Added GET /remote/ip endpoint

This commit is contained in:
Lukas Metzger 2018-04-17 21:30:44 +02:00
parent 16a56184b8
commit b2cf655a88
6 changed files with 136 additions and 2 deletions

View File

@ -33,7 +33,8 @@ $defaultConfig = [
'OPT', 'PTR', 'RKEY', 'RP', 'RRSIG', 'SIG', 'SPF',
'SRV', 'TKEY', 'SSHFP', 'TLSA', 'TSIG', 'TXT', 'WKS', 'MBOXFW', 'URL'
]
]
],
'proxys' => []
];
if (file_exists('../config/ConfigOverride.php')) {

View File

@ -0,0 +1,30 @@
<?php
namespace Controllers;
require '../vendor/autoload.php';
use \Slim\Http\Request as Request;
use \Slim\Http\Response as Response;
class Remote
{
/** @var \Monolog\Logger */
private $logger;
/** @var \Slim\Container */
private $c;
public function __construct(\Slim\Container $c)
{
$this->logger = $c->logger;
$this->c = $c;
}
public function ip(Request $req, Response $res, array $args)
{
return $res->withJson([
'ip' => $req->getAttribute('clientIp')
], 200);
}
}

View File

@ -0,0 +1,53 @@
<?php
namespace Middlewares;
require '../vendor/autoload.php';
use \Slim\Http\Request as Request;
use \Slim\Http\Response as Response;
class ClientIp
{
/** @var \Monolog\Logger */
private $logger;
/** @var \Slim\Container */
private $container;
public function __construct(\Slim\Container $c)
{
$this->logger = $c->logger;
$this->container = $c;
}
public function __invoke(Request $req, Response $res, callable $next)
{
$proxys = $this->container['config']['proxys'];
$headerContent = $req->getHeaderLine('X-Forwarded-For');
if (strlen($headerContent) === 0) {
$ip = $_SERVER['REMOTE_ADDR'];
} else {
if (!in_array($_SERVER['REMOTE_ADDR'], $proxys)) { // Client is not trusted proxy
$ip = $_SERVER['REMOTE_ADDR'];
} else {
$parts = array_map('trim', explode(',', $headerContent));
$ip = $_SERVER['REMOTE_ADDR'];
for ($i = count($parts) - 1; $i >= 0; $i--) {
if (in_array($parts[$i], $proxys) && $i > 0) {
$ip = $parts[$i - 1];
} else {
break;
}
}
}
}
$req = $req->withAttribute('clientIp', $ip);
return $next($req, $res);
}
}

View File

@ -30,6 +30,8 @@ $app = new \Slim\App($container);
$app->group('/v1', function () {
$this->post('/sessions', '\Controllers\Sessions:post');
$this->get('/remote/ip', '\Controllers\Remote:ip');
$this->group('', function () {
$this->delete('/sessions/{sessionId}', '\Controllers\Sessions:delete');
@ -69,6 +71,7 @@ $app->group('/v1', function () {
// Add global middlewares
$app->add('\Middlewares\LogRequests');
$app->add('\Middlewares\RejectEmptyBody');
$app->add('\Middlewares\ClientIp');
// Run application
$app->run();

View File

@ -31,7 +31,8 @@ return [
'notindb' => '\$2y\$10\$z1dD1Q5u68l5iqEmqnOAVuoR5VWR77HUfxMUycJ9TdDG3H5dLZGVW'
]
]
]
],
'proxys' => ['127.0.0.1']
];
EOM
}

View File

@ -0,0 +1,46 @@
const test = require('../testlib');
test.run(async function () {
await test('admin', async function (assert, req) {
var res = await req({
url: '/remote/ip',
method: 'get'
});
assert.equal(res.status, 200);
assert.equal(res.data, { ip: '127.0.0.1' }, 'No proxy header should return tcp client ip.');
var res = await req({
url: '/remote/ip',
method: 'get',
headers: {
'X-Forwarded-For': '1.2.3.4, 127.0.0.1'
}
});
assert.equal(res.status, 200);
assert.equal(res.data, { ip: '1.2.3.4' }, 'X-Forwarded-For Test 1');
var res = await req({
url: '/remote/ip',
method: 'get',
headers: {
'X-Forwarded-For': '4.3.2.1, 1.2.3.4, 127.0.0.1'
}
});
assert.equal(res.status, 200);
assert.equal(res.data, { ip: '1.2.3.4' }, 'X-Forwarded-For Test 2');
var res = await req({
url: '/remote/ip',
method: 'get',
headers: {
'X-Forwarded-For': '4.3.2.1, 1.2.3.4'
}
});
assert.equal(res.status, 200);
assert.equal(res.data, { ip: '127.0.0.1' }, 'X-Forwarded-For Test 3');
});
});