feat: optional real-ip middleware
All checks were successful
Cadoles/bouncer/pipeline/pr-develop This commit looks good
All checks were successful
Cadoles/bouncer/pipeline/pr-develop This commit looks good
This commit is contained in:
parent
e6f18e7cd8
commit
60487c11d6
@ -9,6 +9,7 @@ import (
|
||||
|
||||
"forge.cadoles.com/cadoles/bouncer/internal/auth"
|
||||
"forge.cadoles.com/cadoles/bouncer/internal/auth/jwt"
|
||||
bouncerChi "forge.cadoles.com/cadoles/bouncer/internal/chi"
|
||||
"forge.cadoles.com/cadoles/bouncer/internal/config"
|
||||
"forge.cadoles.com/cadoles/bouncer/internal/jwk"
|
||||
"forge.cadoles.com/cadoles/bouncer/internal/store"
|
||||
@ -91,7 +92,11 @@ func (s *Server) run(parentCtx context.Context, addrs chan net.Addr, errs chan e
|
||||
|
||||
router := chi.NewRouter()
|
||||
|
||||
router.Use(middleware.Logger)
|
||||
if s.serverConfig.HTTP.UseRealIP {
|
||||
router.Use(middleware.RealIP)
|
||||
}
|
||||
|
||||
router.Use(middleware.RequestLogger(bouncerChi.NewLogFormatter()))
|
||||
|
||||
if s.serverConfig.Sentry.DSN != "" {
|
||||
logger.Info(ctx, "enabling sentry http middleware")
|
||||
|
@ -1,13 +1,15 @@
|
||||
package config
|
||||
|
||||
type HTTPConfig struct {
|
||||
Host InterpolatedString `yaml:"host"`
|
||||
Port InterpolatedInt `yaml:"port"`
|
||||
Host InterpolatedString `yaml:"host"`
|
||||
Port InterpolatedInt `yaml:"port"`
|
||||
UseRealIP InterpolatedBool `yaml:"useRealIP"`
|
||||
}
|
||||
|
||||
func NewHTTPConfig(host string, port int) HTTPConfig {
|
||||
return HTTPConfig{
|
||||
Host: InterpolatedString(host),
|
||||
Port: InterpolatedInt(port),
|
||||
Host: InterpolatedString(host),
|
||||
Port: InterpolatedInt(port),
|
||||
UseRealIP: true,
|
||||
}
|
||||
}
|
||||
|
@ -89,6 +89,10 @@ func (s *Server) run(parentCtx context.Context, addrs chan net.Addr, errs chan e
|
||||
s.directorLayers...,
|
||||
)
|
||||
|
||||
if s.serverConfig.HTTP.UseRealIP {
|
||||
router.Use(middleware.RealIP)
|
||||
}
|
||||
|
||||
router.Use(middleware.RequestLogger(bouncerChi.NewLogFormatter()))
|
||||
|
||||
if s.serverConfig.Sentry.DSN != "" {
|
||||
|
@ -6,6 +6,9 @@ admin:
|
||||
host: 127.0.0.1
|
||||
# Port d'écoute du service
|
||||
port: 8081
|
||||
# Utiliser les entêtes HTTP True-Client-IP, X-Real-IP ou X-Forwarded-For
|
||||
# pour le calcul de l'adresse distante à l'origine des requêtes
|
||||
useRealIP: true
|
||||
|
||||
# Configuration CORS du service
|
||||
# Uniquement nécessaire si un frontend web
|
||||
@ -73,6 +76,9 @@ proxy:
|
||||
host: 0.0.0.0
|
||||
# Port d'écoute du service
|
||||
port: 8080
|
||||
# Utiliser les entêtes HTTP True-Client-IP, X-Real-IP ou X-Forwarded-For
|
||||
# pour le calcul de l'adresse distante à l'origine des requêtes
|
||||
useRealIP: true
|
||||
|
||||
# Métriques Prometheus
|
||||
metrics:
|
||||
|
Loading…
Reference in New Issue
Block a user