}
|
||||||
|
|
||||||
/// Process an incoming request
|
/// Process an incoming request
|
||||||
async fn process_request(custom_req: CustomRequest) -> HttpResponse {
|
async fn process_request(custom_req: CustomRequest, remote_ip: RemoteIP) -> HttpResponse {
|
||||||
let req = &custom_req.req;
|
let req = &custom_req.req;
|
||||||
let (route, _) = find_route(&req.uri().to_string(), None).await;
|
let (route, _) = find_route(&req.uri().to_string(), None).await;
|
||||||
|
|
||||||
@ -274,7 +275,7 @@ async fn process_request(custom_req: CustomRequest) -> HttpResponse {
|
|||||||
requests_limit_helper::clean_cache().unwrap();
|
requests_limit_helper::clean_cache().unwrap();
|
||||||
|
|
||||||
// Execute the request
|
// Execute the request
|
||||||
let mut request = HttpRequestHandler::new(custom_req.req, custom_req.body);
|
let mut request = HttpRequestHandler::new(custom_req.req, custom_req.body, remote_ip);
|
||||||
|
|
||||||
match process_simple_route(&route, &mut request).await {
|
match process_simple_route(&route, &mut request).await {
|
||||||
// Set default error response if required
|
// Set default error response if required
|
||||||
@ -357,6 +358,8 @@ pub fn start_server(conf: &Config) -> std::io::Result<()> {
|
|||||||
|
|
||||||
let serve_storage_file = conf.serve_storage_file;
|
let serve_storage_file = conf.serve_storage_file;
|
||||||
|
|
||||||
|
let proxy = conf.proxy.clone();
|
||||||
|
|
||||||
let server = HttpServer::new(move || {
|
let server = HttpServer::new(move || {
|
||||||
let mut app = App::new();
|
let mut app = App::new();
|
||||||
|
|
||||||
@ -367,8 +370,13 @@ pub fn start_server(conf: &Config) -> std::io::Result<()> {
|
|||||||
));
|
));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
app
|
||||||
|
// Remote IP configuration
|
||||||
|
.app_data(web::Data::new(RemoteIPConfig {
|
||||||
|
proxy: proxy.clone(),
|
||||||
|
}))
|
||||||
// User WebSocket route
|
// User WebSocket route
|
||||||
app.service(actix_web::web::resource("/ws").to(user_ws_controller::ws_route))
|
.service(actix_web::web::resource("/ws").to(user_ws_controller::ws_route))
|
||||||
// RTC Relay WebSocket route
|
// RTC Relay WebSocket route
|
||||||
.service(actix_web::web::resource("/rtc_proxy/ws").to(rtc_relay_controller::open_ws))
|
.service(actix_web::web::resource("/rtc_proxy/ws").to(rtc_relay_controller::open_ws))
|
||||||
// Option
|
// Option
|
||||||
|
Loading…
Reference in New Issue
Block a user