IlyaSobolev/DocSpace-buildtools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

backend: using RemoteIpAddress method for get a client ip

Browse Source
This commit is contained in:
Alexey Bannov 2023-04-20 18:24:31 +03:00
parent 51c3a3cac1
commit 1711004cfb
10 changed files with 18 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
common/ASC.Common/Utils/HttpRequestExtensions.cs
View File

@ -179,11 +179,6 @@ public static class HttpRequestExtensions
return !string.IsNullOrEmpty(request.Headers[HeaderNames.UserAgent]) && (request.Headers[HeaderNames.UserAgent].Contains("iOS") || request.Headers[HeaderNames.UserAgent].Contains("Android"));
}
public static string GetUserHostAddress(this HttpRequest request)
{
return request.HttpContext.Features.Get<IHttpConnectionFeature>()?.RemoteIpAddress?.ToString();
}
private static Uri ParseRewriterUrl(string s)
{
if (string.IsNullOrEmpty(s))

4
common/ASC.Core.Common/Context/SecurityContext.cs
View File

@ -111,7 +111,7 @@ public class SecurityContext
ArgumentNullException.ThrowIfNull(request);
ipFrom = "from " + (request.Headers["X-Forwarded-For"].ToString() ?? request.GetUserHostAddress());
ipFrom = "from " + _httpContextAccessor?.HttpContext.Connection.RemoteIpAddress;
address = "for " + request.GetUrlRewriter();
}
_logger.InformationEmptyBearer(ipFrom, address);
@ -127,7 +127,7 @@ public class SecurityContext
ArgumentNullException.ThrowIfNull(request);
address = "for " + request.GetUrlRewriter();
ipFrom = "from " + (request.Headers["X-Forwarded-For"].ToString() ?? request.GetUserHostAddress());
ipFrom = "from " + _httpContextAccessor?.HttpContext.Connection.RemoteIpAddress;
}
_logger.WarningCanNotDecrypt(cookie, ipFrom, address);

9
common/ASC.Core.Common/GeolocationHelper.cs
View File

@ -78,10 +78,13 @@ public class GeolocationHelper
{
if (_httpContextAccessor.HttpContext?.Request != null)
{
var ip = (string)(_httpContextAccessor.HttpContext.Items["X-Forwarded-For"] ?? _httpContextAccessor.HttpContext.Items["REMOTE_ADDR"]);
if (!string.IsNullOrWhiteSpace(ip))
var ip = _httpContextAccessor.HttpContext.Connection.RemoteIpAddress;
if (ip != IPAddress.Loopback)
{
return GetIPGeolocation(ip);
_logger.DebugRemoteIpAddress(ip.ToString());
return GetIPGeolocation(ip.ToString());
}
}

3
common/ASC.Core.Common/Log/GeolocationHelperLogger.cs
View File

@ -27,6 +27,9 @@
namespace ASC.Core.Common.Log;
internal static partial class GeolocationHelperLogger
{
[LoggerMessage(Level = LogLevel.Error, Message = "This is remote ip address {remoteIp}")]
public static partial void DebugRemoteIpAddress(this ILogger<GeolocationHelper> logger, string remoteIp);
[LoggerMessage(Level = LogLevel.Error, Message = "GetIPGeolocation")]
public static partial void ErrorGetIPGeolocation(this ILogger<GeolocationHelper> logger, Exception exception);

3
common/ASC.Core.Common/Security/Authentication/CookieStorage.cs
View File

@ -166,8 +166,7 @@ public class CookieStorage
{
if (_httpContext?.Request != null)
{
var forwarded = _httpContext.Request.Headers["X-Forwarded-For"].ToString();
data = string.IsNullOrEmpty(forwarded) ? _httpContext.Request.GetUserHostAddress() : forwarded.Split(':')[0];
data = _httpContext.Connection.RemoteIpAddress.ToString();
}
}
catch { }

2
common/ASC.IPSecurity/Utils/IPSecurity.cs
View File

@ -98,7 +98,7 @@ public class IPSecurity
if (string.IsNullOrWhiteSpace(requestIps))
{
var request = _httpContextAccessor.HttpContext.Request;
requestIps = request.Headers["X-Forwarded-For"].FirstOrDefault() ?? request.GetUserHostAddress();
requestIps = _httpContextAccessor.HttpContext.Connection.RemoteIpAddress.ToString();
}
var ips = string.IsNullOrWhiteSpace(requestIps)

6
common/ASC.MessagingSystem/Core/MessageSettings.cs
View File

@ -77,11 +77,7 @@ public class MessageSettings
{
if (request != null)
{
var str = request.Headers[ForwardedHeader].FirstOrDefault() ?? request.GetUserHostAddress();
if (str != null)
{
return str.Substring(0, str.IndexOf(':') != -1 ? str.IndexOf(':') : str.Length);
}
return request.HttpContext.Connection.RemoteIpAddress.ToString();
}
return null;
}

2
products/ASC.People/Server/Api/UserController.cs
View File

@ -1251,7 +1251,7 @@ public class UserController : PeopleControllerBase
if (!SetupInfo.IsSecretEmail(inDto.Email)
&& !string.IsNullOrEmpty(_setupInfo.RecaptchaPublicKey) && !string.IsNullOrEmpty(_setupInfo.RecaptchaPrivateKey))
{
var ip = Request.Headers["X-Forwarded-For"].ToString() ?? Request.GetUserHostAddress();
var ip = _httpContextAccessor.HttpContext?.Connection.RemoteIpAddress.ToString();
if (string.IsNullOrEmpty(inDto.RecaptchaResponse)
|| !await _recaptcha.ValidateRecaptchaAsync(inDto.RecaptchaResponse, ip))

3
web/ASC.Web.Api/Api/PaymentsController.cs
View File

@ -179,7 +179,8 @@ public class PaymentController : ControllerBase
internal void CheckCache(string basekey)
{
var key = _httpContextAccessor.HttpContext.Request.GetUserHostAddress() + basekey;
var key = _httpContextAccessor.HttpContext.Connection.RemoteIpAddress.ToString() + basekey;
if (_memoryCache.TryGetValue<int>(key, out var count))
{
if (count > _maxCount)

2
web/ASC.Web.Api/Api/Settings/BaseSettingsController.cs
View File

@ -55,7 +55,7 @@ public partial class BaseSettingsController : ControllerBase
internal void CheckCache(string basekey)
{
var key = _httpContextAccessor.HttpContext.Request.GetUserHostAddress() + basekey;
var key = _httpContextAccessor.HttpContext.Connection.RemoteIpAddress.ToString() + basekey;
if (MemoryCache.TryGetValue<int>(key, out var count))
{
if (count > _maxCount)