mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2025-01-10 12:12:44 +01:00
Config option for client IP header
This commit is contained in:
parent
e274af6e3d
commit
88c56de97b
3 changed files with 29 additions and 6 deletions
|
@ -21,6 +21,10 @@
|
||||||
## Automatically reload the templates for every request, slow, use only for development
|
## Automatically reload the templates for every request, slow, use only for development
|
||||||
# RELOAD_TEMPLATES=false
|
# RELOAD_TEMPLATES=false
|
||||||
|
|
||||||
|
## Client IP Header, used to identify the IP of the client, defaults to "X-Client-IP"
|
||||||
|
## Set to the string "none" (without quotes), to disable any headers and just use the remote IP
|
||||||
|
# IP_HEADER=X-Client-IP
|
||||||
|
|
||||||
## Cache time-to-live for successfully obtained icons, in seconds (0 is "forever")
|
## Cache time-to-live for successfully obtained icons, in seconds (0 is "forever")
|
||||||
# ICON_CACHE_TTL=2592000
|
# ICON_CACHE_TTL=2592000
|
||||||
## Cache time-to-live for icons which weren't available, in seconds (0 is "forever")
|
## Cache time-to-live for icons which weren't available, in seconds (0 is "forever")
|
||||||
|
|
17
src/auth.rs
17
src/auth.rs
|
@ -426,12 +426,21 @@ pub struct ClientIp {
|
||||||
impl<'a, 'r> FromRequest<'a, 'r> for ClientIp {
|
impl<'a, 'r> FromRequest<'a, 'r> for ClientIp {
|
||||||
type Error = ();
|
type Error = ();
|
||||||
|
|
||||||
fn from_request(request: &'a Request<'r>) -> request::Outcome<Self, Self::Error> {
|
fn from_request(req: &'a Request<'r>) -> request::Outcome<Self, Self::Error> {
|
||||||
let ip = match request.client_ip() {
|
let ip = if CONFIG._ip_header_enabled() {
|
||||||
Some(addr) => addr,
|
req.headers().get_one(&CONFIG.ip_header()).and_then(|ip| {
|
||||||
None => "0.0.0.0".parse().unwrap(),
|
ip.parse()
|
||||||
|
.map_err(|_| warn_!("'{}' header is malformed: {}", CONFIG.ip_header(), ip))
|
||||||
|
.ok()
|
||||||
|
})
|
||||||
|
} else {
|
||||||
|
None
|
||||||
};
|
};
|
||||||
|
|
||||||
|
let ip = ip
|
||||||
|
.or_else(|| req.remote().map(|r| r.ip()))
|
||||||
|
.unwrap_or_else(|| "0.0.0.0".parse().unwrap());
|
||||||
|
|
||||||
Outcome::Success(ClientIp { ip })
|
Outcome::Success(ClientIp { ip })
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -185,19 +185,24 @@ macro_rules! make_config {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}};
|
}};
|
||||||
|
( @build $value:expr, $config:expr, gen, $default_fn:expr ) => {{
|
||||||
|
let f: &dyn Fn(&ConfigItems) -> _ = &$default_fn;
|
||||||
|
f($config)
|
||||||
|
}};
|
||||||
}
|
}
|
||||||
|
|
||||||
//STRUCTURE:
|
//STRUCTURE:
|
||||||
// /// Short description (without this they won't appear on the list)
|
// /// Short description (without this they won't appear on the list)
|
||||||
// group {
|
// group {
|
||||||
// /// Friendly Name |> Description (Optional)
|
// /// Friendly Name |> Description (Optional)
|
||||||
// name: type, is_editable, none_action, <default_value (Optional)>
|
// name: type, is_editable, action, <default_value (Optional)>
|
||||||
// }
|
// }
|
||||||
//
|
//
|
||||||
// Where none_action applied when the value wasn't provided and can be:
|
// Where action applied when the value wasn't provided and can be:
|
||||||
// def: Use a default value
|
// def: Use a default value
|
||||||
// auto: Value is auto generated based on other values
|
// auto: Value is auto generated based on other values
|
||||||
// option: Value is optional
|
// option: Value is optional
|
||||||
|
// gen: Value is always autogenerated and it's original value ignored
|
||||||
make_config! {
|
make_config! {
|
||||||
folders {
|
folders {
|
||||||
/// Data folder |> Main data folder
|
/// Data folder |> Main data folder
|
||||||
|
@ -266,6 +271,11 @@ make_config! {
|
||||||
|
|
||||||
/// Advanced settings
|
/// Advanced settings
|
||||||
advanced {
|
advanced {
|
||||||
|
/// Client IP header |> If not present, the remote IP is used.
|
||||||
|
/// Set to the string "none" (without quotes), to disable any headers and just use the remote IP
|
||||||
|
ip_header: String, true, def, "X-Real-IP".to_string();
|
||||||
|
/// Internal IP header property, used to avoid recomputing each time
|
||||||
|
_ip_header_enabled: bool, false, gen, |c| &c.ip_header.trim().to_lowercase() != "none";
|
||||||
/// Positive icon cache expiry |> Number of seconds to consider that an already cached icon is fresh. After this period, the icon will be redownloaded
|
/// Positive icon cache expiry |> Number of seconds to consider that an already cached icon is fresh. After this period, the icon will be redownloaded
|
||||||
icon_cache_ttl: u64, true, def, 2_592_000;
|
icon_cache_ttl: u64, true, def, 2_592_000;
|
||||||
/// Negative icon cache expiry |> Number of seconds before trying to download an icon that failed again.
|
/// Negative icon cache expiry |> Number of seconds before trying to download an icon that failed again.
|
||||||
|
|
Loading…
Reference in a new issue